Automatic certificate unpinning for Android apps

Antoine Neuenschwander

Last update: Jul 28, 2021

Related tags

Miscellaneous certunpinner

Overview

What is this?

Script used to perform automatic certificate unpinning of an APK by adding a custom network security configuration that permits user-added CA certificates.

Prerequisites

Apktool
Android Debug Bridge (adb), get it from the SDK platform tools or bundled with Android Studio
keytool and jarsigner, get them with the latest Java Development Kit (jdk)

Usage

$ python3 certunpinner.py --help
usage: certunpinner.py [-h] [--path-apktool PATH_APKTOOL] [--path-adb PATH_ADB] [--path-keytool PATH_KEYTOOL]
                       [--path-jarsigner PATH_JARSIGNER] [--outfile OUTFILE]
                       apkfile

Certificate Unpinner

positional arguments:
  apkfile               Path to the APK file

optional arguments:
  -h, --help            show this help message and exit
  --path-apktool PATH_APKTOOL
                        Path to the apktool executable
  --path-adb PATH_ADB   Path to the adb executable
  --path-keytool PATH_KEYTOOL
                        Path to the keytool executable
  --path-jarsigner PATH_JARSIGNER
                        Path to the jarsigner executable
  --outfile OUTFILE     Output file

You might also like...

AndroidEnv is a Python library that exposes an Android device as a Reinforcement Learning (RL) environment.

814 Dec 26, 2022

Waydroid is a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu.

4.7k Jan 8, 2023

tool to automate exploitation of android degubg bridge vulnerability

DISCLAIMER DISCLAIMER: ANY MALICIOUS USE OF THE CONTENTS FROM THIS ARTICLE WILL NOT HOLD THE AUTHOR RESPONSIBLE HE CONTENTS ARE SOLELY FOR EDUCATIONAL

6 Feb 12, 2022

creates a batch file that uses adb to auto-install apks into the Windows Subsystem for Android and registers it as the default application to open apks.

wsa-apktool creates a batch file that uses adb to auto-install apks into the Windows Subsystem for Android and registers it as the default application

3 Apr 5, 2022

Uma versão em Python/Ursina do aplicativo Real Drum (android).

Real Drum Descrição Esta é uma versão alternativa feita em Python com a engine Ursina do aplicatio Real Drum (presente no Google Play Store). Como exe

5 Aug 20, 2022

A wrapper script to make working with ADB (Android Debug Bridge) easier

Python-ADB-Wrapper A wrapper script to make working with ADB (Android Debug Bridge) easier This project was just a simple test to see if I could wrap

1 Nov 25, 2021

Possible solutions to Wordscapes, a mobile game for the android operating system, downloadable from the play store

2 Feb 23, 2022

A python script to decrypt media files encrypted using the Android application 'Secret Calculator Photo Vault'. Supports brute force of PIN also.

3 May 1, 2022

Run the Tianxunet software on the Xiaoyao Android simulator

Run the Tianxunet software on the Xiaoyao Android simulator, and automatically fill in the answers of English listening on the premise of having answers

1 Feb 13, 2022

Owner

Antoine Neuenschwander

GitHub

Wrapper around anjlab's Android In-app Billing Version 3 to be used in Kivy apps

IABwrapper Wrapper around anjlab's Android In-app Billing Version 3 to be used in Kivy apps Install pip install iabwrapper Important ( Add these into

8 May 23, 2022

Width-customizer-for-streamlit-apps - Width customizer for Streamlit Apps

?? Width customizer for Streamlit Apps As of now, you can only change your Strea

5 Aug 9, 2022

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

Subcert Subcert is a subdomain enumeration tool, that finds all the valid subdomains from certificate transparency logs. Table of contents Setup Demo

59 Dec 16, 2022

Automate your Microsoft Learn Student Ambassadors event certificate with Python

Microsoft Learn Student Ambassador Certificate Automation This repo simply use a template certificate docx file and generates certificates both docx a

24 Aug 24, 2022

Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS).

Certipy Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Based on the C# variant Ce

1.3k Jan 1, 2023

Python implementation for Active Directory certificate abuse

Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Based on the C# variant Ce

1.3k Jan 9, 2023

Python client SDK designed to simplify integrations by automating key generation and certificate enrollment using Venafi machine identity services.

This open source project is community-supported. To report a problem or share an idea, use Issues; and if you have a suggestion for fixing the issue,

13 Sep 27, 2022

A blazing fast mass certificate generator script for the community ⚡

A simple mass certificate generator script for the community ⚡ Source Code · Docs · Raw Script Docs All you need Certificate Design a simple template

24 Jan 3, 2023

HPomb Is Socail Engineering Tool , Used For Bombing , Spoofing and Anonymity Available For Linux And Android(Termux)

HPomb v2020.02 Coming Soon Created By Secanonm HPomb Is Socail Engineering Tool , Used For Bombing , Spoofing and Anonymity Available For Linux And An

10 Jul 25, 2022

Inspect the resources of your android projects and understand which ones are not being used and could potentially be removed.

Android Resources Checker What This program will inspect the resources of your app and help you understand which ones are not being used and could pot

39 Feb 8, 2022