workers-app-tester

High-risk but internally coherent offensive security skill. Its behavior matches its pentesting purpose, yet it enables rooting-based app inspection, SSL bypass, auth-token capture, and autonomous attack-style testing, so it should be treated as a vulnerable/high-risk capability rather than benign tooling.

This fragment provides high-impact, dual-use Frida operational instructions to disable SSL pinning and root detection and to hook/log internal app method data (optionally supporting TLS interception with an operator-supplied certificate). While it is not itself a packaged malware payload, it materially enables interception/evasion and can expose secrets via console logging. Treat any referenced external Frida/codeshare scripts as untrusted execution dependencies and only run in authorized, controlled environments.

This module is strongly indicative of malicious/abusive intent for intercepting HTTPS traffic: it installs Frida runtime hooks that disable certificate validation and SSL pinning across multiple Android networking stacks (TrustManager/Conscrypt/OkHttp/SSLContext/WebView/Apache) and additionally forces cleartext traffic allowance. While the snippet does not show credential theft or network exfiltration directly, it materially enables MITM-style interception by weakening transport security. Treat as high risk and do not deploy in production environments.