systems. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication. [owasp.org]
with their expected X509 certificate. Once a certificate is known or seen for a host, the certificate is associated or 'pinned' to the host. [owasp.org] Warning: Certificate Pinning is Dangerous! Do not use certificate pinning without the blessing of your server's TLS administrator! [square]
https://www.androidsecurity.info/tampering-detection-in-android/ Outils de détection : • RootTools -> https://github.com/Stericson/RootTools beaucoup d’outils, overkill pour juste détecter le root • Code natif -> https://stackoverflow.com/a/37237473/5664885 fail le RootCloak • SafetyNet API -> https://stackoverflow.com/a/45363495/5664885 Made by Google, validation côté serveur… • Crashlytics -> https://stackoverflow.com/a/35628977/5664885 Solution simple et efficace TODO