Goal

Test Sliver in realistic AD environment.

Setup

  • Install Sliver Server on VPS/local machine
  • Create lab with:
    • Windows Domain Controller
    • 1-2 Windows 10/11 Clients
    • Linux machine (optional)
  • Use tools like DetectionLab or manually configure with Sysmon, ELK, or Velociraptor

Try:

  • Deliver Sliver payload via:
    • Malicious macro document
    • HTA file or shortcut (.lnk)
  • Test commands:
    • Privilege Escalation

    • Lateral Movement

    • File Exfiltration

    • Observer Detection Logs