Skip to content
All Skills

Performing Mobile App Certificate Pinning Bypass

Bypasses SSL/TLS certificate pinning implementations in Android and iOS applications to enable traffic interception during authorized security assessments. Covers OkHttp, TrustManager, NSURLSession, and third-party pinning library bypass techniques using Frida, Objection, and custom scripts. Activates for requests involving certificate pinning bypass, SSL pinning defeat, mobile TLS interception, or proxy-resistant app testing.

Security & Compliance|v1|Updated 7/2/2026|GitHub source
MCP get_skill({ skillId: "performing-mobile-app-certificate-pinning-bypass-07e145fe" })

Use this skill with your agent

Create a free account and connect via MCP

Get Started Free
# Performing Mobile App Certificate Pinning Bypass

## When to Use

Use this skill when:
- Mobile app refuses connections through a proxy due to certificate pinning
- Performing authorized security testing requiring HTTPS traffic interception
- Assessing the strength and bypass difficulty of pinning implementations
- Evaluating defense-in-depth of mobile app network security

**Do not use** to bypass pinning on apps without explicit testing authorization.

## Prerequisites

- Burp Suite configured as proxy with listener on all interfaces
- Rooted Android device or jailbroken iOS device
- Frida server running on target device
- Objection installed (`pip install objection`)
- Target app installed and reproducing the pinning behavior

## Workflow

### Step 1: Identify Pinning Implementation

**Android pinning methods to identify:**
```
1. Network Security Config (res/xml/network_security_config.xml)
   <pin-set> with certificate hash pins

2. OkHttp CertificatePinner
   CertificatePinner.Builder().add("api.target.com", "sha256/...")

3. Custom TrustManager
   X509TrustManager overrides in code

4. Third-party libraries
   - TrustKit
   - Certificate Transparency checks
```

**iOS pinning methods:**
```
1. NSURLSession delegate (URLSession:didReceiveChallenge:)
2. ATS (App Transport Security) with custom trust evaluation
3. TrustKit framework
4. Alamofire ServerTrustPolicy
5. Custom SecTrust evaluation
```

### Step 2: Bypass with Objection (Quickest Approach)

Continue reading

Sign up for a free account to view the full skill content

Login / Register
#mukul-cybersecurity-skills#security#cybersecurity#applicationandroidiosfridaobjectionburp-suite
Performing Mobile App Certificate Pinning Bypass - AgentArmory Skill — AgentArmory