Instagram-SSL-Pinning-Bypass
AutoDroid
Instagram-SSL-Pinning-Bypass | AutoDroid | |
---|---|---|
1 | 3 | |
363 | 124 | |
- | - | |
3.1 | 3.7 | |
10 months ago | about 1 month ago | |
Python | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Instagram-SSL-Pinning-Bypass
-
Norway Fining Meta $98,500 per Day for User Privacy Breach
No, they're usually not published. I encourage you to do it yourself.
Looks like Instagram at least does do TLS cert pinning, but it looks like there are patched binaries that disable it.
https://github.com/Eltion/Instagram-SSL-Pinning-Bypass
AutoDroid
- Automating Reverse Engineering Android Apps - Python Tool with ADB, AndroGuard, and Frida integration
- Automating Android App Reverse Engineering - New Python Tool with Frida, ADB, and AndroGuard Integration
- Python tool for automating bulk interactions with Android devices - including Frida, AndroGuard, and ADB support
What are some alternatives?
MEDUZA - A more or less universal SSL unpinning tool for iOS
Ghost - Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device.
robodroid - Manage (and soon deploy) Android machines with pre-defined behaviors for Cyber Range environments.
DroidDetective - A machine learning malware analysis framework for Android apps.
GramAddict bot - Completely free and open-source human-like Instagram bot. Powered by UIAutomator2 and compatible with basically any Android device 5.0+ that can run Instagram - real or emulated.
owasp-mastg - The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
WhatsApp-Key-Database-Extractor - The most advanced and complete solution for extracting WhatsApp key/DB from package directory (/data/data/com.whatsapp) without root access.