130n@calvinlai.com
  • About Calvin Lai (fkclai)
  • My Work
  • Information Security Centre (ISC)
    • Why we need a ISC
    • ISC Team Structure: Roles, Functions, and Tools
      • Key Function & Role
      • Tools
      • People
      • Outsource Strategy
    • HRMC Executive Paper
  • Application Security
    • Secure Coding Principles
    • HTTP Header Security Principles
    • Mitigating Broken Object Level Authorization (BOLA)
    • Spring Boot Validation
    • Output Encoding in JavaServer Faces (JSF)
    • Session Management Security Issues
    • Common API Security Problems
      • Broken Authentication
      • Excessive Data Exposure
      • Lack of Resources & Rate Limiting
      • Broken Function Level Authorization
      • Unsafe Consumption of APIs
    • JAVA Exception Handling
    • File Upload Validation
    • OAuth 2.0 Security
      • Insecure Storage of Access Tokens
    • Microservice Security
      • Sample Coding Demo
        • Service Implementation
        • Client Interaction
      • Security Solution for Microservices Architecture
    • Modifying and Protecting Java Class Files
      • Modify a Class File Inside a WAR File
      • Direct Bytecode Editing
        • Steps to Directly Edit a Java Class File
          • Update: Java Bytecode Editing Tools
      • Techniques to Protect Java Class Files
        • Runtime Decryption in WebLogic
    • JAVA Program
      • Secure, Concurrent Web Access Using Java and Tor
      • Creating a Maven Java project in Visual Studio Code
  • Exploit/CVE PoC
    • ZeroLogon Exploit
    • Remote Retrieved Chrome saved Encrypted Password
    • Twitter Control an RCE attack
  • Hacking Report (HTB)
    • Hits & Summary
      • Tools & Cheat Sheet
    • Windows Machine
      • Love 10.10.10.239
      • Blackfield 10.10.10.192
      • Remote 10.10.10.180
      • Sauna 10.10.10.175
      • Forest 10.10.10.161
      • Sniper
      • Json
      • Heist
      • Blue
      • Legacy
      • Resolute
      • Cascade
    • Linux Machine
      • Photobomb 10.10.11.182
      • Pandora 10.10.11.136
      • BountyHunter 10.10.11.100
      • CAP 10.10.10.245
      • Spectra 10.10.10.229
      • Ready 10.10.10.220
      • Doctor 10.10.10.209
      • Bucket 10.10.10.212
      • Blunder 10.10.10.191
      • Registry 10.10.10.159
      • Magic
      • Tabby
  • Penetration Testing
    • Web Application PenTest
    • Network/System PenTest
    • Mobile Penetration Test
      • Certificate Pinning
        • Certificate Pinning Bypass (Android)
          • Root a Android Device
          • Setup Proxy Tool - Burp Suite
      • Checklist
  • Threat Intelligence
    • Advanced Persistent Threat (APT) groups
      • North Korean APT Groups
      • Chinese APT Groups
      • Russian APT Groups
      • Other APT
  • Red Team (Windows)
    • 01 Reconnaissance
    • 02 Privileges Escalation
    • 03 Lateral Movement
    • 04 AD Attacks
      • DCSync
    • 05 Bypass-Evasion
    • 06 Kerberos Attack
    • 99 Basic Command
  • Exploitation Guide
    • 01 Reconnaissance
    • 02 Port Enumeration
    • 03 Web Enumeration
    • 04 Windows Enum & Exploit
      • Windows Credential Dumping
        • Credential Dumping: SAM
        • Credential Dumping: DCSync
      • Kerberos Attack
      • RDP
    • 05 File Enumeration
    • 06 Reverse Shell Cheat Sheet
      • Windows Reverse Shell
      • Linux Reverse Shell
    • 07 SQL Injection
    • 08 BruteForce
    • 09 XSS Bypass Checklist
    • 10 Spring Boot
    • 11 WPA
    • 12 Payload list
  • Vuln Hub (Writeup)
    • MrRobot
    • CYBERRY
    • MATRIX 1
    • Node-1
    • DPwwn-1
    • DC7
    • AiWeb-2
    • AiWeb-1
    • BrainPan
  • CTF (Writeup & Tips)
    • CTF Tools & Tips
    • Hacker One
    • CTF Learn
    • P.W.N. University - CTF 2018
    • HITCON
    • Pwnable
      • 01 Start
  • Useful Command/Tools
    • Kali
    • Windows
    • Linux
  • Offensive Security Lab & Exam
    • Lab
    • Tools for an Offensive Certification
      • Strategy for an Offensive Exam Certification
        • CVEs
        • Privilege Escalation
        • Commands
        • Impacket
  • ISO 27001
    • Disclaimer
    • What is ISO 27001
      • Implementation
    • Documentation
    • Common Mistake
    • Q&A
      • Can internal audit to replace the risk assessment
      • Is it sufficient for only the IT department head to support the ISO 27001 program
      • Does the Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP) are the same?
    • ISO 27001 Controls and Domains
      • 1. Information Security Policies
      • 2. Organization of Information Security
      • 3. Human Resource Security
      • 4. Asset Management
      • 5. Access Control
      • 6. Cryptographic Controls
      • 7. Physical and Environmental Security
      • 8: Operational Security
      • 9. Communications Security
      • 10. System Acquisition, Development, and Maintenance
      • 11. Supplier Relationships
      • 12: Information Security Incident Management
      • 13. Information Security Aspects of Business Continuity Management
      • 14. Compliance
Powered by GitBook
On this page

Was this helpful?

  1. Penetration Testing
  2. Mobile Penetration Test
  3. Certificate Pinning
  4. Certificate Pinning Bypass (Android)

Root a Android Device

Rooting an Android device involves gaining administrative privileges to the device's operating system, allowing you to modify system files and settings that are otherwise restricted. Here are some popular tools and methods for rooting Android devices:

Popular Rooting Tools

  1. KingoRoot

    • Description: A user-friendly one-click rooting tool that works on Windows computers.

    • Download Link: KingoRoot

  2. Magisk

    • Description: A powerful rooting tool that supports custom ROMs and mods. It also allows you to hide root from certain apps.

    • Download Link: Magisk

  3. Azerokit

    • Description: An all-in-one toolbox for rooting, ADB, and Fastboot functionality.

    • Download Link: Azerokit

  4. SRSRoot

    • Description: A one-click root tool for Windows that supports a wide range of Android devices.

    • Download Link: SRSRoot

  5. Xposed Installer

    • Description: Required for installing modules like JustTrustMe to bypass SSL pinning.

    • Download Link: Xposed Installer

Steps to Root an Android Device

  1. Backup Your Data:

    • Before rooting, ensure you back up all important data on your device to avoid any data loss.

  2. Enable Developer Options:

    • Go to "Settings" -> "About phone" -> Tap "Build number" seven times to enable Developer Options.

    • Go to "Settings" -> "Developer options" -> Enable "USB debugging."

  3. Download and Install Rooting Tool:

    • Download the rooting tool of your choice from the links provided above.

    • Install the tool on your computer.

  4. Connect Your Device:

    • Connect your Android device to your computer using a USB cable.

  5. Run the Rooting Tool:

    • Open the rooting tool on your computer.

    • Follow the on-screen instructions to root your device. This usually involves clicking a "Root" button and waiting for the process to complete.

  6. Verify Root Access:

    • After the rooting process is complete, reboot your device.

    • Install a root checker app from the Google Play Store to verify that your device has been successfully rooted.

Important Considerations

  • Warranty: Rooting your device may void its warranty. Check with your device manufacturer for details.

  • Security: Rooting can expose your device to security risks. Ensure you understand the implications and take necessary precautions.

  • Bricking: There is a risk of bricking your device (rendering it unusable) if the rooting process fails. Follow instructions carefully and proceed at your own risk.

PreviousCertificate Pinning Bypass (Android)NextSetup Proxy Tool - Burp Suite

Last updated 4 months ago

Was this helpful?