A simple Python script which patches Android APK file to bypass SSL-pinning.
- Python3
- Java
git clone https://github.com/ryanking13/android-SSL-unpinning
cd android-SSL-unpinning
python patch.py com.apk.file.to.patch.apk
- Decompile the APK file using APKtool
- Modify
AndroidManifest.xml
andnetwork_security_config.xml
to trust user certificate - Recompile the APK file using APKtool
- Sign the APK file using uber-apk-signer