Build and configure a resilient command-and-control infrastructure using BishopFox's Sliver C2 framework with redirectors, HTTPS listeners, and multi-operator support for authorized red team engagements.
cybersecurity
red-teaming
red-team
c2-framework
sliver
command-and-control
adversary-simulation
infrastructure
post-exploitation
1.0
mahipal
MIT
Building C2 Infrastructure with Sliver Framework
Overview
Sliver is an open-source, cross-platform adversary emulation framework developed by BishopFox, written in Go. It provides red teams with implant generation, multi-protocol C2 channels (mTLS, HTTP/S, DNS, WireGuard), multi-operator support, and extensive post-exploitation capabilities. Sliver supports beacon (asynchronous) and session (interactive) modes, making it suitable for both long-haul operations and interactive exploitation. A properly architected Sliver infrastructure uses redirectors, domain fronting, and HTTPS certificates to maintain operational resilience and avoid detection.
Objectives
Deploy a Sliver team server on hardened cloud infrastructure
Configure HTTPS, mTLS, DNS, and WireGuard listeners
Generate implants (beacons and sessions) for target platforms
Set up NGINX or Apache redirectors between implants and the team server
Implement Cloudflare or CDN-based domain fronting for traffic obfuscation
Configure multi-operator access with certificate-based authentication
Establish operational security controls for C2 communications
MITRE ATT&CK Mapping
T1071.001 - Application Layer Protocol: Web Protocols