-
Instructions to root Redmi Note 5 Pro
-
Unlock Mi Device (Only for Windows)
-
Install TWRP
- https://dl.twrp.me/whyred
twrp-3.7.0_9-0-whyred.img
-
Install Magisk
- https://magisk.me/zip/ (Unofficial)
- I think you can just install the APK https://github.com/topjohnwu/Magisk/releases
- https://www.guidetoroot.com/download-magisk-zip-and-magisk-manager-apk/
-
Install LSPosed
- https://github.com/LSPosed/LSPosed
- This is alternative for Xposed module as Xposed is for lower Android versions (I think)
- List of modules to install
- https://github.com/NVISOsecurity/MagiskTrustUserCerts
SSLUnpinning
TrustMeAlready
- List of modules to install
Additional Resources:
-
If issue with fastboot not detecting device
-
Intercepting Android Traffic with Burp
- https://blog.ropnop.com/configuring-burp-suite-with-android-nougat
- https://www.secureideas.com/blog/2020/07/proxying-https-traffic-with-burp-suite.html
- https://hackertarget.com/proxy-phone-burp/
- https://pswalia2u.medium.com/install-burpsuites-or-any-ca-certificate-to-system-store-in-android-10-and-11-38e508a5541a
-
Value Read on SSL Unpinning
- https://www.netspi.com/blog/technical/mobile-application-penetration-testing/four-ways-bypass-android-ssl-verification-certificate-pinning/
- https://medium.com/@anuj.rai2489/ssl-pinning-254fa8ca2109
- https://www.youtube.com/watch?v=CJR_BSIStmE
- https://ninjutsu-blog.github.io/2021/06/27/How-to-setup-Ninjutsu-Android-Penetration-Testing-Environment/
- https://koz.io/using-frida-on-android-without-root/
- https://github.com/sensepost/objection