v1.2.0

What's New

This release makes extraction even faster and improves reliability and detection. 16x as fast since the first release.

• Full rewrite of the extraction phase — up to 7x faster than previous jadx implementation
• iOS IPA support — extract Firebase items from GoogleService-Info.plist, Mach-O binary strings, bundled service account JSONs, and hardcoded PEM keys
• Mixed APK/IPA directory scanning with -d
• Firestore collection and document name detection via DEX bytecode walk
• Hardcoded PEM private key recovery from both APK (DEX) and IPA (Mach-O) binaries
• Default process count now scales with CPU
• Faster extraction for non-Firestore APKs — skips bytecode walk when no Firestore references exist in DEX string pool
• Added links to FireSA and Firebase Pentest Checklist in README

Bug Fixes

• Fixed non-deterministic extraction silently dropping APKs when scanning directories with multiple processes
• Removed hidden 120-second timeout that discarded large APKs under concurrency
• Eliminated triple-parsing of each APK by caching the androguard APK object across extraction stages
• Fixed Other_Google_API_Key pattern matching short non-key strings as false positives — now enforces correct 39-character format
• Surfaced all previously silent except Exception: pass blocks so extraction errors are visible in console output
• PEM private keys in output file now use real newlines instead of escaped \n, matching console output

v1.1.0

• Added API key bypasses for iOS and websites
• Output now shows if misconfiguration is related to GCS IAM or Firebase rules both in auth and unauth mode
• Check if storage bucket access is allowed directly via GCS even if firebase rules block it
• Updated README.md with payloads and wordlist
• Added check for Email enumeration protection disabled and fix parameter difference RTDB oauth token
• Improved firestore collection wordlist and simplified write arguments
• Fix service account scoping and determine permissons before rejecting
• Fixed missing rtdb bug
• Added support for service account extraction and scanning
• Fix auth retries missing from full scan output file in combined scan
• Fix resume-auth-file not scanning remote config
• file output logic fixes
• show auth projects in same order as scans
• Fix API restriction headers not included on all projects from same APK
• Full scan summary cleanup and added other_firebase_project_id
• differentiate between read and write in auth results summary
• Added jadx timeout flag and changed windows process killing method
• Fix missing import for apksigner
• Fixed force kill and added app_id back to auth_data file
• Auth console output cleanup

v1.0.0

Full Changelog: https://github.com/Icex0/OpenFirebase/commits/v1.0.0