OpenSecAtlas
OPENSECATLAS
10/12 free views
Framework
Framework
Penetration Testing & Red Teaming

sliver

by BishopFox

10.5Kstars
1.4Kforks
152watchers
Updated 3 months ago
About

Sliver is an open source cross-platform adversary emulation framework designed for advanced red teaming and security testing.

Adversary Emulation Framework

Primary Use Case

Sliver is used by penetration testers and red team operators to simulate advanced adversary behaviors and test organizational defenses. It enables security teams of all sizes to perform realistic attack simulations using dynamically generated implants and secure command and control channels across multiple platforms.

Key Features
  • Dynamic code generation
  • Compile-time obfuscation
  • Multiplayer-mode for collaborative operations
  • Support for staged and stageless payloads
  • Procedurally generated C2 over HTTP(S)
  • Secure C2 over mTLS, WireGuard, HTTP(S), and DNS
  • Fully scriptable via JavaScript/TypeScript and Python
  • Windows process migration, injection, and user token manipulation

Installation

  • Run the Linux one-liner: curl https://sliver.sh/install | sudo bash
  • Execute the 'sliver' command to start the tool
  • Alternatively, download the latest release from https://github.com/BishopFox/sliver/releases
  • Refer to the Sliver wiki at https://sliver.sh/docs?name=Getting+Started for setup and usage tutorials
  • To get the latest features, compile from source following instructions at https://sliver.sh/docs?name=Compile+from+Source

Usage

>_ sliver

Launches the Sliver client/server interface after installation

>_ curl https://sliver.sh/install | sudo bash

One-liner command to install Sliver on Linux systems

Security Frameworks
Initial Access
Execution
Persistence
Command and Control
Defense Evasion
Usage Insights
  • Leverage Sliver's multiplayer mode to conduct collaborative red team exercises simulating multi-stage attacks.
  • Integrate Sliver with blue team detection tools to validate and improve detection rules and response playbooks.
  • Use Sliver's scripting capabilities to automate complex attack scenarios and customize implants for targeted testing.
  • Employ Sliver's DNS canary feature to test blue team alerting on covert C2 channels and improve network monitoring.
  • Combine Sliver with threat intelligence feeds to emulate current adversary tactics and enhance purple team training.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about sliver. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile
Red Team95%
Blue Team35%
Purple Team75%
Details
LicenseGNU General Public License v3.0
LanguageGo
Open Issues864
Topics
security-tools
implant
golang
dns-server
http
c2
command-and-control
red-team
red-teaming
red-team-engagement

Related Tools

Awesome-Hacking icon

Awesome-Hacking

Hack-with-Github/Awesome-Hacking

Documentation

A collection of various awesome lists for hackers, pentesters and security researchers

104.7K
3 months ago
hackingtool icon

hackingtool

Z4nzu/hackingtool

Tool

ALL IN ONE Hacking Tool For Hackers

54.5K
3 months ago
mitmproxy icon

mitmproxy

mitmproxy/mitmproxy

Tool

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

41.9K
3 months ago
sqlmap icon

sqlmap

sqlmapproject/sqlmap

Tool

Automatic SQL injection and database takeover tool

36.3K
3 months ago
metasploit-framework icon

metasploit-framework

rapid7/metasploit-framework

Tool

Metasploit Framework

35.7K
10 months ago
h4cker icon

h4cker

The-Art-of-Hacking/h4cker

Educational Resource

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org

24.8K
3 months ago