How to Capture Android App Traffic with Charles and Postern
This guide explains why Charles combined with Postern is preferred for Android app packet capture, details the required environment, step‑by‑step configuration of Charles and Postern, SSL proxy setup, certificate installation and migration, and compares the solution with Fiddler.
Why Use Charles + Postern
Fiddler cannot capture traffic when an app disables proxy settings, while Charles works because Postern acts as a VPN that forwards all traffic to Charles.
My Environment
pixel 2 Android 8 (rooted)
Magisk 23.0
Xposed 3.1.5Charles Configuration
Requirements
JDK
Run as administrator
Disable firewall
Download
Download Charles from the official site.
https://www.charlesproxy.com/download/Installation
Follow the installer prompts.
Activation
Generate a registration key and activate in Help → Registered.
Proxy Settings
Open Proxy Settings and disable the Windows proxy check‑box to avoid capturing PC traffic.
Set Listening Port
Configure the listening port as shown in the screenshot.
SSL Proxying
Enable SSL Proxying Settings and add a wildcard rule *.* to capture HTTPS traffic.
Postern Overview
Postern is a proxy tool that converts HTTP requests to sockets and forwards them to Charles, allowing capture of more traffic.
Configure Proxy Rules
Add a proxy server and define rules as illustrated.
Enable/Disable Postern
Toggle Postern; when Charles prompts, click “Allow”.
Certificate Configuration
Save Certificate
In Charles, select Save Charles Root Cert… and choose a location.
Push Certificate to Device
adb push C:\Users\Ti\Downloads\1.pem /sdcard/1.pemInstall on Phone
Install the certificate from storage; give it any name.
Certificate Paths
System certs: /etc/security/cacerts
User certs: /data/misc/user/0/cacerts-addedMove Certificate to System Store
Use Magisk’s Move Certificates module to move the user certificate to the system store, then reboot.
Charles vs. Fiddler
Fiddler fails when apps block proxy usage and requires manual Wi‑Fi proxy configuration. Charles with Postern works without changing Wi‑Fi settings and can capture most apps; simply disable Postern to stop capturing.
Conclusion
Both tools are popular, but Charles + Postern offers broader applicability and clearer data. Users can request the installation packages by replying with the keyword “Charles installation package”.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Python Crawling & Data Mining
Life's short, I code in Python. This channel shares Python web crawling, data mining, analysis, processing, visualization, automated testing, DevOps, big data, AI, cloud computing, machine learning tools, resources, news, technical articles, tutorial videos and learning materials. Join us!
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.