Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary.
- Dynamic code generation
- Compile-time obfuscation
- Local and remote process injection
- Anti-anti-anti-forensics
- Secure C2 over mTLS, HTTP(S), and DNS
- Windows process migration
- Windows user token manipulation
- Multiplayer-mode
- Procedurally generated C2 over HTTP
- Let's Encrypt integration
- In-memory .NET assembly execution
Download the latest release and see the Sliver wiki for a quick tutorial on basic setup and usage.
Do a git clone of the Sliver repo into your local $GOPATH/github.com/bishopfox/sliver and then run the build.py script (requires Docker), or for details see the wiki.
The source code repo contains the following directories:
assets/- Static assets that are embedded into the server binary, generated bygo-assets.shclient/- Client code, the majority of this code is also used by the serverprotobuf/- Protobuf codeserver/- Server-side codesliver/- Implant code, rendered by the server at runtimeutil/- Utility functions that may be shared by the server and client
Sliver is licesed under GPLv3, some subcomponets have seperate licenses. See their respective subdirectories in this project for details.