Testing the security and behavior of Android apps often requires intercepting and analyzing API requests and responses. In this guide, we’ll walk through setting up an Android emulator to work with Burp Suite, enabling interception of HTTPS traffic and performing advanced manipulations like brute-force attacks.
⚠️ Requirements:
Android Emulator (AVD)
Root access (via Magisk)
Burp Suite (Community or Professional Edition)
🛠 Step-by-Step Setup Guide
✅ 1. Install Burp Suite
Download Burp Suite Community Edition (2023.6.2) from PortSwigger.
Launch the app and navigate to:
Proxy → Options → Proxy Listeners → Import/Export CA Certificate
✅ 2. Export and Install Burp CA Certificate
Export the CA Certificate in DER format and save it with a .crt extension.
Transfer this .crt file to your emulator (drag and drop works fine).
On the emulator:
Open Settings → Security → Encryption & Credentials
Tap Install from SD card
Choose the transferred certificate.
Confirm installation:
Go to Trusted Credentials → User and verify the certificate is listed.
🔓 3. Root the Emulator
To trust user-installed certificates at the system level (bypassing Android’s certificate pinning), you must root the emulator.
Tools You’ll Need:
Magisk APK (v26.1 or later)
👉 Download from Magisk Releases
AlwaysTrustUserCerts.zip
👉 Download from NVISOsecurity GitHub
rootAVD tool
👉 Download from rootAVD GitHub
Rooting Process:
Ensure your AVD is running before executing the root script.
Unzip rootAVD and run the following command in terminal:
✅ For Play Store-enabled AVDs, use google_apis_playstore in the path.
Your emulator will shut down automatically after patching.
⚙️ 4. Install Magisk & Trust Certificates
Restart your emulator and open the Magisk app.
Navigate to Modules → Install from Storage → Select AlwaysTrustUserCerts.zip
The emulator will restart again.
Verify the certificate now appears under System certificates, not just User.
🌐 5. Connect Emulator to Burp Suite
In Burp Suite:
Go to Proxy → Options → Add Listener
Choose an IP from the 172.x.x.x range.
Set port to 8080 and click OK.
On the Emulator:
Connect to Wi-Fi.
Long press the connected Wi-Fi → Modify Network → Proxy: Manual
Set:
Host: Burp Suite IP (e.g., 172.x.x.x)
Port: 8080
Save the changes.
🚀 6. Intercept Traffic
Launch your Android debug app.
Open HTTP History in Burp Suite to monitor incoming requests/responses.
🎯 Conclusion
You now have a fully configured Android emulator that allows you to:
Intercept and inspect HTTPS API traffic
Analyze request/response headers and payloads
Perform manual or automated security tests (e.g., brute force attacks)
This setup is ideal for mobile QA, security testing, or reverse engineering Android applications in a safe, isolated environment.
💬 Feel free to bookmark or share this guide with fellow testers or developers diving into mobile app traffic inspection.
Happy hacking!
