策略引擎>> FireStorePwn>> 返回
项目作者: takito1812

项目描述 :
fsp - Firestore Database Vulnerability Scanner Using APKs
高级语言: Shell
项目地址: git://github.com/takito1812/FireStorePwn.git
创建时间: 2021-05-18T11:42:38Z
项目社区:https://github.com/takito1812/FireStorePwn
开源协议:
下载





FireStorePwn (fsp)

Firestore Database Vulnerability Scanner Using APKs

fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication.

If there are problems with the security rules, attackers could steal, modify or delete data and raise the bill.

How it works


fsp-flow

Install fsp

  1. sudo wget https://raw.githubusercontent.com/takito1812/FireStorePwn/main/fsp -O /bin/fsp
  2. sudo chmod +x /bin/fsp

Running fsp

Scanning an APK without authentication

  1. fsp app.apk

Scanning an APK with authentication

With email and password.

  1. fsp app.apk test@test.com:123456

With a token.

  1. fsp app.apk eyJhbGciO...