Covert Data Exfil with GCP and Go

Learn how to bypass Data Loss Prevention (DLP) solutions steaming binary files to GCP Cloud Logging using Go.

Imagine that you’re a penetration tester, and you have successfully infiltrated an environment where you have staged files ready for exfiltration. The end client has a fairly mature network security program complete with DLP. How do you transfer your files without being caught?

If the client uses Google Cloud Platform (GCP), maybe using any number of trusted Application Programming Interfaces (API) that is not focused on blob storage, and…