Man in the Middle attacks on mobile apps - 2018-02-01 17:17:29

Written by Jay During most mobile application or IoT pen test, it’s often a requirement to perform a man in the middle attack to view network traffic. Below are some approaches which work when the it’s not possible to set a system proxy (or when a mobile application does not honour it). ARP Poisioning Pros/Cons Pro cons Easy |Active attack; can be detected Redirects all traffic |Can be risky |Device and laptop need to be on the same network.