Sliver
MITRE
Malware Type:
Tool
Tool
First seen:
Unknown
Unknown
Last seen:
Unknown
Unknown
Details:
[Sliver](https://attack.mitre.org/software/S0633) is an open source, cross-platform, red team command and control (C2) framework written in Golang. [Sliver](https://attack.mitre.org/software/S0633) includes its own package manager, "armory," for staging and downloading additional tools and payloads to the primary C2 framework.(Citation: Bishop Fox Sliver Framework August 2019)(Citation: Cybereason Sliver Undated)
Associated Techniques (23)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1001.002 | Steganography | - |
| T1003.001 | LSASS Memory | - |
| T1016 | System Network Configuration Discovery | - |
| T1027 | Obfuscated Files or Information | - |
| T1027.004 | Compile After Delivery | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1041 | Exfiltration Over C2 Channel | - |
| T1049 | System Network Connections Discovery | - |
| T1055 | Process Injection | - |
| T1059.001 | PowerShell | - |
| T1071 | Application Layer Protocol | - |
| T1071.001 | Web Protocols | - |
| T1071.004 | DNS | - |
| T1083 | File and Directory Discovery | - |
| T1090.001 | Internal Proxy | - |
Used by Actors (3)
Metadata
| ID: | 704 |
| Created: | 13/01/2026 17:48 |
| Updated: | 21/04/2026 16:00 |