Microsoft’s PyRIT (Python Risk Identification Tool) is a newly released offensive security tool designed for automated reconnaissance in Azure environments. It combines AI-driven guidance from GPT-4 with traditional cloud enumeration techniques to expedite the initial stages of red team operations.
What makes PyRIT different isn’t just that it’s open source and backed by Microsoft. It’s the first tool of its kind that leans on generative AI to recommend recon paths based on environment-specific findings. For adversaries and defenders alike, this opens up a new playbook for how reconnaissance can be automated, contextual, and adaptive inside cloud infrastructures.
What PyRIT Does
PyRIT focuses on reconnaissance, not exploitation. Its goal is to discover misconfigurations, unused identities, exposed secrets, overly permissive roles, and other risky configurations within Azure environments.
The workflow is:
- Connect to an Azure tenant (via credentials or tokens)
- Pull identity, role, and resource metadata
- Feed the data to GPT-4 for adaptive query chaining
- Receive prioritised recon paths, e.g. “Enumerate Key Vault access policies,” or “Check for role assignment loops”
All outputs are explained in a human-readable form, providing both red teamers and security engineers with clarity on the reasoning.
Installation
PyRIT requires Python 3.10 or later, Azure CLI, and access to OpenAI’s GPT-4 API.
git clone https://github.com/Azure/PyRIT.git cd PyRIT pip install -r requirements.txt |
You’ll also need to authenticate with Azure:
And set your OpenAI API key (GPT-4 is required):
export OPENAI_API_KEY=sk-... |
Red Team Use Cases
Cloud-first organisations often have large, complex Azure footprints that evolve faster than their security reviews. That’s precisely where PyRIT fits.
Use PyRIT to:
- Pre-assess a cloud target before deploying persistence mechanisms
- Discover role assignment paths that can be abused (e.g. escalation from App Registrations to Key Vaults)
- Identify identity misconfigurations or dormant access tokens
- Accelerate campaign planning for cloud-specific attack chains
In comparison to enum scripts like ROADtools or Stormspotter, PyRIT takes a more logic-driven approach, utilising the AI layer to highlight intent and attack paths, rather than simply dumping raw data.
Detection & Blue Team Implications
Because PyRIT relies on standard Azure SDK and CLI calls, it’s relatively quiet in terms of IOCs (indicators of compromise). However, defenders can:
- Detect repeated or automated listing of subscriptions, roles, and policies
- Correlate OpenAI API usage with internal traffic (if API proxying is in place)
- Monitor user agents and access tokens generated by PyRIT
More importantly, blue teams can utilise this tool inward, running it against their tenants and letting GPT-4 act as a security intern, pointing out low-hanging misconfigurations.
Limitations
- GPT-4 API access is required (no fallback to local models)
- It currently works only with Azure (no AWS/GCP support)
- Requires a fair understanding of Azure internals to act on the output
Final Thoughts
PyRIT bridges the gap between raw enumeration and guided reconnaissance. It’s not about spamming API calls, but about thinking through them—something AI is surprisingly decent at.
Red teams that regularly work in cloud-native, Azure-heavy environments should take this tool seriously. And for defenders, it’s a sneak peek into how adversarial automation might evolve over the next few years.
You can read more or download Pyrit here: https://github.com/Azure/PyRIT