Az-Skywalker is a security research project and toolset that exposes control plane isolation flaws in Microsoft Azure — particularly in Key Vault, Logic Apps, and other iPaaS services.
Research included
VaultRecon
Demonstrates how Microsoft’s intended isolation between the Key Vault control plane and data plane can be bypassed, enabling an attacker with control plane access to enumerate data plane contents without triggering standard data-plane audit events.
SilentReaper
Exposes how control plane access to Azure Logic Apps and Integration Accounts enables silent, largely undetectable data harvesting from live workflow definitions, connector credentials, and in-transit secrets — without touching the data plane.
Why it matters
The control/data plane boundary is a foundational trust assumption in Azure RBAC architecture. Where that boundary leaks, audit logs and access controls provide a false sense of security.