I word say: it depends. I must've wasted days of my life trying to reverse engineer android apps with pinned certificates. It's crazy how hard it has become to just inspect the traffic on my own device that I bought and own.
I'm gussing you haven't done this a lot? You can't easily add a cert to the system store without rooting, but then you need to bypass root detection. If the app uses cert pinning, you either need to hook it (also detectable) or patch it (error-prone and again, detectable). If the app is Flutter, you'll need to do some binary patching too.
If you have root, HTTP Toolkit will handle most of that for you - it can detect root via ADB, install systems certs automatically, and install Frida & intercept individual app targets with most cert pinning disabled (frida scripts it uses are here: https://github.com/httptoolkit/frida-interception-and-unpinn...).
No manual setup or config, just click a button and done.
Avoiding in-depth detection is left as an exercise for the reader, although there are a small set of existing countermeasures in there. In practice, there is definitely a very long tail of further cases of increasing complexity, with diminishing returns on automated solutions, but it turns out in practice you can automate quite a long way down that path and cover most normal cases.
Flutter is the one awkward case here I've found that doesn't fully work. Very interested to see if there are generalizable automated solutions there, or if the recent fork announcements mean the slow death of flutter anyway...
