A while back I was assigned a mobile application penetration test. I was met with a unique challenge of testing an Android application, but found there to be challenges with Android accepting user supplied certificates (i.e. burp suite cert). Because of this, I couldn’t properly proxy the traffic from my mobile device to Burp Suite. You’d think Apple would make this difficult, but nope — just Android!
Please click the below image to check out the post at Triaxiom Security for the full write-up!