Eavesdrop Like a Pro: The Untold Techniques for Eavesdropping on Mobile Apps

Have you ever tried to eavesdrop on HTTP traffic from a mobile app using an unconventional network stack or an app written in Flutter? If you want to learn how to do it effectively, join my presentation. I will explain and compare four techniques for intercepting HTTP traffic from mobile apps: a simple proxy, DNS cloaking, using iptables, and my own idea of using a debugger to redirect packets.

I will demonstrate this on iOS mobile devices, but the techniques can easily be applied to Android and desktop platforms as well.

During the presentation, I will not cover the SSL-pinning mechanism at all.