InfoSec Write-ups

I Wasted 3 Days Intercepting a Flutter App. Here’s What Actually Works. (opens in new tab)

Three days\. That’s how long it took me to get Burp Suite seeing traffic from a Flutter app during a security assessment\. I tried everything I knew\. Objection\. ReFlutter, which actually patches the Flutter binary itself\. Custom CA installation\. VPN-based interception\. Standard Frida SSL bypass scripts from GitHub\. Each one either failed silently or gave me the exact same result: app opens, appears to load, shows “no internet\.” Not an SSL error\. Not a certificate warning\. Just “no in...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help