Help sniffing http commands, I guess? need help, very noob

Hi, very first dev attempt, not sure this even goes here

I have an app for my speaker that features a virtual remote (on,off,mute,volup,etc)

Is there some idiot proof tutorial/video/whatever on how to sniff those http requests?

and, if it’s not about http requests, how can I figure out the way the app communicates with the speaker?


This could be helpful but it is not the easiest thing to do…

To sniff ethernet traffic you could use wireshark, but if it is encrypted, then this option is impossible.

Actually, it seems that it is not possible, but it is doable to some extent.

You need to update the apk with a specific certificate, sideload it to your phone or emulator, setup a proxy in the middle and use your certificate to decrypt to traffic. This is what i referred up above.

There are many apps out there which started using certificate pinning, which restricts the certificate to only a specific one, so these are a bit hard to overcome

Thank guys, I’ll have a look into all that. I appreciate