Discover and read the best of Twitter Threads about #SSLPinning

Most recents (1)

Okay folks, let's talk about bypassing #SSLPinning in #Android applications.

It's going to be a bit long Twitter 🧵
First, let's talk about SSL Pinning.

It's "pinning" some content of your website's public SSL certificate to your Android app.

It can be hash from your leaf cert, intermediate CA or even root CA.
SSL Pinning makes sure that the your Android app is talking to your server over HTTPS.

If you pin the hash of leaf cert, it mitigates your app connecting to any other HTTPS server whose SSL cert is issued by a CA that the device trusts.
Read 16 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!