I'm trying to find resources or library which could permit me to capture the traffic of all the network packets of a device programmatically either it be from wifi or mobile network. I believe there no need to be root to be in this promiscuous mode as shark for root would request because there is this app on the play store which can capture all network traffic (even decrypt SSL with MITM) without needing to be root. I simply cannot figure out how to do the same.
My question is: How did this app achieve this capture? What API did they use?
Thank you for your help.
The de-facto appraoch to packet sniffing in Android without root is loop-back VPNService. Creating a VPNService app and activating it, will force all traffic in the device to go through your newly created virtual interface which is managed by a userspace application, where you will be receiving IP Packets by reading from the virtual interface.
You can check a simple code sample for it from Google here
You can check a full working example project here