Azure Exploitation Toolkit



Azure Exploitation Toolkit for Red Team & Pentesters

BlueMap: An Interactive Exploitation Toolkit for Azure

BlueMap helps penetration testers and red teamers to perform Azure auditing, discovery & enumeration, and exploitation in interactive mode that saves complex opsec and overhead that usually exists in Azure penetration testing engagements.

The tool is currently in the Alpha version and with initial capabilities, but it will evolve with time 🙂


The up-to-date release can be downloaded by cloning the master branch from here.

git clone

BlueMap works out of the box with Python version 3.x and above on any platform. For more information about installtion and other setup, please refer our wiki.



About Author

Maor Tal (CISSP, OSCP, CSSK) is security researcher, threat hunter and red-teamer. His main intresets includes web penteration testing, cloud security and red team activities. He has extenstive experience working with wide range of customers in field of public, private, hi-tech and fintech companies for cloud and penteration testing. In 2019, he published his book “Web Application Advanced Hacking” by LeanPub. You can Contact him via Linkedin or Twitter.

Legal Notice

The usage of BlueMap intended for information security professionals for ethical usage only. Any attempt or usage of BlueMap for attacking targets without prior written permission or matual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. BlueMap developers assume no liability and are not responsible for any misuse or damage caused by this program.


BlueMap is distributed under MIT License.

The BlueMap is a github repository by SikretaLabs