Google Apps is a cloud-based productivity suite used by a large section of people
including Corporate, Academic and Home users. This paper is about abusing innocent
Google Apps and Data API to implement offensive attacks. The major and widely used
Google Apps like Google Forms, Google Spreadsheet and Google Script as well as the
Google Apps API can be abused for implementing various attack vectors. This paper
will look into the following things:
1. Phishing with Data URI and Google Forms.
2. E-mail Bombing regenerated with Google App Script.
3. Implementing a Cross-Platform Botnet with its C&C hosted with Google.