FireStorePwn – Firestore Database Vulnerability Scanner Using APKs

fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication.

If there are problems with the security rules, attackers could steal, modify or delete data and raise the bill.

Install fsp

sudo wget https://raw.githubusercontent.com/takito1812/FireStorePwn/main/fsp -O /bin/fsp
sudo chmod +x /bin/fsp

Running fsp

Scanning an APK without authentication

fsp app.apk

Scanning an APK with authentication

With email and password.

fsp app.apk test@test.com:123456

With a token.

fsp app.apk eyJhbGciO...

click here to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: