Introduction
In this series, you will learn how to proxy HTTP/HTTPS traffic generated by Android devices.
At a high-level, this process involves:
- Establishing a connection between the device and your computer running Caido.
- Configuring Wi-Fi proxy settings.
- Port forwarding device traffic to Caido.
However, the exact steps to accomplish this differs between physical/virtual devices and specific applications.
As is the case with other clients, in order to proxy encrypted HTTPS traffic, Caido's CA certificate must be added as a trusted credential. Android devices store certificates in two separate partitions:
System: Stores pre-installed Root and Intermediary CA certificates.
User: Stores certificates added by users.
Certain applications will trust User certificates, while others only trust System certificates.
Additionally, some applications implement security measures directly in the application code to prevent communication with unintended servers. If an application is protected in such a manner, modifications to the application package must be made in order to proxy traffic.
The tutorials in this series provide step-by-step instructions across physical and virtual device setups to account for these scenarios.
WARNING
For physical devices, adding a certificate to the System partition requires the device to be rooted and is beyond the scope of this series.
If you choose to attempt to root your physical device/add Caido's CA certificate to the System partition - Caido is not liable for any malfunctions, failures, damages, loss/theft of data, or other technical issues that may occur. Proceed at your own risk.