search

privacy-tech-lab / gpc-android

Code and dynamic analysis scripts for GPC on Android
https://privacytechlab.org/
MIT License
5 stars 1 forks source link

Add HAR output to network traffic analysis #79

Closed kasnder closed 1 year ago

kasnder commented 1 year ago

HAR scripts are easier to analyse. Additionally, it's nice to keep track of requests that were tried to be initiated but failed, due to certificate pinning or other reasons. The attached script provides a solution. You can run it like this, by appending to the mitmproxy call: -s ./har_dump.py --set hardump=./$appId.zhar It should be possible to run the script, too, after having already recorded network traffic.

kasnder commented 1 year ago

We'd need to integrate this script with the existing analysis script in #68

kasnder commented 1 year ago

This should be merged after #80 is merged.

SebastianZimmeck commented 1 year ago

@n-aggarwal, can you review (and merge)?

kasnder commented 1 year ago

I've now integrated the HAR script into the current workflow. I haven't tested that yet. Files are directly stored as .har and not the compressed *.zhar, for simplicity.