Sliver
Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority.
Description
Sliver provides a comprehensive implant framework designed for cross-platform command and control (C2) operations. The framework supports multiple C2 protocols including Mutual-TLS, HTTP(S), and DNS, making it versatile for various operational environments. Implants are generated with unique X.509 certificates signed by a per-instance certificate authority that is created when the binary is first executed.
The package includes both server and client components. The sliver-server handles server operations such as running as a daemon, exporting/importing certificate authorities, and generating operator configurations. The sliver-client provides console access and implant management capabilities through its command-line interface.
This tool is particularly useful for red team operations requiring persistent, stealthy C2 infrastructure across diverse target environments.
How It Works
Sliver operates as an implant framework where each instance generates its own certificate authority upon first execution. Implants are dynamically compiled with unique X.509 certificates signed by this CA, enabling secure Mutual-TLS communication. The framework supports C2 channels over HTTP(S) and DNS protocols, providing flexible communication options. The architecture separates server (sliver-server) and client (sliver-client) components, with the server managing implant connections and the client providing operator console access.
Installation
sudo apt install sliverFlags
Examples
sliver-client -hsliver-client consolesliver-client completionsliver-client implantsliver-client importsliver-server daemonsliver-server operator