How to configure the Android Mobile Device with BurpSuite to capture the traffic of the Android APK

Dynamic Application Security Testing

Steps for configuring the Network connectivity:

• Connect a wifi network to your Desktop/Laptop.

• Connect a hotspot from your Desktop/Laptop to your android testing device.

• Open the burp suite.

• Go to proxy and click on the options.

• Scroll down to see the intercept server responses and enable/disable as shown in the below screenshot.

• scroll up to configure the proxy listeners and configure the proxy as shown in the below screenshot.

• Click Yes.

• Open the wifi in the android testing device and connect it with your Desktop/Laptop hotspot.

• Click on settings in the android testing device on the network which is connected with your Desktop/Laptop hotspot.

• Click on advance.
• Click on the proxy (manual) and configure as given before in burp suite proxy listeners.
• Click on save.

Steps for configuring the burp suite CA certificate:

• Open the Chrome web browser in the android testing device and type as shown in the below screenshot.

• Click on advance.

• Click on proceed to burp.

• Click on the CA certificate to download it.

• Open the path of the downloaded file of the CA certificate.

• Rename it to .cer.

• Click on change.

• Now, the CA certificate is ready to install on the android testing device.

• Open the below-highlighted path in your android testing device as shown in the below screenshot.

• Select the CA certificate.

• Click on install anyway.

• Now, the CA certificate will be installed on the android testing device.

Steps for capturing the android APK traffic in the burp suite:

• Switch on the intercept in the burp suite and run the testing Andriod APK in your android testing device to capture the traffic in the burp suite.

You’re done.

Happy Hacking!