Azure Exploitation Toolkit for Red Team & Pentesters
BlueMap: An Interactive Exploitation Toolkit for Azure
BlueMap helps penetration testers and red teamers to perform Azure auditing, discovery & enumeration, and exploitation in interactive mode that saves complex opsec and overhead that usually exists in Azure penetration testing engagements.
The tool is currently in the Alpha version and with initial capabilities, but it will evolve with time 🙂
The up-to-date release can be downloaded by cloning the master branch from here.
git clone https://github.com/SikretaLabs/BlueMap.git
BlueMap works out of the box with Python version 3.x and above on any platform. For more information about installtion and other setup, please refer our wiki.
Maor Tal (CISSP, OSCP, CSSK) is security researcher, threat hunter and red-teamer. His main intresets includes web penteration testing, cloud security and red team activities. He has extenstive experience working with wide range of customers in field of public, private, hi-tech and fintech companies for cloud and penteration testing. In 2019, he published his book “Web Application Advanced Hacking” by LeanPub. You can Contact him via Linkedin or Twitter.
The usage of BlueMap intended for information security professionals for ethical usage only. Any attempt or usage of BlueMap for attacking targets without prior written permission or matual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. BlueMap developers assume no liability and are not responsible for any misuse or damage caused by this program.
BlueMap is distributed under MIT License.
The BlueMap is a github repository by SikretaLabs