🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
🐍 Sliver C2 / Community Guides

Community Guides

⚠️ IMPORTANT: This content was NOT created by the Sliver authors. Please keep in mind it may be out of date or contain slight inaccuracies:

Books

  • https://nostarch.com/red-team
  • https://www.amazon.com/Adversarial-Tradecraft-Cybersecurity-real-time-computer/dp/1801076200/

Videos

  • https://youtu.be/3R6WKUgN0K4?t=456
  • https://youtu.be/watch?v=QO_1UMaiWHk
  • https://youtu.be/watch?v=izMMmOaLn9g
  • https://youtu.be/watch?v=qIbrozlf2wM
  • https://youtu.be/watch?v=CKfjLnEMfvI

Blogs

  • https://bishopfox.com/blog/passing-the-osep-exam-using-sliver
  • https://notateamserver.xyz/blog/sliver-101/
  • https://dominicbreuker.com/post/learning_sliver_c2_01_installation/
  • https://vk9-sec.com/how-to-set-up-use-c2-sliver/
  • https://0x90-1.gitbook.io/sliver/
  • https://blog.ecapuano.com/p/so-you-want-to-be-a-soc-analyst-part-ea2
  • https://wsummerhill.github.io/redteam/2023/07/25/Sliver-C2-Usage-for-Red-Teams.html
  • https://rootsecdev.medium.com/hacking-active-directory-with-sliver-c2-19d7ceabbf13
  • https://dev.to/living_syn/sliver-and-cursed-chrome-for-post-exploitation-4gnk

Opsec Blogs

  • https://tishina.in/opsec/sliver-opsec-notes

Development Blogs

  • https://github.com/thelikes/blog/blob/master/posts/sliver-bof-dev-quickstart.md
  • https://medium.com/@youcef.s.kelouaz/writing-a-sliver-c2-powershell-stager-with-shellcode-compression-and-aes-encryption-9725c0201ea8
  • https://security.humanativaspa.it/customizing-sliver-part-1/
  • https://security.humanativaspa.it/customizing-sliver-part-2/
  • https://security.humanativaspa.it/customizing-sliver-part-3/

Detection & Analysis

  • https://medium.com/@unsec.monitor/how-to-use-zeek-detect-sliver-http-beacon-traffic-f05b214c4056
  • https://www.immersivelabs.com/blog/detecting-and-decrypting-sliver-c2-a-threat-hunters-guide/
  • https://blogs.vmware.com/security/2023/01/detection-of-lateral-movement-with-the-sliver-c2-framework.html
  • https://michaelkoczwara.medium.com/sliver-c2-implant-analysis-62773928097f
  • https://blog.tofile.dev/2021/09/04/sliver.html
  • https://bherunda.medium.com/hunting-detecting-smb-named-pipe-pivoting-lateral-movement-b4382bd1df4

Threat Intel Reports

  • https://www.microsoft.com/security/blog/2022/08/24/looking-for-the-sliver-lining-hunting-for-emerging-command-and-control-frameworks/
  • https://www.cybereason.com/blog/sliver-c2-leveraged-by-many-threat-actors
  • https://www.team-cymru.com/post/sliver-case-study-assessing-common-offensive-security-tools
  • https://www.ncsc.gov.uk/files/Advisory%20Further%20TTPs%20associated%20with%20SVR%20cyber%20actors.pdf