Low-code apps have become a reality in the enterprise, with surveys showing that most enterprise apps are now built outside of IT and lacking security practices. Unsurprisingly, attackers have figured out ways to leverage these platforms for their gain. This talk will demonstrate a host of attack techniques found in the wild, where low-code apps are abused during every step in the cyber kill chain.