New Sliver release!
> Improvements to shell you can now manage multiple shells and swap between them!
> Windows PE metadata spoofing
> Improvements to MacOS shellcode loader
> Bug fixes
github.com/BishopFox/sl...
Updated Sliver's SGN implementation to use a wasm-based build of Keystone assembler making it easier to cross-compile to all platforms (to almost every GOOS/GOARCH)
SGN standalone: github.com/moloch--/sgn...
Wasm keystone (fork of For-ACGN)
From the team that brought you COFF Loader, CS-Situational-Awareness-BOF, and CS-Remote-OPs-BOF, we are excited to release our first on-demand class: Building BOFs. Read our new blog to find out what else we have loading for 2025! trustedsec.com/blog/on-dema...
The most fun thing is that Tailscale is also a Go library and you can just import it.
Cheers
Things I work well: Use all the resolvers on the system and send the chunks in parallel, you'll need to number them anyways and this increases performance a lot more than dynamic encoding.
I include a CRC32 as the IP (both 4 bytes) to detect corrupted data and when to re-transmit a chunk.
We should chat at OBTS! Mostly I regret trying to get too fancy, I implemented a DNS-0x20 detection, where the implant switches between Base58/32 depending on if it detects if the resolver are modifying case. This increases speed but also complexity, and I think it was a mistake, stick to Base32.
DNS is such a pain! Base32 is the way to go.
Tailwind
Stuff like this only happens in SFO in my experience, really what sets the bay area apart. You never know who's within earshot at the bar or on the BART.
Just added a whole bunch more people to my Hackers starter pack ๐ฅฐ go.bsky.app/NRP3ecE
