We can sniff all traffic that is happening on our Android phone. The idea is by connecting our phone to a proxy that acts as MITM or Middleman. Same as Pi-hole able to showing all log DNS queries, Burp can be acting as proxy software to capture all traffic that comes to it.
Here is how it works from a high-level. Our phone connects to the internet as usual via the router. To monitor the traffic, we shall route our request to a single place, called a proxy server. This proxy will capture and have the ability to intercept the traffic and sending it to the internet. The response from the request is also going into the same channel flow.
Android Phone (Use Proxy’s Cert) —> Proxy —> Internet
How to ensure this solution works for HTTPS, which encrypted with certification? To make this works, we need to inject our certification into the device and make it trusted (There will be step for that). If our own certification acknowledged by the device, then we can decrypt the traffic from the server that issued the certification.