Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/takito1812/FireStorePwn
fsp - Firestore Database Vulnerability Scanner Using APKs
https://github.com/takito1812/FireStorePwn
android apk database firebase firestore pentesting security vulnerability-assessment vulnerability-detection vulnerability-scanner
Last synced: 3 months ago
JSON representation
fsp - Firestore Database Vulnerability Scanner Using APKs
- Host: GitHub
- URL: https://github.com/takito1812/FireStorePwn
- Owner: takito1812
- Created: 2021-05-18T11:42:38.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2021-05-18T13:37:48.000Z (over 3 years ago)
- Last Synced: 2024-06-07T00:31:38.184Z (5 months ago)
- Topics: android, apk, database, firebase, firestore, pentesting, security, vulnerability-assessment, vulnerability-detection, vulnerability-scanner
- Language: Shell
- Homepage:
- Size: 5.86 KB
- Stars: 61
- Watchers: 2
- Forks: 13
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - takito1812/FireStorePwn - fsp - Firestore Database Vulnerability Scanner Using APKs (Shell)
README
FireStorePwn (fsp)
Firestore Database Vulnerability Scanner Using APKs
---
fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication.
If there are problems with the security rules, attackers could steal, modify or delete data and raise the bill.
## How it works
# Install fsp
```sh
sudo wget https://raw.githubusercontent.com/takito1812/FireStorePwn/main/fsp -O /bin/fsp
sudo chmod +x /bin/fsp
```
### Running fsp
#### Scanning an APK without authentication
```sh
fsp app.apk
```
#### Scanning an APK with authentication
With email and password.
```sh
fsp app.apk [email protected]:123456
```
With a token.
```sh
fsp app.apk eyJhbGciO...
```