iOS certificate pinning bypass (Unc0ver + AltStore + Frida)

At work, I don’t always do mobile penetration test; but when I do, I usually forget the end-to-end process of preparing the environment. So, I decided to make this compiled guide, so I (and you all) can refer back in the future.

When an application you are testing does not work once you hooked your device onto Burp Suite, it is almost always caused by the implementation of certificate pinning on the application.

It took me 5 hours to figure out the whole process — troubleshooting included. I have now…