"Threat Actors Turn to Sliver as Open-Source Alternative to Popular C2 Frameworks"

BishopFox's Sliver is a legitimate command-and-control (C2) framework that is growing in popularity among threat actors as an open-source alternative to Cobalt Strike and Metasploit. It is a Golang-based, cross-platform post-exploitation framework designed for use in red team operations by security professionals. Its multiple features for adversary simulation, such as dynamic code generation, in-memory payload execution, and process injection, have also made it an attractive tool for threat actors seeking advanced access to the target system after obtaining an initial foothold. The software is used as a second-stage attack tool when an initial intrusion vector, such as spear-phishing or the exploitation of unpatched vulnerabilities, has already compromised a system. This article continues to discuss threat actors increasingly using Sliver as an open-source alternative to other popular C2 frameworks. 

THN reports "Threat Actors Turn to Sliver as Open-Source Alternative to Popular C2 Frameworks"