A comprehensive Azure AD and Microsoft Graph offensive security tool designed for authorized Red Team operations.
Disclaimer: This tool is intended for authorized penetration testing and security research only. Any use without explicit permission is prohibited.
YOU MUST HAVE EXPLICIT, WRITTEN PERMISSION BEFORE USING THIS TOOL AGAINST ANY SYSTEM OR TENANT. The misuse of this tool for unauthorized access is illegal and unethical. The developers and contributors are not responsible for any damage or legal action resulting from the misuse of this tool. By using this tool, you agree to use it only for legitimate purposes in accordance with all applicable laws.
Red-Team-Tools-For-Azure automates the reconnaissance phase of Azure penetration tests, allowing you to quickly identify and extract sensitive and critical data from an engaged tenant.
- 📊 Tenant Information Gathering: Quickly retrieve tenant details, domains, and organization information.
- 📧 Outlook/Exchange Online Enumeration: Access mailbox metadata, message lists, and calendar information (subject to permissions).
- 💾 Automated Data Extraction: Download targeted emails (as EML), and other findings for offline analysis.
UI Preview:
Current interface showing authentication and email export workflow
- Prerequisites: Ensure you have Java 21+ installed.
- Download latest JAR:
wget https://github.com/ws-research/red-team-tools-for-azure/releases/download/v1.0/red-team-tools-for-azure.jarDownload latest EXE & Java 21:
wget https://github.com/ws-research/red-team-tools-for-azure/releases/download/v1.0/red-team-tools-for-azure.zip🤝 Contributing
We welcome contributions from the security community! Please feel free to submit issues, feature requests, and pull requests.
📜 License
This project is licensed under the MIT License - see the LICENSE file for details.
🙏 Acknowledgments
· Thanks to the Microsoft Identity and Graph API teams for their extensive documentation. · Inspired by tools like MicroBurst, Stormspotter, and ROADtools, etc.