Mobile testing

  • Last updated: August 25, 2022

  • Read time: 1 Minute

You can use Burp Suite for performing security testing of mobile applications. To do this, you simply need to configure the mobile device to proxy its traffic via Burp Proxy. You can then intercept, view, and modify all of the HTTP/S requests and responses processed by the mobile app, and carry out penetration testing using Burp in the normal way.

Successfully intercepting HTTPS traffic from mobile applications can be non-trivial, due to problems setting the necessary proxy configuration, or due to TLS certificate pinning. For more information, see the troubleshooting section.

Was this article helpful?