BURP’s proxy tool and the case of the missing cipher suites
During a recent iOS application penetration test, I was attempting to proxy network traffic using the BURP proxy tool. In doing so, I configured my device to use BURP as proxy, and voila, I was able to see the traffic (oh, the joys of certificate pinning). However, my excitement was short-lived. I noticed that I […]
Posted in Web Application Security | Comments Off on BURP’s proxy tool and the case of the missing cipher suites