Post Exploitationimplantc2mutual-tlshttpsdnscross-platform

Sliver

Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority.

Description

Sliver provides a comprehensive implant framework designed for cross-platform command and control (C2) operations. The framework supports multiple C2 protocols including Mutual-TLS, HTTP(S), and DNS, making it versatile for various operational environments. Implants are generated with unique X.509 certificates signed by a per-instance certificate authority that is created when the binary is first executed.

The package includes both server and client components. The sliver-server handles server operations such as running as a daemon, exporting/importing certificate authorities, and generating operator configurations. The sliver-client provides console access and implant management capabilities through its command-line interface.

This tool is particularly useful for red team operations requiring persistent, stealthy C2 infrastructure across diverse target environments.

How It Works

Sliver operates as an implant framework where each instance generates its own certificate authority upon first execution. Implants are dynamically compiled with unique X.509 certificates signed by this CA, enabling secure Mutual-TLS communication. The framework supports C2 channels over HTTP(S) and DNS protocols, providing flexible communication options. The architecture separates server (sliver-server) and client (sliver-client) components, with the server managing implant connections and the client providing operator console access.

Installation

bash
sudo apt install sliver

Flags

-h, --helphelp for sliver-client
--rc stringpath to rc script file
-h, --helphelp for sliver-server

Examples

Display help for sliver-client showing available commands and flags
sliver-client -h
Start the sliver client console for operator interaction
sliver-client console
Generate the autocompletion script for the specified shell
sliver-client completion
Execute implant commands
sliver-client implant
Import a client configuration file
sliver-client import
Force start server in daemon mode
sliver-server daemon
Generate operator configuration files
sliver-server operator
Updated 2026-04-16kali.org ↗