I like mitmproxy, it worked great until apps started pinning SSL certs.
Then LSposed module SSLUnpinning was found and worked great until apps started using more broad detection.
Then I read about Frida but could not figure out how to get it to work. Most examples involve USB + ADB which I was not too keen on.
I wanted to have it all working on-device with termux. frida-server seemed to run fine, but frida (frida-tools) itself was not cooperating.
Eventually I got to the point where frida seems to want to run but was running into a permission issue with Magisk and the zygote process:
# frida --codeshare Q0120S/bypass-ssl-pinning -f com.theapp.name results in Failed to spawn: unable to access PID 20107 (zygote) while preparing for app launch; try disabling Magisk Hide in case it is active
After searching around there was a hint to use the PID of the app instead - what seems to happen is if you pass the app name it attempts to launch and attach via zygote. If you pass the pid, it attatched directly (the app must already be running).
So this got Frida SSL Unpinning working for me:
# frida-server -D# frida --codeshare Q0120S/bypass-ssl-pinning -p $(pidof com.theapp.name)- optionally
killall frida-serverwhen done because I find it hangs the UI for some reason
And the MitM proxy server happily displayed the HTTPS traffic without any modification to mitmproxy or the android device/apk