I'm reverse engineering two Android apps, each with a different problem First application: When I try to trace the traffic with debug tools like Burp and Fiddler, no traffic is listed. (Please note that I have done these things many times and I have a good understanding of the settings of these tools, i.e. I installed the tool's certificate and I see the traffic of other applications, even HTTPS traffic for other applications) The application also works correctly without any problems. Previously, applications using techniques such as SSL pinning generally failed when trying to intercept traffic, and the process stalled in the ssl handshake because the client was talking to another certificate that belonged to the device. interception. But this application works without the any problem when intercepting traffic, but no traffic is listed. When I use wireshark the traffic is also fuzzy and I just barely managed to find the domain address of its web service which is not enough. I guessed that it might use a socket for communication, which is not the case. It seems that the application generally ignores the proxy set on Wi-Fi and uses the Internet directly. I don't know if I think right or not. It is interesting that in the part of the program where a web page is opened and a part of the process must be done on the web page, the traffic of that part is seen in full.
The second application: This application seems to be developed by Flutter or Kotlin. When the application opens, 2 JavaScript files are received from the server, which I was able to obtain. Now suppose this application sends 4 requests to its web services. There are 3 of them inside these JavaScript files. But one of them is not available. That is, I could not find its address anywhere. Because it has an encryption process, I need to find it to get details of the algorithm. I even opened the application by decompilation tools but still that address is not there. How do I find this request and see its details? Actually, the user agent value is one thing for 3 requests and another thing for this 1 request. It seems that requests are sent from two different sources.
Thank you for sharing your experiences.
