Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore advanced techniques for abusing Google services in cybersecurity operations through this DEF CON 33 conference talk. Revisit the Google Calendar RAT (GCR) proof-of-concept from 2023 that demonstrates how Google Calendar can be exploited for stealthy Command & Control (C2) communication, a technique recently observed in real-world campaigns by the APT41 threat group. Discover a new Golang-based tool that enables SOCKS tunneling over Google services to establish covert data channels and learn how common cloud platforms can be repurposed for discreet traffic forwarding while evading traditional network monitoring. Gain practical insights into creative cloud infrastructure abuse techniques that are valuable for penetration testers, red teamers, and anyone interested in understanding how trusted cloud services can be weaponized for covert operations, with all key concepts explained to ensure accessibility regardless of prior tunneling experience.
