Feature Request: Built-in Frida Integration for Automated SSL Pinning Bypass
Hi Reqable team,
First of all — love the app, just purchased the lifetime premium license. Reqable is a massive upgrade over tools like Fiddler and Charles.
I'd like to suggest adding built-in Frida integration, similar to what HTTP Toolkit offers. Specifically, HTTP Toolkit provides:
• One-click interception of individual mobile apps via Frida — no manual terminal commands needed
• Automatic SSL/TLS certificate pinning bypass (patching known pinning libraries like OkHttp, TrustManager, etc.)
• Automatic injection of the proxy's CA certificate into the app's trust store at runtime
• Root detection bypass for apps that refuse to run on rooted devices
• Auto-detection and patching of obfuscated/unknown pinning implementations as a fallback
• HTTP/3 (QUIC) blocking to force apps back to HTTP/2 or HTTP/1 for easier interception
Currently, to intercept traffic from apps with SSL pinning in Reqable, users have to manually set up frida-server via ADB, find and run the right bypass scripts, and keep everything running in a separate terminal. Integrating this directly into Reqable would make the workflow seamless and would be a huge competitive advantage.
HTTP Toolkit's Frida scripts are open source (https://github.com/httptoolkit/frida-interception-and-unpinning) and could serve as a reference for implementation.
This feature would make Reqable the ultimate all-in-one solution for mobile API debugging. Thank you for considering this!
Feature Request: Built-in Frida Integration for Automated SSL Pinning Bypass
Hi Reqable team,
First of all — love the app, just purchased the lifetime premium license. Reqable is a massive upgrade over tools like Fiddler and Charles.
I'd like to suggest adding built-in Frida integration, similar to what HTTP Toolkit offers. Specifically, HTTP Toolkit provides:
• One-click interception of individual mobile apps via Frida — no manual terminal commands needed
• Automatic SSL/TLS certificate pinning bypass (patching known pinning libraries like OkHttp, TrustManager, etc.)
• Automatic injection of the proxy's CA certificate into the app's trust store at runtime
• Root detection bypass for apps that refuse to run on rooted devices
• Auto-detection and patching of obfuscated/unknown pinning implementations as a fallback
• HTTP/3 (QUIC) blocking to force apps back to HTTP/2 or HTTP/1 for easier interception
Currently, to intercept traffic from apps with SSL pinning in Reqable, users have to manually set up frida-server via ADB, find and run the right bypass scripts, and keep everything running in a separate terminal. Integrating this directly into Reqable would make the workflow seamless and would be a huge competitive advantage.
HTTP Toolkit's Frida scripts are open source (https://github.com/httptoolkit/frida-interception-and-unpinning) and could serve as a reference for implementation.
This feature would make Reqable the ultimate all-in-one solution for mobile API debugging. Thank you for considering this!