![]() ![]() perhaps this illustration will give you a clear picture of a proxy server He must be hiding behind a proxy" that means the hacker is using a proxy server to cover up his identity. ![]() If you ever watched a movie where a hacker hacks a computer system and the security team says, "We can't locate him. What is Proxy Serverįirst, what is a proxy server? Taken from Wikipedia page, a proxy server is a server application or appliance that acts as an intermediary for requests from clients seeking resources from servers that provide those resources.Ī proxy server is widely known for its function to hide the client's true identity (IP address, location, etc) from the server. □ Note that this tutorial only compatible with a Unix-based operating system (Mac/Linux). It lets you listen to http/https events and do your magic there, such as modifying the request/response headers, payload, etc without pausing it which usually ends up with connection timeout like most of the local proxy server app do. The biggest selling point for me is that mitmproxy lets you create a Python script. ![]() I prefer to see them side by side.īut why mitmproxy instead of the other? Well, because it's free and comes with tons of features. But I don't like to switch back and forth between the app process to see the network traffic log. For example, I know it's a lot easier to implement the 3rd party library to do the job, and you don't have to set up the client's network certificate and fire up the proxy server. There are some pros and cons of course, among the method you choose. Why? It usually comes with a lot of debugging capability, such as modifying responses, throttling, etc to test several cases without recompiling the app and making me less dependent to the back-end. Using a local proxy server such as Charles, Fiddler, and the one that I am going to talk about mitmproxy.Under the hood, chucker also use an interceptor, but they provide a friendly GUI page and some additional features to ease you to inspect the traffic instead of reading it from the Logcat. Using 3rd party library like chucker to do the job.Adding interceptor on the client and log the request and response to the Logcat.There are several ways I know to inspect the network traffic in an Android application: When developing an Android application with network activity such as requesting a resource to a remote endpoint, I usually like to inspect the client requests and the server responses to identify what is being sent and given. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |