BSides Birmingham 2023

Sliver Me Timbers: A C2 Alternative to Cobalt Strike
10-28, 13:00–13:50 (US/Central), Alumni Theater

Cobalt Strike is the go-to C2 framework for security professionals and cyber criminal. Cobalt Strike's popularity has come at a cost to red teamers. It has become heavily signatured and requires a lot of customization to bypass a competent blue team.

Cobalt Strike is an excellent C2 framework, but it is not always accessible for everyone to use. Plus, the required customization to bypass modern security tools can be a high barrier to entry for most folks. Sliver is an excellent alternative to Cobalt Strike and is free. This will be mainly a technical presentation on the ins and outs of Sliver. It will briefly touch on EDR evasion but we won't get into great detail. It will cover some advanced features of Sliver to help make it an ideal tool for both red and blue teams to use in their environments.

The goal is to have the audience walk away with a better understanding of Sliver and how to do some basic testing of Sliver.

Talk Categories

Red, Purple, Beginner, Advanced, Technical

Founder and Chief Hacking Officer of White Box Security. Steven is a seasoned veteran of the network security space with over 17 years of experience in both offensive and defensive roles. Steven has been focused on penetration testing and red teaming for over a decade.