Sliver is an open-source cross-platform adversary emulation framework, written in Go. With tones of stealth and evasion techniques, aimed at providing to organizations a framework against which they can measure their detection/response capabilities.
The primary aims of this endeavor are to:
- Step-by-Step explore some features of sliver
- Understand how they're implemented in the code
- Develop detection techniques which are resistant to trivial obfuscation pipelines.
- And more importantly, to steal some Go programming tips ;)
Sliver has an amazing set of features, but what i wish to specifically explore for the moment revolve around.
- C2 over mTLS (mutual TLS)
- C2 over wireguard
- C2 over HTTP(S)
- C2 over DNS
- Dynamic compilation with per-binary asymmetric encryption keys