{"id":16587498,"url":"https://github.com/numirias/firefed","last_synced_at":"2025-09-18T14:00:00.761Z","repository":{"id":52705994,"uuid":"108042317","full_name":"numirias/firefed","owner":"numirias","description":"🕵️ A tool for Firefox profile analysis, data extraction, forensics and hardening","archived":false,"fork":false,"pushed_at":"2022-12-08T02:47:32.000Z","size":235,"stargazers_count":103,"open_issues_count":5,"forks_count":11,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-07-10T20:29:29.434Z","etag":null,"topics":["firefox","forensics","mozilla-firefox","privacy","python","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/numirias.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-10-23T21:36:27.000Z","updated_at":"2025-02-23T21:03:53.000Z","dependencies_parsed_at":"2023-01-24T09:45:09.208Z","dependency_job_id":null,"html_url":"https://github.com/numirias/firefed","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/numirias/firefed","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Ffirefed","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Ffirefed/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Ffirefed/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Ffirefed/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/numirias","download_url":"https://codeload.github.com/numirias/firefed/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numirias%2Ffirefed/sbom","scorecard":{"id":698654,"data":{"date":"2025-08-18","repo":{"name":"github.com/numirias/firefed","commit":"908114fe3a1506dcaafb23ce49e99f171e5e329d"},"scorecard":{"version":"v5.2.1-41-g40576783","commit":"40576783fda6698350fcbbeaea760ff827433034"},"score":1.7,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 3 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"22 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2022-42986 / GHSA-43fp-rhv2-5gv8","Warn: Project is vulnerable to: PYSEC-2023-135 / GHSA-xqr8-7jwr-rhp7","Warn: Project is vulnerable to: PYSEC-2022-238 / GHSA-h3qr-fjhm-jphw","Warn: Project is vulnerable to: PYSEC-2022-42991 / GHSA-v3c5-jqr6-7qm8","Warn: Project is vulnerable to: PYSEC-2024-60 / GHSA-jjg7-2v4v-x38h","Warn: Project is vulnerable to: PYSEC-2020-92 / GHSA-hj5v-574p-mj7c","Warn: Project is vulnerable to: PYSEC-2022-42969","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2023-74 / GHSA-j8r2-6x86-q33q","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg","Warn: Project is vulnerable to: PYSEC-2019-130","Warn: Project is vulnerable to: PYSEC-2019-131","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: PYSEC-2023-207 / GHSA-gwvm-45gx-3cf8","Warn: Project is vulnerable to: PYSEC-2019-133 / GHSA-mh33-7rrq-662w","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2019-132 / GHSA-r64q-w8jr-g9qp","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: PYSEC-2020-148 / GHSA-wqvq-5m8c-6g24","Warn: Project is vulnerable to: PYSEC-2021-108"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T04:31:16.989Z","repository_id":52705994,"created_at":"2025-08-22T04:31:16.989Z","updated_at":"2025-08-22T04:31:16.989Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275780466,"owners_count":25527345,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-18T02:00:09.552Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firefox","forensics","mozilla-firefox","privacy","python","security"],"created_at":"2024-10-11T22:54:22.623Z","updated_at":"2025-09-18T14:00:00.696Z","avatar_url":"https://github.com/numirias.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Firefed\n\n[![Build Status](https://travis-ci.org/numirias/firefed.svg?branch=master)](https://travis-ci.org/numirias/firefed)\n[![codecov](https://codecov.io/gh/numirias/firefed/branch/master/graph/badge.svg)](https://codecov.io/gh/numirias/firefed)\n[![PyPI Version](https://img.shields.io/pypi/v/firefed.svg)](https://pypi.python.org/pypi/firefed)\n[![Python Versions](https://img.shields.io/pypi/pyversions/firefed.svg)](https://pypi.python.org/pypi/firefed)\n\nFirefed is a command-line tool to inspect Firefox profiles. It can extract saved passwords, preferences, addons, history and more. You may use it for forensic analysis, to audit your config for insecure settings or just to quickly extract some data without starting up the browser.\n\nNote that Firefed is a work in progress and not all features work seamlessly yet -- but you're more than welcome to contribute, especially with bug reports and usage feedback.\n\n\n## Installation\n\nInstall the package, preferably via `pip`:\n\n```\npip install firefed --upgrade \n```\n\n## Usage\n\n\u003c!--usage-start--\u003e\n```\n$ firefed -h\nusage: firefed [-h] [-V] [-P] [-p PROFILE] [-v] [-f] FEATURE ...\n\nA tool for Firefox profile analysis, data extraction, forensics and hardening\n\noptional arguments:\n -h, --help show this help message and exit\n -V, --version show program's version number and exit\n -P, --profiles show all local profiles\n -p PROFILE, --profile PROFILE\n profile name or directory to be used when running a\n feature\n -v, --verbose verbose output (can be used multiple times)\n -f, --force treat target as a profile directory even if it doesn't\n look like one\n\nfeatures:\n Set the feature you want to run as positional argument. Each feature has\n its own sub arguments which can be listed with `firefed \u003cfeature\u003e -h`.\n\n FEATURE\n addons List installed addons/extensions.\n bookmarks List bookmarks.\n cookies List cookies.\n downloads List downloaded files.\n forms List form input history (search terms, address fields,\n etc.).\n history List history.\n hosts List known hosts.\n infect Install a PoC reverse shell via a hidden extension.\n inputhistory List history of urlbar inputs (typed URLs).\n logins List saved logins.\n permissions List host permissions (e.g. location sharing).\n preferences List user preferences.\n summary Summarize results of all (summarizable) features.\n visits List history of visited URLs.\n```\n\u003c!--usage-end--\u003e\n\n## Features\n\n\u003c!--features-start--\u003e\n### Addons\n\nList installed addons/extensions.\n\n\n```\nusage: firefed addons [-h] [-a] [-A] [-S] [-f {list,short,csv}] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -a, --all show all extensions (including system extensions)\n -A, --show-addons-json\n show entries from \"addons.json\"\n -S, --show-startup-json\n show addon startup entries (from\n \"addonStartup.json.lz4\")\n -f {list,short,csv}, --format {list,short,csv}\n output format\n -s, --summary summarize results\n```\n\n### Bookmarks\n\nList bookmarks.\n\n\n```\nusage: firefed bookmarks [-h] [-f {tree,list,csv}] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -f {tree,list,csv}, --format {tree,list,csv}\n output format\n -s, --summary summarize results\n```\n\n### Cookies\n\nList cookies.\n\nDon't find a cookie you have definitely set? Not all cookies are\nimmediately written to the cookie store. You possibly need to close the\nbrowser first to force all cookies being written to disk.\n\n\n```\nusage: firefed cookies [-h] [-H HOST] [-a] [-S SESSION_FILE]\n [-f {setcookie,list,csv}] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -H HOST, --host HOST filter by hostname (glob)\n -a, --all show cookies from all sources, including all available\n session files\n -S SESSION_FILE, --session-file SESSION_FILE\n extract cookies from session file (you can use\n \"recovery\", \"previous\", \"sessionstore\" as shortcuts\n for default file locations)\n -f {setcookie,list,csv}, --format {setcookie,list,csv}\n output format\n -s, --summary summarize results\n```\n\n### Downloads\n\nList downloaded files.\n\n\n```\nusage: firefed downloads [-h] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -s, --summary summarize results\n```\n\n### Forms\n\nList form input history (search terms, address fields, etc.).\n\nSearches in the browser's searchbar have the key \"searchar-history\".\n\n\n```\nusage: firefed forms [-h] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -s, --summary summarize results\n```\n\n### History\n\nList history.\n\n\n```\nusage: firefed history [-h] [-f {list,short,csv}] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -f {list,short,csv}, --format {list,short,csv}\n output format\n -s, --summary summarize results\n```\n\n### Hosts\n\nList known hosts.\n\n\n```\nusage: firefed hosts [-h] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -s, --summary summarize results\n```\n\n### Infect\n\nInstall a PoC reverse shell via a hidden extension.\n\nThis is highly experimental and only a proof of concept. Also note the\nextension currently isn't actually hidden and disappears with the next\nbrowser restart.\n\nThe reverse shell will attempt to connect to `localhost:8123` and provides\na JS REPL with system principal privileges.\n\n\n```\nusage: firefed infect [-h] [-u] [-c] [-y]\n\noptional arguments:\n -h, --help show this help message and exit\n -u, --uninstall uninstall malicious addon\n -c, --check check if profile appears infected\n -y, --yes don't prompt for confirmation\n```\n\n### InputHistory\n\nList history of urlbar inputs (typed URLs).\n\n\n```\nusage: firefed inputhistory [-h] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -s, --summary summarize results\n```\n\n### Logins\n\nList saved logins.\n\nYou can provide a valid master password, but firefed doesn't (yet) support\ncracking an unkown password.\n\n\n```\nusage: firefed logins [-h] [-l LIBNSS] [-p PASSWORD] [-f {table,list,csv}]\n [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -l LIBNSS, --libnss LIBNSS\n path to libnss3\n -p PASSWORD, --master-password PASSWORD\n profile's master password (If not set, an empty\n password is tried. If that fails, you're prompted.)\n -f {table,list,csv}, --format {table,list,csv}\n output format\n -s, --summary summarize results\n```\n\n### Permissions\n\nList host permissions (e.g. location sharing).\n\nThis feature extracts the stored permissions which the user has granted to\nparticular hosts (e.g. popups, location sharing, desktop notifications).\n\n\n```\nusage: firefed permissions [-h] [-f {table,csv}] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -f {table,csv}, --format {table,csv}\n output format\n -s, --summary summarize results\n```\n\n### Preferences\n\nList user preferences.\n\nThis feature reads the preferences from `prefs.js` and `user.js`.\nUnfortunately, we can't extract any default values since these aren't\nstored in the profile.\n\n\n```\nusage: firefed preferences [-h] [-d] [-c] [-S PATH] [-b] [-i] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -d, --duplicates show all preferences, even if the key appears multiple\n times (otherwise, only the last occurence is shown\n because it overrides all previous occurences)\n -c, --check compare preferences with recommended settings\n -S PATH, --source PATH\n path to file with recommended settings (use \"userjs-\n master\" or \"userjs-relaxed\" to load userjs config from\n Github)\n -b, --bad-only when comparing with recommendations, show only bad\n values\n -i, --include-undefined\n when comparing with recommendations, treat undefined\n preferences as bad values\n -s, --summary summarize results\n```\n\n### Summary\n\nSummarize results of all (summarizable) features.\n\n\n```\nusage: firefed summary [-h]\n\noptional arguments:\n -h, --help show this help message and exit\n```\n\n### Visits\n\nList history of visited URLs.\n\nThis is different from the `history` feature because it lists a single\nentry with a timestamp for each individual visit, even if the URL is the\nsame.\n\n\n```\nusage: firefed visits [-h] [-f {list,csv}] [-s]\n\noptional arguments:\n -h, --help show this help message and exit\n -f {list,csv}, --format {list,csv}\n output format\n -s, --summary summarize results\n```\n\n\u003c!--features-end--\u003e\n\n## Related tools\n\n- [dumpzilla](https://github.com/Busindre/dumpzilla) (Extracts various information in a single step)\n\n- [firefox_decrypt](https://github.com/unode/firefox_decrypt) (Extracts passwords)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumirias%2Ffirefed","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnumirias%2Ffirefed","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumirias%2Ffirefed/lists"}