FireScan

Hey, I'm Jacob. My main job is penetration testing, but I also develop web and mobile apps, CLI tools and just about anything else. Firebase misconfigurations are everywhere. I've tested hundreds of apps over the years and the pattern is always the same, developers deploy with rules wide open or barely tested. One bad rule and you're leaking the entire database. Happened with Tea, happens constantly in the wild. Every time I assessed a Firebase app, I'd end up writing the same enumeration scripts. Check RTDB permissions, probe Firestore rules, test storage buckets, see if functions need auth. Same workflow, different target. Massively inefficient. So I naturally started looking for tooling. Nothing existed that just took a project ID and did the enumeration automatically. So a few months back, I wrote FireScan. It does what I needed: - Full RTDB enumeration - Firestore rule testing - Storage bucket checks - Cloud Function auth analysis - Handles the tedious auth setup A quick MVP, cut my manual testing from ~20 minutes to under 2. So I open sourced it and now it's on GitHub. If you're building with Firebase, run it against your own project. If you're testing Firebase apps, it'll save you time. Questions, feedback or contributions are welcome.