The scenario for this writeup is a red team engagement, during which you successfully bypassed the client’s defenses to reach your target. However, the client has a very restrictive user environment and common exfiltration methods like online tools/platforms (e.g., Google Drive, OneDrive, Dropbox) are blocked.

You are also not allowed to use C2 implants for exfil, so you are going to use a separate exfil route, the good old https. Because all known external websites are blocked you are going to build your own exfil application and host it on GCP.

Introduction

This article is designed to inspire newcomers to Red Teaming to take the …