README.md

March 11, 2019 · View on GitHub

TrustMeAlready

An Xposed module to disable SSL verification and pinning on Android using the excellent technique provided by Mattia Vinci. The effect is system-wide.

Requirements

An Xposed-compatible hooking system. Some options at time of writing:
- EdXposed (Android 9, Magisk-based and passes SafetyNet)
- 'OG' Xposed (Android 5-8)

Tested

Android 9.0, arm64, EdXposed v0.3.0.0_beta3

Download

Available under Releases or at the Xposed module repository

Troubleshooting

Some apps implement custom certificate checking, bypassing this hook. Try sniffing Chrome traffic, if you don't get an invalid certificate error then this module is working as it should
Check your Xposed logs, chances are this module couldn't hook the correct method