Sliver

Sliver is a cross-platform, general-purpose implant framework written in Golang. It is designed to be an open-source alternative to Cobalt Strike, offering a range of features for red team operations and security assessments.

Key Features:

• Cross-Platform Support: Operates on multiple operating systems, enhancing its versatility.
• Asymmetric Encryption: Uses asymmetric encryption for command and control (C2) communications over DNS, HTTP, HTTPS, and Mutual TLS.
• X.509 Certificates: Employs per-binary X.509 certificates signed by a per-instance certificate authority for secure communications.
• Multiplayer Mode: Supports collaborative engagements with a multiplayer mode.
• Windows User Token Manipulation: Enables privilege escalation and lateral movement.
• In-Memory .NET Assembly Execution: Facilitates the execution of .NET assemblies without writing to disk.
• Dynamic Code Generation: Supports dynamic code generation for evasion.
• Compile-Time Obfuscation: Includes compile-time obfuscation techniques to hinder reverse engineering.
• Process Injection: Allows local and remote process injection.
• Secure C2: Offers secure command and control channels over mTLS, HTTP(S), and DNS.

Use Cases:

• Red Team Operations: Simulates real-world attacks to evaluate an organization's security posture.
• Penetration Testing: Assesses the security of systems and networks by exploiting vulnerabilities.
• Security Research: Provides a platform for researching offensive security techniques.
• Incident Response: Aids in post-exploitation activities and understanding attacker behavior.