EFI Campaigns Table
The EFI Campaigns Table is the central interface where users can view and manage all configured Email Fraud and Infiltration (E.F.I.) emulation campaigns. This section explains each component and column of the table, as well as the status indicators and available actions.
Status Overview

At the top of the table, you'll find a real-time status summary of all EFI campaigns:
⚪ Pending: Campaigns that have been scheduled and are currently being processed or prepared for distribution.
🟢 Active: Campaigns that are actively running. This includes email simulations that are currently being sent, opened, or interacted with by users.
🟠 Expired: Campaigns that have already concluded. The emulation time window has ended, and no further activity is expected.
These indicators help teams quickly assess the current state of all ongoing and historical campaigns.
Table Structure

Target
Displays the target operating system or platform for the campaign.
Name
The user-defined name of the campaign. It often includes tags or labels for identification.
Status
Shows the publication state of the campaign.
Distribution
Indicates the campaign distribution method.
Unattended Attack Campaign
Realistic and Controlled Attack Campaign
Broadcast
Method used to share or broadcast the emulation:
• Link
•
Email
•
QR Code
Active
A green dot (🟢) indicates the campaign is currently active and collecting telemetry. Gray (⚫) means pending and an orange (🟠) dot indicates an expired campaign.
Creation
Timestamp of when the campaign was created, shown in relative time.
Configuration
Provides access to the campaign’s configuration details. The eye icon () opens a view-only configuration panel. More options can be found via the kebab menu (⋮).
Campaign Status
Each EFI campaign progresses through a predefined set of lifecycle stages. These statuses represent the technical and operational state of a campaign from creation to conclusion. The visual timeline indicator helps users track progress at a glance.
REGISTERED
The campaign has been created and its configuration has been saved. At this stage, the campaign is awaiting compilation and internal processing.
BUILDING
The platform is currently compiling the campaign, including generating payloads, configuring delivery methods, and preparing telemetry collection. This phase is automated and transitional.
BUILT
The campaign has been successfully compiled and is ready for publication. It contains all necessary artifacts and is staged for scheduling or execution.
PUBLISHED
The campaign is live or scheduled for execution. At this stage, distribution (email, URL, QR code) is enabled, and telemetry can begin if the operation mode is "Controlled."
FINISH / EXPIRED
The campaign has ended, either because the defined time window has passed or it was manually finalized. No further data is collected, and the results are available for analysis and reporting.
Note: Status appears grayed-out until the build completes.
Configuration
When clicking on the View () icon in the EFI Campaign Table, the user is presented with a detailed summary of the selected email campaign. This read-only panel displays all the configuration parameters and metadata associated with the emulation. The information is organized in clear sections
Campaign Metadata (Left Panel)
Name: Unique identifier of the campaign .
Description: Brief textual description of the campaign.
Campaign Start: The exact date and time when the campaign is scheduled to begin.
Campaign End: When the campaign is set to end and stop collecting telemetry.
Status: The current lifecycle stage.
Technical Configuration (Right Panel)
Target: Operating system or environment the campaign is designed for.
Operation Mode:
Controlled: Emulation includes endpoint telemetry via the embedded EVE agent.
Unattended: Emulation is sent without telemetry collection.
Distribution: The channel through which the simulated threat is distributed ( Email, URL, QR Code).
Delivery: Describes the routing strategy:
Bundled with Agent. The artifact is included in the agent
Network Download. The artifact will be downloaded separately once the payload with the embedded agent is opened.
Compiler Information (Bottom left Panel)
This section provides traceability regarding the origin of the campaign:
Compiler Name: Name provided for the compiler (payload).
Organization: Name of the organization provided for the compiler (payload).
Compiler Description: Description provided for the compiler (payload).
Compiler Icon: Visual identifier or logo tied to the campaign creator (if available).
Link / QR code (Bottom right Panel)
Provides the link or the QR generated for the campaign.
Clients
Provides a Geo-localization of the registered clients.
Campaign Options Menu (⋮)
Each campaign row in the EFI Campaign Table includes a contextual options menu (three-dot icon ⋮
) that allows users to perform actions on individual campaigns. When clicked, the following options appear:
Generate Report
Triggers the generation of a detailed report for the selected campaign. Selecting this option will redirect to Campaign Report.
Anticipated Finish
Allow manual termination of a running campaign before its scheduled expiration time. It let users finalize a campaign early and proceed to results analysis.
Delete Campaign
Removes the selected campaign from the EFI Campaign Table. This action is permanent and should be used with caution, as deleted campaigns cannot be recovered.
Top Navigation Icons
At the top-right corner of the EFI Campaign Table, users will find a set of interactive icons that provide quick access to essential actions and tools:
Icon
Function
Description
Search
Table Filter/Search
Opens a search field to quickly locate specific campaigns by name or metadata within the EFI table. Useful for environments with large numbers of emulations.
Refresh
Refresh Table
Reloads the table to display the most up-to-date information about campaign statuses and activity. Ensures the interface reflects recent changes or new campaigns.
Create Campaign
Add New Campaign
Opens the campaign creation wizard, allowing users to configure a new email emulation. This includes selecting distribution type, payload, scheduling, and telemetry settings.
⋮ Options Menu
Icons Module
Opens a submenu that links to the Icons Module, where users can upload or manage custom payload icons. These icons are used to make the attachment or file appear like a PDF, Word document, ZIP file, or other formats to enhance realism and user deception.
Pagination and Navigation
At the bottom of the table, users can navigate between pages and adjust how many campaigns are displayed per page using the pagination controls. The interface supports bulk management of campaigns if necessary.
Last updated