/Fireprint

FirePrint is a security tool for finding misconfigured Firebase realtime databases in Android or iOS applications.

Primary LanguagePython

Fireprint - Firebase Scanner For Android/iOS Application

FirePrint v2.0

Fireprint python Tested Support Linkedin

FirePrint is a Python-based tool for identifying misconfigured Firebase databases used in Android or iOS applications. Simply drag and drop your APK/IPA files onto this script to check if any misconfigured Firebase databases exist.

Prerequisites

      1. apktool.jar (/tools directory)

Installation

      • clone the fireprint repo,   git clone https://github.com/sahad-mk/Fireprint
      
      • Give executable permission, chmod +x fireprint.py

Usage

      ➢ python3 fireprint.py -a|-i|-p <filename/firebase db name> [-o filename]
      
      ➢ python3 fireprint.py -h for help

Examples:

      • python3 fireprint.py -a test.apk 
          
      • python3 fireprint.py -i tets.ipa or
                                                     
      • python3 fireprint.py -p tets_db

Screenshots

➊ Scanning Android(.apk) apps

➋ Scanning iOS(.ipa) apps

➌ Scanning firebase db name

➍ HTML Report