How to Capture Mobile App Traffic with Charles and Postern (Step‑by‑Step Guide)

Why Use Charles+Postern

In mobile app packet capture, tools like Fiddler fail when the app disables proxy settings. Charles combined with Postern works because Postern acts as a VPN, forcing all traffic through it, which Charles then monitors.

My Environment

pixel 2 Android 8 (rooted)
Magisk 23.0
Xposed 3.1.5

Charles Configuration

Requirements

JDK

Run as administrator

Disable firewall

Download

Download Charles from the official website.

Installation

Follow the standard installer steps (Next → Next) and launch Charles after installation.

Activation

Generate a registration key from the provided URL and enter it in Help → Registered.

Set Proxy

Open Proxy Settings in Charles. Ensure the Windows proxy is unchecked so the PC is not captured.

Set the listening port as shown.

Configure SSL Proxying

Open SSL Proxying Settings and add *.* as the proxy target.

After these steps, Charles is ready.

Postern

What Is Postern?

Postern is not a packet capture tool but a VPN‑based proxy that forwards HTTP requests as sockets to Charles, allowing capture of traffic that would otherwise bypass a proxy.

Configure Proxy Rules

Add a proxy server in Postern as illustrated.

Leave only the necessary option and delete the rest.

Add Rules

Define the forwarding rules as shown.

Enable/Disable Postern

When Charles prompts, click Allow . Then you can capture traffic.

Note: Only HTTP traffic is captured; to capture HTTPS you must install a certificate.

Certificate Configuration

Save Certificate

In Charles, click Save Charles Root Cert... and choose a location.

Push Certificate to Phone

adb push C:\Users\Ti\Downloads\1.pem /sdcard/1.pem

Install on Phone

Install the certificate from storage, giving it any name.

After installation, the certificate appears in trusted credentials.

Move Certificate to System Store (Android 7+)

Use Magisk's Move Certificates module to copy the user certificate to the system store, then reboot.

Charles vs. Fiddler

Fiddler also captures mobile traffic but fails when the app disables proxy. It requires manual Wi‑Fi proxy configuration. Charles with Postern works without changing the device proxy and captures a broader range of apps; simply disable Postern to stop capture.

Conclusion

Both tools are popular, but Charles + Postern offers a wider applicability and clearer data presentation. Users can obtain the installation packages by replying with the keyword “Charles installation package” to the public account.