Getting Started with Proxyman for iOS
This mini tutorial would demonstrate how to set up and intercept traffic from iOS devices with Proxyman for iOS.
Proxyman for iOS
Before going to the detail, here is a brief on what Proxyman is:
Proxyman for iOS is exclusively built for iOS platforms, which have some special features:
- Act as a Man-in-the-middle to monitor and decrypt all incoming/outgoing HTTP/HTTPS traffic from your iOS device.
- A standalone iOS app, work works independently with Proxyman for macOS.
- Designed for iPad with multiple column layouts
- Protect sensitive data with Touch ID and FaceID.
- Share log to Proxyman for macOS.
- Support iOS 14 and iPad OS
1. Download from AppStore
If you haven't installed Proxyman for iOS, please download it from the official AppStore.
2. Start Proxyman VPN
As soon as you open the Proxyman app, please click on the "Intercepting Traffic" button on the Home Screen.
In this step, Proxyman attempt to install Proxyman VPN to your iOS devices. To elaborate, Proxyman VPN is a local dummy VPN to force all traffic to Proxyman Localhost Proxy Server. Your sensitive data is captured and store in the VPN extension, it does not send to any server.
If you've used Proxyman for macOS, install the VPN is equivalent to overriding the HTTP/HTTPS Proxy.
Before moving to the next step, please verify that the VPN is on and you can see the VPN indicator on the system status.
3. Install & Trust Proxyman certificate
To decrypt HTTPS traffic, it requires you to install & trust the Proxyman Root Certificate. This step is quite tricky, so please carefully follow the following step:
Open More Screen -> Certificate section
Tap on "Step: 1Generate Certificate". At this point, Proxyman will generate a local self-signed certificate.
When it success, let tap on the "Install & Trust" button. Proxyman will display a walkthrough of how to download, install and trust the Proxyman Certificate in Setting app.
Please make sure you follow all step:
- When you've done, let back to Proxyman app and verify that the status is "All Good".
Note: If the status is not updated, you might back to the More button and go to the Certificate again. It will trigger the Certificate Checker.
At this point, let make sure that the Status is Good. Otherwise, please contact us at firstname.lastname@example.org
4. Enable SSL Proxying on Unsplash app
We would like to use the Unsplash app as an example because it's a free app and easy to demonstrate how Proxyman for iOS can do.
If you haven't installed the Unsplash app, please download it at AppStore.
4.1 Filter traffic from Unsplash app.
Let open the app and play around. Then, open the Proxyman app, you can see a bunch of HTTP/HTTPS traffic from your iOS devices.
To quickly filter Unsplash traffic, let tap on the Search Bar and type "unsplash".
The result is narrowed down to 3 domains. We might assume that "api.unsplash.com" is a domain we're looking for. Great!
4.2 Enable SSL Proxying
Let tap on the "api.unsplash.com" domain -> Tap on the first request -> Swipe right to open the Response Tab.
At this point, you might not see any response yet, because we haven't enabled SSL Proxying on this domain.
Tap and "Enable SSL Proxying" button and it's ready to work.
Tip: Proxyman won't automatically intercept all incoming/outgoing traffic from your devices to maintain the performance. You can update the SSL Proxying List in More Setting -> SSL Proxying.
5. Inspect HTTPS Traffic
Please open the Unsplash app and play around again. At this point, Proxyman will capture and decrypt all HTTPS Traffic from Unsplash App.
Back to the Proxyman app, you might see a lot of Unsplash Requests here:
From now, we can easily inspect the Header, Body, Query, Form of Unsplash's Request & Response.
If you're using Proxyman on iPad, you might leverage the multiple columns which display more content on one screen. Yay!
6. Share traffic log to Proxyman for macOS
You might be overwhelmed if you record a large number of HTTPS Requests. To solve it, you can Tap on the Setting icon on the Right Top navigation Bar -> Share -> Airdrop to your Macbook Devices.
Then, open the log with Proxyman for macOS.
7. Unlock a Premium version with Proxyman License Key
One more thing! If you have a valid Proxyman License Key, don't forget to upgrade to a Premium version, which has an ultimate number of rules, using TouchID/FaceID/Passcode and more.
To activate it, let open More Screen -> Face ID & Passcode -> Unlock -> Enter your license key. Tada!
The tutorial covers all the important features of Proxyman for iOS. If you'd like to use debugging proxy tools, such as Breakpoint, Map Local, Map Remote, Scripting, let check out Proxyman for macOS.
Proxyman is a native, high-performance macOS app, which enables developers to capture, inspect, and manipulate HTTP(s) requests/responses with ease.
Get it at https://proxyman.io.