I don’t think it’s literally a search and replace but a part of the prompt that is hidden from the user and inserted either before or after the user’s prompt. Something like [all humans, unless stated otherwise, should be ethnically ambiguous]. Then when generating it’s got confused and taken it as he should be named ethnically ambiguous.

That’s truly as lightweight as you’re going to get. Cool little script.

If you like Heimdall you could run it without Docker. It’s a PHP app, you could run nginx and it would be pretty lightweight.

Specifically for attempting to bypass certificate pinning you’re solidly in the realm of reverse engineering. I haven’t attempting it myself but I have read the efforts of others over the years and the process was quite evolved and ever changing. If you are interested in going down this rabbit hole you may use these links as starting points but be prepared to adapt them.

https://felipe-herranz.medium.com/uncertify-a-tool-for-recompiling-android-apps-bypassing-different-certificate-pinning-techniques-de3d30ded2c6

https://gist.github.com/approovm/e550374428065ff1ecafca6a0488d384

https://frida.re/

https://codeshare.frida.re/browse

Best of luck.

From one of your devices can you check what DNS server they are using? It sounds like the router is setting itself as the DNS server. This would mean all your devices would list your router’s IP address and the DNS server. This is a different setting than the DNS server that your router is using.

If that’s the case you tell your router to tell your devices to set the DNS server to the IP address of your AdGuard Home device. Alternatively, you can manually set the DNS server on your devices.

Yeah, unfortunately it’s a huge barrier if you’re wanting to see why your devices are phoning home and the data being sent. It makes it extremely difficult if not impossible for most people to bypass.

No, not at all. The request never hits the cache. The certificate is stored within the app and all internet communication is specifically pinned to said certificate. It doesn’t even ask your certificate store.

There are some cases where this would not work by the way. It’s called certificate pinning and it’s basically when an application comes with the trusted certificate for a host built-in. Even if you were to override it with a root certificate in the certificate store, the app simply wouldn’t use it.