search

privacy-tech-lab / gpc-android

Code and dynamic analysis scripts for GPC on Android
https://privacytechlab.org/
MIT License
4 stars 1 forks source link

Add HAR output to network traffic analysis #79

Closed kasnder closed 11 months ago

kasnder commented 11 months ago

HAR scripts are easier to analyse. Additionally, it's nice to keep track of requests that were tried to be initiated but failed, due to certificate pinning or other reasons. The attached script provides a solution. You can run it like this, by appending to the mitmproxy call: -s ./har_dump.py --set hardump=./$appId.zhar It should be possible to run the script, too, after having already recorded network traffic.

kasnder commented 11 months ago

We'd need to integrate this script with the existing analysis script in #68

kasnder commented 11 months ago

This should be merged after #80 is merged.

SebastianZimmeck commented 11 months ago

@n-aggarwal, can you review (and merge)?

kasnder commented 11 months ago

I've now integrated the HAR script into the current workflow. I haven't tested that yet. Files are directly stored as .har and not the compressed *.zhar, for simplicity.