Initial Release

Author: BitTheByte

.github/workflows/ci.yml

@@ -0,0 +1,31 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: pip
+          cache-dependency-path: pyproject.toml
+
+      - name: Install
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev]"
+
+      - name: Run tests
+        run: pytest -q

.github/workflows/publish.yml

@@ -0,0 +1,62 @@
+name: Publish to PyPI
+
+on:
+  push:
+    tags:
+      - "v*.*.*"
+  workflow_dispatch:
+
+jobs:
+  build:
+    name: Build distribution
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install build deps
+        run: |
+          python -m pip install --upgrade pip
+          pip install build
+
+      - name: Verify tag matches pyproject version
+        if: startsWith(github.ref, 'refs/tags/v')
+        run: |
+          tag="${GITHUB_REF#refs/tags/v}"
+          ver=$(python -c "import tomllib,sys; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
+          if [ "$tag" != "$ver" ]; then
+            echo "::error::tag v$tag does not match pyproject version $ver"
+            exit 1
+          fi
+
+      - name: Build sdist + wheel
+        run: python -m build
+
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+  publish:
+    name: Publish to PyPI
+    needs: build
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/firefetch
+    steps:
+      - name: Download artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist/
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          password: ${{ secrets.PYPI_API_TOKEN }}

.gitignore

@@ -0,0 +1,60 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+*.egg
+*.egg-info/
+.eggs/
+dist/
+build/
+.installed.cfg
+*.manifest
+*.spec
+
+# Virtual envs
+.venv/
+venv/
+env/
+ENV/
+
+# Tests / coverage / type checking
+.pytest_cache/
+.coverage
+.coverage.*
+htmlcov/
+.tox/
+.nox/
+coverage.xml
+*.cover
+.cache
+.mypy_cache/
+.ruff_cache/
+.pyre/
+.pytype/
+
+# Editor / OS
+.idea/
+.vscode/
+*.swp
+*.swo
+.DS_Store
+Thumbs.db
+
+# firefetch runtime artefacts
+.cache/
+*.apk
+*.xapk
+*.apks
+*.apkm
+firefetch-*.json
+/tmp/firefetch-apks/
+
+# Secrets / local overrides
+.env
+.envrc
+*.local
+
+# Build / packaging metadata
+pip-wheel-metadata/
+.python-version

.pre-commit-config.yaml

@@ -0,0 +1,22 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-toml
+      - id: check-merge-conflict
+      - id: check-added-large-files
+        args: ["--maxkb=5120"]
+
+  - repo: https://github.com/pycqa/isort
+    rev: 5.13.2
+    hooks:
+      - id: isort
+        args: ["--profile", "black"]
+
+  - repo: https://github.com/psf/black
+    rev: 24.10.0
+    hooks:
+      - id: black

README.md

@@ -0,0 +1,46 @@
+# FireFetch
+
+A Firebase audit tool, mostly aimed at mobile apps.
+
+Point it at an APK, an Android package name, or a set of Firebase values you
+already have. It checks Remote Config, Realtime Database, Firestore, Cloud
+Storage, Auth, and Hosting and tells you what's
+exposed.
+
+## Install
+
+```bash
+pipx install firefetch
+```
+
+
+## Use it
+
+```bash
+# you already have the apk
+firefetch apk app-release.apk
+
+# you only know the package name
+firefetch apk com.example.app
+
+# no apk; just creds you already have
+firefetch manual --project-id foo --api-key AIzaSy... --app-id 1:1234:android:abc
+```
+
+Handy flags: `--json out.json` for a structured dump, `--no-write` to skip
+write probes (on by default; they write a tiny payload at a unique path and
+delete it). `firefetch apk --help` for the rest.
+
+## What you get
+
+![](assets/terminal.png)
+
+## Dev
+
+```bash
+git clone https://github.com/bitthebyte/firefetch
+cd firefetch
+python -m venv .venv && source .venv/bin/activate
+pip install -e ".[dev]"
+pytest
+```

assets/terminal.png

@@ -0,0 +1,56 @@
+[build-system]
+requires = ["setuptools>=68", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "firefetch"
+version = "0.2.0"
+description = "Extract Firebase credentials from Android APKs and probe their backends."
+readme = "README.md"
+requires-python = ">=3.9"
+license = { text = "MIT" }
+authors = [{ name = "bitthebyte" }]
+keywords = ["android", "apk", "firebase", "security", "recon", "pentest"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Environment :: Console",
+    "Intended Audience :: Information Technology",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3 :: Only",
+    "Topic :: Security",
+]
+dependencies = [
+    "requests>=2.31",
+    "curl_cffi>=0.7",
+    "rich>=13.0",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.4",
+    "requests-mock>=1.11",
+    "black>=24.0",
+    "isort>=5.13",
+    "pre-commit>=3.5",
+]
+
+[project.scripts]
+firefetch = "firefetch.cli:main"
+
+[project.urls]
+Homepage = "https://github.com/bitthebyte/firefetch"
+
+[tool.setuptools.packages.find]
+where = ["src"]
+
+[tool.setuptools.package-data]
+firefetch = ["py.typed"]
+
+[tool.black]
+line-length = 88
+target-version = ["py39", "py310", "py311", "py312"]
+
+[tool.isort]
+profile = "black"
+line_length = 88
+src_paths = ["src", "tests"]

pyproject.toml

@@ -0,0 +1 @@
+__version__ = "0.2.0"

src/firefetch/__init__.py

@@ -0,0 +1,4 @@
+from firefetch.cli import main
+
+if __name__ == "__main__":
+    raise SystemExit(main())

src/firefetch/__main__.py

@@ -0,0 +1,39 @@
+from __future__ import annotations
+
+import os
+
+_PROXY: str | None = None
+_VERIFY: bool = True
+
+
+def configure(proxy: str | None, insecure: bool) -> None:
+    global _PROXY, _VERIFY
+    _PROXY = proxy
+    _VERIFY = not insecure
+
+    if proxy:
+        os.environ["HTTP_PROXY"] = proxy
+        os.environ["HTTPS_PROXY"] = proxy
+
+    if insecure:
+        import urllib3
+
+        urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+
+        import requests
+
+        original = requests.Session.request
+
+        def patched(self, method, url, **kwargs):
+            kwargs.setdefault("verify", False)
+            return original(self, method, url, **kwargs)
+
+        requests.Session.request = patched  # type: ignore[assignment]
+
+
+def proxy() -> str | None:
+    return _PROXY
+
+
+def verify() -> bool:
+    return _VERIFY