A modified and resigned apk will usually not be able to access Firebase Auth and other APIs that are bound to the original SHA1. Though it's possible to modify the header with an intercepting proxy like Burp, having the option to hook the signature check directly would be preferable. Can this toolkit take care of that already?
A modified and resigned apk will usually not be able to access Firebase Auth and other APIs that are bound to the original SHA1. Though it's possible to modify the header with an intercepting proxy like Burp, having the option to hook the signature check directly would be preferable. Can this toolkit take care of that already?