EvilMist is a set of scripts for auditing cloud security, focusing on Azure Entra ID. It helps identify misconfigurations, assess user access, and simulate attack techniques, all without needing authentication tokens. The toolkit includes features for user enumeration, risk assessment, and export options for analysis.

Bolthole is a proof-of-concept ClickOnce payload designed for Red Teams to gain initial access during authorized penetration tests. It facilitates a reverse SSH tunnel, CMD shell access, and SOCKS proxy functionality, allowing operators to pivot within the target environment seamlessly. The article provides detailed steps for setting up an Azure VM and configuring the necessary components for successful deployment and operation.