You could possibly disable SSL-pinning If you don't have access to the source-code you could possibly use FRIDA syntax: frida -U -n your.app.package -s frida_ssl_bypass.js

Use alternate network capturing tool: PCAPDroid(non-rooted) HTTPCanary(Rooted)

For run-time security testing: Try FRIDA OBjectoin and Drozer No doubt ADB is your friend