Skip to content
The scripts helps security analsts to identify misconfigured firebase instances.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
Dependencies Initial Commit Feb 27, 2019 Minor Fixes Feb 28, 2019 Minor Fixes Feb 28, 2019

FireBase Scanner

Firebase is one of the widely used data stores for mobile applications. In 2018, Appthority Mobile Threat Team (MTT) discovered a misconfiguration in Firebase instance also called HospitalGown vulnerability. The following are some of the key highlights taken from the research paper published by Appthority Mobile Threat Team (MTT):

  • The research was performed on total of 2,705,987 apps and 27,227 Android apps and 1,275 iOS apps were found to be connected to a Firebase database. Of those connected apps, it was observed that:
  • 1 In 11 Android apps (9%) and almost half of iOS apps (47%) that connect to a Firebase database were vulnerable
  • More than 3,000 apps were leaking data from 2,300 unsecured servers. Of these, 975 apps were in active customer environments.
  • 1 in 10 Firebase databases (10.34%) are vulnerable
  • Vulnerable Android apps alone were downloaded over 620 million times
  • Over 100 million records (113 gigabytes) of data was exposed

Getting Started


  • Support for Python 2.7


Say what the step will be

git clone

Once the script is downloaded, run the script with the required arguments. We can either provide the APK file as an input as shown below:

python --path /home/shiv/TestAPK/test.apk
python -p /home/shiv/TestAPK/test.apk

Or we can provide the comma sperated firebase project names as shown below:

python --firebase project1,project2,project3
python -f project1,project2,project3


You can’t perform that action at this time.