Also you should use FRIDA to practice a technique called bypassing certificate pinning to see traffic of applications using HTTPS unencrypted.
Pinning is the process of associating a host with their expected X509 certificate or public key.
Once a certificate or public key is known or seen for a host, the certificate or public key is
associated or ‘pinned’ to the host.
The way it works is that you can hook into different functions that use the native SSL libraries on your phone to effectively just use the CA’s certificate that you want it instead. Which means every application you use will now use your certificate, which means you can decrypt the traffic.
