donut

Learning Sliver C2 (09) - Execute Assembly

28 minute read Published:

Deep-dive into the execute-assembly command Sliver provides for .NET assembly execution. I show how to use the command as well as how it works under the hood (Donut). On top there are some notes on detection.
Sliver C2 This post is part of a tutorial blog post series on Sliver C2 (currently on v1.5.30). For an overview: click here. Introduction We went through the most basic implant commands in post 8, but sometimes you may want to do a bit more than just that. Its great that your Sliver implant can read files or registry keys but it would be better if you could use it as a launchpad for all of the sophisticated attack tools that already exist out there.