# BishopFox/sliver **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/bishopfox-sliver).** 10,707 stars · 1,452 forks · Go · gpl-3.0 ## Links - GitHub: https://github.com/BishopFox/sliver - awesome-repositories: https://awesome-repositories.com/repository/bishopfox-sliver.md ## Topics `adversarial-attacks` `adversary-simulation` `c2` `command-and-control` `dns` `dns-server` `golang` `gplv3` `http` `implant` `red-team` `red-team-engagement` `red-teaming` `security-tools` `sliver` ## Description Sliver is a command and control framework designed for adversary emulation and security assessment operations. It provides a centralized platform for managing remote systems, enabling security professionals to coordinate multi-operator sessions and maintain persistent, secure communication channels across diverse network environments. The framework distinguishes itself through its focus on stealth and infrastructure flexibility. It utilizes dynamic payload obfuscation to generate unique binaries and supports in-memory execution to minimize disk artifacts. Communication is secured through mutual TLS, WireGuard, and other standard protocols, while an asynchronous task queue ensures reliable command delivery even across intermittent network connections. Beyond its core communication capabilities, the platform supports a wide range of post-exploitation tasks, including process manipulation, token management, and network pivoting. Users can automate complex security workflows and route traffic through compromised nodes to reach isolated network segments, facilitating comprehensive testing of organizational security controls. ## Tags ### Security & Cryptography - [Command and Control Platforms](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/command-and-control-platforms.md) — Provides a centralized command and control platform for managing remote systems and coordinating multi-operator security engagements. - [Post-Exploitation Frameworks](https://awesome-repositories.com/f/security-cryptography/post-exploitation-frameworks.md) — Provides a comprehensive framework for executing post-exploitation tasks and gathering system information on remote targets. ([source](https://sliver.sh/)) - [Adversary Emulation Frameworks](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/analysis-discovery-tooling/adversarial-testing-resources/adversary-emulation-frameworks.md) — Provides a comprehensive platform for conducting adversary emulation and security assessments through coordinated remote system management. - [Command and Control Frameworks](https://awesome-repositories.com/f/security-cryptography/security/utilities/command-and-control-frameworks.md) — Coordinates multi-operator sessions and manages secure communication channels as a centralized command and control framework. - [Secure Communication Protocols](https://awesome-repositories.com/f/security-cryptography/secure-communication-protocols.md) — Maintains encrypted command channels using standard protocols like mTLS, WireGuard, HTTP, and DNS for private data transmission. ([source](https://cdn.jsdelivr.net/gh/BishopFox/sliver@master/README.md)) - [Post-Exploitation Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/post-exploitation-tools.md) — Executes post-exploitation tasks, manages system processes, and performs network pivoting to assess security controls after initial access. - [Mutual TLS Authentication](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/machine-and-protocol-identity/specialized-authentication-protocols/mutual-tls-authentication.md) — Uses mutual TLS certificate-based authentication to establish secure and verified communication tunnels between the controller and remote systems. - [Payload Development Tools](https://awesome-repositories.com/f/security-cryptography/payload-development-tools.md) — Supports the development of custom, obfuscated binaries designed to test the detection capabilities of endpoint security solutions. - [Executable Obfuscators](https://awesome-repositories.com/f/security-cryptography/payload-obfuscation/executable-obfuscators.md) — Generates unique, obfuscated binaries during the build process to evade signature-based detection by security software. - [Secure Remote Access](https://awesome-repositories.com/f/security-cryptography/secure-remote-access.md) — Establishes encrypted remote connections between the controller and target systems to ensure reliable and covert command execution. ([source](https://sliver.sh/)) - [Adversarial Testing Resources](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/analysis-discovery-tooling/adversarial-testing-resources.md) — Simulates realistic cyber attacks to evaluate the effectiveness of organizational security controls and incident response procedures. - [Communication Servers](https://awesome-repositories.com/f/security-cryptography/security/utilities/command-and-control-frameworks/communication-servers.md) — Maintains private and reliable communication with compromised systems using mTLS, WireGuard, and DNS protocols. - [Memory-Only Execution](https://awesome-repositories.com/f/security-cryptography/volatile-memory-processing/memory-only-execution.md) — Supports in-memory execution of payloads to minimize disk artifacts and evade forensic detection. - [Security Payload Generators](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/exploit-development-utilities/payload-creation-tools/security-payload-generators.md) — Automates the creation and obfuscation of custom binaries to support staged and stageless execution patterns during security assessments. ([source](https://cdn.jsdelivr.net/gh/BishopFox/sliver@master/README.md)) - [Security Token Manipulators](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools/security-token-manipulators.md) — Enables process manipulation, token management, and session migration to maintain persistent access and escalate privileges. ([source](https://cdn.jsdelivr.net/gh/BishopFox/sliver@master/README.md)) ### Operating Systems & Systems Programming - [Execution Engines](https://awesome-repositories.com/f/operating-systems-systems-programming/in-memory-decompression-runtimes/execution-engines.md) — Run binary files and code assemblies directly in system memory to perform post-exploitation tasks without writing any files to the local disk. ([source](https://cdn.jsdelivr.net/gh/BishopFox/sliver@master/README.md)) ### Networking & Communication - [Network Traffic Routing](https://awesome-repositories.com/f/networking-communication/network-traffic-routing.md) — Routes traffic through compromised hosts using TCP or named pipes to reach isolated network segments. ([source](https://cdn.jsdelivr.net/gh/BishopFox/sliver@master/README.md)) - [Network Tunnels](https://awesome-repositories.com/f/networking-communication/network-tunnels.md) — Routes traffic through compromised internal hosts to expand access and reach isolated network segments during security assessments. ### Software Engineering & Architecture - [Session Coordination](https://awesome-repositories.com/f/software-engineering-architecture/user-state-management/session-coordination.md) — Synchronizes state across a centralized server to enable multiple operators to coordinate and interact with sessions simultaneously. - [Asynchronous Task Queues](https://awesome-repositories.com/f/software-engineering-architecture/asynchronous-task-queues.md) — Implements an asynchronous task queue to ensure reliable command delivery between the controller and remote targets despite intermittent network connectivity. ### DevOps & Infrastructure - [Security Assessment Frameworks](https://awesome-repositories.com/f/devops-infrastructure/security-automation-workflows/security-assessment-frameworks.md) — Provides a centralized interface for automating complex security workflows and repetitive testing procedures. ([source](https://cdn.jsdelivr.net/gh/BishopFox/sliver@master/README.md))