This chapter has provided an overview of server side attacks by explaining the common vulnerabilities listed in the OWASP top 10 list. We have looked at different strategies to configure proxy. Though it looks quite basic, bypassing certificate pinning can be quite an experience if we have to write custom plugins for substrate or Xposed framework.

In the next chapter, we will discuss how to use static analysis on mobile applications.