One of the preliminary activities when analyzing mobile application, more usually than not, is to be able to sniff HTTP/S traffic via a MitM proxy.  This is quite straightforward in the case of naive applications, but can be quite challenging when applications use certificate pinning techniques. In this post I’ll try to explain the methodology…