sliver - Sliver is an open source, cross-platform adversary simulation/red team platform, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary.
Here are some example snippets to help you get started creating a container.
docker create \
--name=sliver \
-e TZ=Europe/London \
-p 443:443 \
-p 80:80 \
-p 31337:31337 \
--restart unless-stopped \
warhorse/sliver
Compatible with docker-compose v2 schemas.
---
version: "2"
services:
sliver:
image: warhorse/sliver
container_name: sliver
environment:
- TZ=Europe/London
volumes:
- <path to data>:/config
- <path to data>:/phishlets
ports:
- 443:443
- 80:80
restart: unless-stopped
Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate <external>:<internal>
respectively. For example, -p 8080:80
would expose port 80
from inside the container to be accessible from the host's IP on port 8080
outside the container.
Parameter | Function |
---|---|
-p 80 |
The port for HTTP traffic |
-p 443 |
The port for HTTPS traffic |
-e TZ=Europe/London |
Specify a timezone to use EG Europe/London |
-v /config |
sliver configs |
-v /phishlets |
sliver phishlets |
Access the webui at <your-ip>:7443
, for more information check out sliver.
- Shell access whilst the container is running:
docker exec -it sliver /bin/bash
- To monitor the logs of the container in realtime:
docker logs -f sliver
If you want to make local modifications to these images for development purposes or just to customize the logic:
git clone https://github.com/warhorse/docker-sliver.git
cd docker-sliver
docker build \
--no-cache \
--pull \
-t warhorse/sliver:latest .
- 04.19.21: - First Push