Google Apps Scripts Kill Chain

Presented at BSidesLV 2017, July 25, 2017, 2 p.m. (25 minutes).

Google Apps Scripts is a JavaScript cloud scripting language that provides easy ways to automate tasks across Google products and third party services and build web applications. However, it also provides relatively easy ways for attackers to automate infiltration, propagation, exfiltration and maintaining access to a compromised G Suit powered organization. While the platform has been used successfully for C&C (Carabank) previously, we feel it only scratched the surface as potential vectors.

Presenters:

  • Maor Bin - Research Lead - Proofpoint
    I'm working as a research lead at Proofpoint, as part of the SaaS Protection product. We are researching customers' data in order to identify risks and threats in their cloud environment. We're also researching new and innovative attack vectors, so we would be able to block it when it becomes active. I used to work as a mobile researcher and (reverse eng) for several years.

Links:

Similar Presentations: