Mobile Application Pentesting-Part6
May 17, 2019 · 3 min read

Bypassing Certificate Pinning
SSL Pinning is a technique that we use in the client side to avoid man-in-the-middle attack by validating the server certificates again even after SSL handshaking. The developers embed (or pin) a list of trustful certificates to the client application during development, and use them to compare against the server certificates during runtime. If there is…

