GitHub – BishopFox/sliver: Implant framework

One of the problems we run into a lot blueteaming is that almost everything redteam/pentesty tends to be in a rush during an engagement. Having these tools to see how our security stack stands up to them over a more realistic timeframe (or fails to more often than not) is extremely valuable. This allows us to do a far more realistic threat and/or risk assessment. So yeah, you want it to be as close to real blackhat as you can safely run.

One of my biggest problems with the old “understanding the badguys is a waste of time” attitude is that you can’t do any realistic assessment of your environment with that understanding. Your only option at that point is to blindly trust the security vendors and that’s a really fucking dangerous spot to be.


Leave a Reply