Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
I <3 Charles Proxy
Search
Scott Alexander-Bown
November 29, 2018
Technology
110
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
I <3 Charles Proxy
Scott Alexander-Bown
November 29, 2018
More Decks by Scott Alexander-Bown
See All by Scott Alexander-Bown
What's New In Android 15 Security
scottyab
0
250
Fundamentals of creating Android mobile apps
scottyab
0
98
What's 'Q' in Android Security
scottyab
0
350
Faster mobile debugging using a HTTP Proxy
scottyab
0
81
What_s_new_from_Google_IO_2018.pdf
scottyab
0
170
Doppl, an intro!
scottyab
0
130
OMG What's new in Security
scottyab
0
86
What's New from Google I/O 2017
scottyab
0
150
What's Nnnnnew in Security Droidcon IT
scottyab
1
150
Other Decks in Technology
See All in Technology
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
2k
FDE という解 ― 暗黙知と明示知をつなぐ、伴走型エンジニアリング ―
otanet
0
140
作って終わりにしない タイミーのセマンティックレイヤー育成の現在地
chanyou0311
4
2.3k
EventBridge Connection
_kensh
5
700
非定型業務をAI slackbotで自動化する ~ 社内要望を自動壁打ちするbotを作った ~/automating-ad-hoc-work-with-ai-slackbot
shibayu36
0
630
やさしいA2A入門
minorun365
PRO
12
1.8k
新しいVibe Codingと”自走”について
watany
6
310
攻撃者視点で考えるDetection Engineering
cryptopeg
2
1.6k
爆速でマルチプロダクトを立ち上げる時 事業・CTO目線で大事にしたい事
miyatakoji
0
110
AIはどのように 組織のアジリティを変えるのか?
junki
1
600
Agentic Web
dynamis
1
210
On-behalf-of Token exchange with AgentCore Identity
hironobuiga
2
160
Featured
See All Featured
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
270
The Language of Interfaces
destraynor
162
27k
How to Ace a Technical Interview
jacobian
281
24k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
840
We Have a Design System, Now What?
morganepeng
55
8.2k
Ethics towards AI in product and experience design
skipperchong
2
310
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
120k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
6k
The Pragmatic Product Professional
lauravandoore
37
7.3k
New Earth Scene 8
popppiees
3
2.3k
The Invisible Side of Design
smashingmag
302
52k
Crafting Experiences
bethany
1
180
Transcript
I ❤ CHARLES By Scott Alexander-Bown
None
Proxy Server
None
Disclaimer: Not tested this
ALTERNATIVES ➤ Chrome Dev tools ➤ Stetho (Android) ➤ Pony
Debugger (iOS) ➤ Chuck (Android) ➤ MITM proxy ➤ Fiddler ➤ Others…
SCREENSHOT OF ANDROID APP SESSION
BREAKPOINTS ➤ “Does what it says on the tin”
EDIT REQUEST / RESPONSE ➤ Simulating error responses from API
➤ Removing values from request/response to confirm things still work or fail where expected
THROTTLING
None
MOBILE DEVICE SETUP
None
What about TLS/SSL?
SSL PROXY ➤ Install the Charles Proxy Root Cert ➤
Typically the generated Charles Root (different per install) ➤ Provide your own SSL root cert ➤ Enable SSL Proxying on per domain basis http://www.charlesproxy.com/getssl/
HELPER OPTIONS FOR ROOT SSL
SIDE NOTE ANDROID 7+ ➤ Requires Network Security Config to
trust user installed certs ➤ Help Scout Android only allows user installed certs in debug (i.e not Play store) ➤ Here’s the config
AND THAT’S NOT ALL ➤ DNS spoofing ➤ Web interface
(useful when running Headless) ➤ macOS proxy ➤ Import/Export Session ➤ Focus on single domain ➤ Get cURL of request (used recently when debugging push token registration) ➤ Create Github Gist ➤ Repeat aka basic load testing (multiple times with optional delays) ➤ Whitelist, Blacklist(block), Ignore urls
PROXY HELP SCOUT
THANKS
HOW DO YOU USE WEB PROXIES?
scottyab
oracle4engineer
otanet
chanyou0311
_kensh
shibayu36
minorun365
watany
cryptopeg
miyatakoji
junki
dynamis
hironobuiga
techseoconnect
destraynor
jacobian
baasie
morganepeng
skipperchong
twada
reverentgeek
lauravandoore
popppiees
smashingmag
bethany
