This tutorial explains how to intercept android application using ZAP. First connect your android device and your system in a common Wi-Fi network. Then follow the below steps.
1. Generate SSL certificate from zap proxy
First we need generate an SSL certificate from ZAP.Go to Tools -> Options -> Dynamic SSL Certificates ->Generate
Then save this certificate in anywhere. We need to send this certificate to the android device.
2. Install this SSL certificate in your android device.
Send this certificate to your android device through mail and save this certificate in your android device by clicking on this certificate. Give name of the certificate as 'zap'. Then this certificate will automatically install in your android device.
3.Find your IP(IPv4) address.
In windows you can find your ip address by typing 'ipconfig' in command prompt. Then find your ipv4 address.
In ubuntu got to System settings -> Network -> Wireless
Then find your IPv4 address from this.
4. Configure proxy settings in android device.
Go to Settings -> Wi-Fi -> Long press on your WiFi network name -> Modify Network -> Click Advanced options
Then select Proxy as 'Manual'.
Then give your ip address (found in step 3) as Proxy hostname and give 8080 as Proxy port and then save.
5. Configure proxy settings in ZAP proxy.
Go to Tools -> Options -> Local proxy.
Then give address as blank and port as '8080'.
6. Testing
Now you can test this set up. Open any application in your android device. Then you can see the request send from android application in ZAP proxy.
