跳转到主要内容
此内容尚未提供您的语言版本,正在以英文显示。

Firebase Apk Scanner

插件 已验证 活跃
属于:Trailofbits

Scan Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. For authorized security research only.

1 个 Skill 0 个 MCP
目的

To automate the security assessment of Android applications utilizing Firebase, identifying critical misconfigurations that could lead to data breaches or unauthorized access.

功能

  • Decompiles Android APKs
  • Extracts Firebase configuration from multiple sources
  • Tests Firebase authentication, databases, storage, and cloud functions
  • Reports findings with remediation guidance
  • Supports various Android app frameworks (native, React Native, Flutter, Cordova)

使用场景

  • Audit Android applications for Firebase misconfigurations
  • Test Firebase endpoints extracted from APKs
  • Assess mobile app security involving Firebase backends
  • Perform authorized penetration testing of Firebase-backed applications

非目标

  • Scanning apps without explicit authorization
  • Testing production Firebase projects without written permission
  • Extracting Firebase config without testing
  • Analyzing non-Android targets (iOS, web apps)

Scope

  • info:Dry-run previewThe README mentions a `--no-cleanup` option, which provides some control over modifications, but a full `--dry-run` mode for previewing intended actions is not explicitly documented.

安装

请先添加 Marketplace

/plugin marketplace add trailofbits/skills
/plugin install firebase-apk-scanner@trailofbits

包含 1 个扩展

Skill (1)

Firebase Apk Scanner 技能

Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use when analyzing APK files for Firebase vulnerabilities, performing mobile app security audits, or testing Firebase endpoint security. For authorized security research only.

99

质量评分

已验证
98 /100
1 day ago 分析

信任信号

最近提交3 days ago
GitHub 所有者 trailofbits (opens in new tab)
星标5.2k
许可证CC-BY-SA-4.0
状态
查看源代码

类似扩展

Aso Skills

99

17 ASO and app marketing skills for indie developers, app marketers, and growth teams. Covers keyword research, metadata optimization, competitor analysis, market intelligence, chart tracking, screenshot design, review management, localization, user acquisition, monetization, and more.

插件
Eronred

Msapps Kotlin Lsp

98

Kotlin Language Server Protocol integration — code intelligence, completions, diagnostics, and refactoring for Kotlin projects

插件
davepoon