Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
I <3 Charles Proxy
Search
Scott Alexander-Bown
November 29, 2018
Technology
120
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
I <3 Charles Proxy
Scott Alexander-Bown
November 29, 2018
More Decks by Scott Alexander-Bown
See All by Scott Alexander-Bown
What's New In Android 15 Security
scottyab
0
260
Fundamentals of creating Android mobile apps
scottyab
0
100
What's 'Q' in Android Security
scottyab
0
360
Faster mobile debugging using a HTTP Proxy
scottyab
0
85
What_s_new_from_Google_IO_2018.pdf
scottyab
0
180
Doppl, an intro!
scottyab
0
130
OMG What's new in Security
scottyab
0
86
What's New from Google I/O 2017
scottyab
0
150
What's Nnnnnew in Security Droidcon IT
scottyab
1
160
Other Decks in Technology
See All in Technology
cccccc
moznion
0
1.8k
金融の未来を考える / Thinking About the Future of Finance
ks91
PRO
0
170
なぜ私たちのSREプラクティスはなかなか機能しないのか 〜システムより先に組織を見る〜 / Why our SRE practices aren't really working
vtryo
1
1.9k
Why is RC4 still being used?
tamaiyutaro
0
300
ループエンジニアリングでE2Eテストを実践
noriyukitakei
0
290
Claude Codeとハーネスについて考えてみる
oikon48
18
8.7k
product engineering with qa
nealle
0
150
小さいから、全部わかる。— 常駐AI "xangi" のすすめ
sugupoko
0
270
型は壁、Rustでもバグを直すな、表現できなくせよ
nwiizo
12
1.7k
完全自律ロボットを作りたくて、先に開発を自律させた話(ROS Japan UG #63 LT)
rryz09
0
370
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
11k
Agentic AI 時代のテスト手法: Kiro とはじめるプロパティベーステスト (AWS Summit Japan 2026 | DEV212)
ymhiroki
0
220
Featured
See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.7k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
2k
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
500
A better future with KSS
kneath
240
18k
New Earth Scene 8
popppiees
3
2.4k
First, design no harm
axbom
PRO
2
1.2k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
640
AI Search: Where Are We & What Can We Do About It?
aleyda
0
7.7k
Optimising Largest Contentful Paint
csswizardry
37
3.8k
Site-Speed That Sticks
csswizardry
13
1.2k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
890
Transcript
I ❤ CHARLES By Scott Alexander-Bown
None
Proxy Server
None
Disclaimer: Not tested this
ALTERNATIVES ➤ Chrome Dev tools ➤ Stetho (Android) ➤ Pony
Debugger (iOS) ➤ Chuck (Android) ➤ MITM proxy ➤ Fiddler ➤ Others…
SCREENSHOT OF ANDROID APP SESSION
BREAKPOINTS ➤ “Does what it says on the tin”
EDIT REQUEST / RESPONSE ➤ Simulating error responses from API
➤ Removing values from request/response to confirm things still work or fail where expected
THROTTLING
None
MOBILE DEVICE SETUP
None
What about TLS/SSL?
SSL PROXY ➤ Install the Charles Proxy Root Cert ➤
Typically the generated Charles Root (different per install) ➤ Provide your own SSL root cert ➤ Enable SSL Proxying on per domain basis http://www.charlesproxy.com/getssl/
HELPER OPTIONS FOR ROOT SSL
SIDE NOTE ANDROID 7+ ➤ Requires Network Security Config to
trust user installed certs ➤ Help Scout Android only allows user installed certs in debug (i.e not Play store) ➤ Here’s the config
AND THAT’S NOT ALL ➤ DNS spoofing ➤ Web interface
(useful when running Headless) ➤ macOS proxy ➤ Import/Export Session ➤ Focus on single domain ➤ Get cURL of request (used recently when debugging push token registration) ➤ Create Github Gist ➤ Repeat aka basic load testing (multiple times with optional delays) ➤ Whitelist, Blacklist(block), Ignore urls
PROXY HELP SCOUT
THANKS
HOW DO YOU USE WEB PROXIES?