Offensive-Azure is a Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic. The current list of tools can be found below with a brief description of their functionality.
./Device_Code/device_code_easy_mode.py
./Access_Tokens/token_juggle.py
./Access_Tokens/read_token.py
./Outsider_Recon/outsider_recon.py
./User_Enum/user_enum.py
./Azure_AD/get_tenant.py
./Azure_AD/get_users.py
./Azure_AD/get_groups.py
./Azure_AD/get_group_members.py
./Azure_AD/get_subscriptions.py
./Azure_AD/get_resource_groups.py
./Azure_AD/get_vms.py
Offensive Azure can be installed in a number of ways or not at all.
You are welcome to clone the repository and execute the specific scripts you want. A requirements.txt
file is included for each module to make this as easy as possible.
The project is built to work with poetry
. To use, follow the next few steps:
git clone https://github.com/blacklanternsecurity/offensive-azure.git
cd ./offensive-azure
poetry install
The project is built to work with poetry
. To use, follow the next few steps:
git clone https://github.com/blacklanternsecurity/offensive-azure.git
cd ./offensive-azure
poetry install
The packaged version of the repo is also kept on pypi so you can use pip
to install as well. We recommend you use pipenv
to keep your environment as clean as possible.
pipenv shell
pip install offensive_azure
It is up to you for how you wish to use this toolkit. Each module can be ran independently, or you can install it as a package and use it in that way. Each module is exported to a script named the same as the module file. For example:
poetry install
poetry run outsider_recon your-domain.com
pipenv shell
pip install offensive_azure
outsider_recon your-domain.com
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…