# Easy way to bypass SSL Pinning using apk-mitm tool There are so many method to bypass SSL like using a tool called `Frida` by hooking it. However to do this you must first install `frida` and to use `frida` fully, your mobile must be rooted. I found another easy way to bypass SSL that just manipulate the SSL/TLS pinning class in the APK itself. As normally, you will do various step to bypass ssl pinning. For example 1. Decode the apk file first with `apktool`. 2. Allow the user certificates in the app's network security settings. 3. Modify the code to disable SSL/TLS (certificate) pinning. 4. Then, decode it again with the `apktool` tool. 5. And Finally, sign the apk using `apksigner`. In this case, there is a tool that can automates the whole process called [apk-mitm](https://www.npmjs.com/package/apk-mitm) **Installation** > npm install -g apk-mitm In this scenario, we will use `injuredAndroid.apk` to bypass ssl.The only thing you need to do is just run the tool with the apk file which you want to bypass. {% code title="Usage:" %} ``` apk-mitm .\injuredAndroid.apk ``` {% endcode %} ![](https://3759110756-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVvHHLY2mrxd5y4e2vVYL%2Fuploads%2FUwb3nuRGl39DVzy7ugvi%2Fimage.png?alt=media\&token=ddc1937d-b29b-40ce-bf03-3896379f428f) It will automatically do all the step and generate a new pached apk. And then Install that apk in your emulator and intercept with burp. ![](https://3759110756-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVvHHLY2mrxd5y4e2vVYL%2Fuploads%2FmdS7fVhNVT3a0IgJNZRf%2Fimage.png?alt=media\&token=8340c0e3-c5f8-42b0-be27-562bbd997252) I tested in `injuredAndroid` and `AndroGoat` ,it perfectly worked. ![](https://3759110756-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVvHHLY2mrxd5y4e2vVYL%2Fuploads%2FInij2MYNta6DSSr0sBCs%2Fimage.png?alt=media\&token=1d5c6998-85b4-4d84-b640-f51a1a48a4f2) ### Resources > > > > >