Cross-Platform Adversary Emulation & Red Team Framework · Written in Go
Take full command of your red team operations. Sliver is a battle-tested, open-source C2 framework purpose-built for security professionals who demand reliability, stealth, and flexibility at scale.
Built in Golang as a robust open-source alternative to Cobalt Strike, Sliver equips red teams and penetration testers with a covert, resilient communication channel to target machines — across every major OS and CPU architecture. Every implant is dynamically compiled with per-binary asymmetric encryption keys. Whether you're running solo assessments or coordinating multi-operator engagements, Sliver is built to keep up.
Sliver supports covert command and control over four transport protocols, giving operators the flexibility to adapt to heavily monitored environments. All channels use asymmetric encryption with per-binary X.509 certificates signed by a per-instance certificate authority.
Supported protocols: Mutual TLS · WireGuard · HTTP(S) · DNS
Need help? Check out the Wiki or GitHub discussion boards. You can also find us on the #sliver channel in our Discord server.
Sliver's implants are built for operational stealth. Dynamic code generation and compile-time obfuscation ensure each binary is unique. Payloads can be staged or stageless, with procedurally generated HTTP(S) C2 profiles and DNS canary detection for blue team awareness.
Run coordinated multi-operator engagements with built-in multiplayer mode. Automate and extend workflows natively — no third-party tooling required.
First-class support for Windows-specific techniques — enabling operators to move laterally and escalate privileges with precision.
The server and client run on all three major desktop platforms. Implants support the same — and potentially every target the Go compiler can reach.
macOS · Windows · Linux
assets/ - Static assets that are embedded into the server binary, generated by go-assets.shclient/ - Client code, the majority of this code is also used by the serverprotobuf/ - - Protobuf codeserver/ -Server-side codesliver/ - Implant code, rendered by the server at runtimeutil/ - Utility functions that may be shared by the server and client
Workshop
Sliver Workshop Part 3: Building Better Encoders
Explore how Sliver handles traffic encoding by default and how attackers can extend its capabilities with custom Wasm-based encoders.
Workshop
Sliver Workshop Part 2: Staging & Automation
Explore Sliver’s new implant staging process and demonstrate basic CLI automation features. We’ll also walk through Sliver’s supported pivot types for lateral movement.
Workshop
Sliver Workshop Part 1: Getting Started & 1.6 Features
Watch an interactive workshop led by Bishop Fox Senior Security Consultant, Tim Ghatas, as we dive into Sliver, the open-source C2 framework making waves in Red Team ops.
Workshop
Sliver Mastery: Dominating Active Directory Through Advanced Trust Exploitation
How to use the Sliver C2 framework to develop advanced offensive security skills. Arm yourself with the knowledge and skills of enumeration, lateral movement, and escalation techniques from first-hand experience in a vulnerable lab environment.
Workshop
Ace the OSEP Exam with Sliver Framework
Unlock the secrets of passing the OSEP exam with our senior security expert, Jon Guild. Join us as Jon shares his invaluable tips and tricks for conquering this benchmark exam designed for penetration testers.
Ronan Kervella (OSCP) is a Senior Security Consultant at Bishop Fox, where he focuses on red teaming, internal penetration testing and hybrid application assessments. He is the author of multiple open source-tools and is an active contributor to the Sliver framework. He has advised Fortune 500 brands and startups in industries such as media, healthcare, and software development. GitHub: rkervella
Joe DeMesy is a Bishop Fox Alumnus. Joe is an expert in secure development, proficient in several programming languages, and is a leading contributor to various open source projects.Joe is a noted expert in the field of information security, having been quoted in Market Watch, NPR, InformationWeek, and Dark Reading. He has also presented his research at conferences such as BSidesLV, Kiwicon, BlackHat and private conferences hosted by the US Department of Defense. GitHub: moloch--
Sliver is open source and built for the offensive security community. Star the repo, file issues, contribute templates, or fork it for your own research.
This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.
