We’re working on our own series about how to effectively use Charles Proxy to track down malicious ads.
There is a wonderful and comprehensive series of posts from Ad Ops Insider.
- Ad Ops Insider – Charles Proxy Tutorial for Ad Operations
- Ad Ops Insider – Advanced Charles Proxy Tutorial
- Ad Ops Insider – Using Charles Proxy on Cellular Networks
- Ad Ops Insider – Find & Kill Mobile App Store Redirect Ads
One of the fabulous things about Charles Proxy is that it allows you to inspect SSL traffic by installing a custom certificate. However, if you’ve ever tried to hunt down a mobile redirect that only affects users arriving from the Facebook app, you might have discovered that you can’t decrypt every kind of SSL traffic. Newer iOS apps use “certificate pinning”, which prevents exactly the technique that Charles exploits. If you run into this situation, there is a workaround (that we haven’t tried yet). It’s a deep technical dive and it can be found here: