EFI Campaigns Table

The EFI Campaigns Table is the central interface where users can view and manage all configured Email Fraud and Infiltration (E.F.I.) emulation campaigns. This section explains each component and column of the table, as well as the status indicators and available actions.

Status Overview

At the top of the table, you'll find a real-time status summary of all EFI campaigns:

⚪ Pending: Campaigns that have been scheduled and are currently being processed or prepared for distribution.
🟢 Active: Campaigns that are actively running. This includes email simulations that are currently being sent, opened, or interacted with by users.
🟠 Expired: Campaigns that have already concluded. The emulation time window has ended, and no further activity is expected.

These indicators help teams quickly assess the current state of all ongoing and historical campaigns.

Table Structure

Target

Displays the target operating system or platform for the campaign.

Name

The user-defined name of the campaign. It often includes tags or labels for identification.

Status

Shows the publication state of the campaign.

Distribution

Indicates the campaign distribution method. Unattended Attack Campaign Realistic and Controlled Attack Campaign

Broadcast

Method used to share or broadcast the emulation: • Link • Email • QR Code

Active

A green dot (🟢) indicates the campaign is currently active and collecting telemetry. Gray (⚫) means pending and an orange (🟠) dot indicates an expired campaign.

Creation

Timestamp of when the campaign was created, shown in relative time.

Configuration

Provides access to the campaign’s configuration details. The eye icon () opens a view-only configuration panel. More options can be found via the kebab menu (⋮).

Campaign Status

Each EFI campaign progresses through a predefined set of lifecycle stages. These statuses represent the technical and operational state of a campaign from creation to conclusion. The visual timeline indicator helps users track progress at a glance.

REGISTERED

The campaign has been created and its configuration has been saved. At this stage, the campaign is awaiting compilation and internal processing.

BUILDING

The platform is currently compiling the campaign, including generating payloads, configuring delivery methods, and preparing telemetry collection. This phase is automated and transitional.

BUILT

The campaign has been successfully compiled and is ready for publication. It contains all necessary artifacts and is staged for scheduling or execution.

PUBLISHED

The campaign is live or scheduled for execution. At this stage, distribution (email, URL, QR code) is enabled, and telemetry can begin if the operation mode is "Controlled."

FINISH / EXPIRED

The campaign has ended, either because the defined time window has passed or it was manually finalized. No further data is collected, and the results are available for analysis and reporting.

Note: Status appears grayed-out until the build completes.

Configuration

When clicking on the View () icon in the EFI Campaign Table, the user is presented with a detailed summary of the selected email campaign. This read-only panel displays all the configuration parameters and metadata associated with the emulation. The information is organized in clear sections

Campaign Metadata (Left Panel)

Name: Unique identifier of the campaign .
Description: Brief textual description of the campaign.
Campaign Start: The exact date and time when the campaign is scheduled to begin.
Campaign End: When the campaign is set to end and stop collecting telemetry.
Status: The current lifecycle stage.

Technical Configuration (Right Panel)

Target: Operating system or environment the campaign is designed for.
Operation Mode:
- Controlled: Emulation includes endpoint telemetry via the embedded EVE agent.
- Unattended: Emulation is sent without telemetry collection.
Distribution: The channel through which the simulated threat is distributed ( Email, URL, QR Code).
Delivery: Describes the routing strategy:
- Bundled with Agent. The artifact is included in the agent
- Network Download. The artifact will be downloaded separately once the payload with the embedded agent is opened.

Compiler Information (Bottom left Panel)

This section provides traceability regarding the origin of the campaign:

Compiler Name: Name provided for the compiler (payload).
Organization: Name of the organization provided for the compiler (payload).
Compiler Description: Description provided for the compiler (payload).
Compiler Icon: Visual identifier or logo tied to the campaign creator (if available).

Link / QR code (Bottom right Panel)

Provides the link or the QR generated for the campaign.

Clients

Provides a Geo-localization of the registered clients.

Each campaign row in the EFI Campaign Table includes a contextual options menu (three-dot icon ⋮) that allows users to perform actions on individual campaigns. When clicked, the following options appear:

Generate Report

Triggers the generation of a detailed report for the selected campaign. Selecting this option will redirect to Campaign Report.

Anticipated Finish

Allow manual termination of a running campaign before its scheduled expiration time. It let users finalize a campaign early and proceed to results analysis.

Delete Campaign

Removes the selected campaign from the EFI Campaign Table. This action is permanent and should be used with caution, as deleted campaigns cannot be recovered.

At the top-right corner of the EFI Campaign Table, users will find a set of interactive icons that provide quick access to essential actions and tools:

Icon

Function

Description

Search

Table Filter/Search

Opens a search field to quickly locate specific campaigns by name or metadata within the EFI table. Useful for environments with large numbers of emulations.

Refresh

Refresh Table

Reloads the table to display the most up-to-date information about campaign statuses and activity. Ensures the interface reflects recent changes or new campaigns.

Create Campaign

Add New Campaign

Opens the campaign creation wizard, allowing users to configure a new email emulation. This includes selecting distribution type, payload, scheduling, and telemetry settings.

⋮ Options Menu

Icons Module

Opens a submenu that links to the Icons Module, where users can upload or manage custom payload icons. These icons are used to make the attachment or file appear like a PDF, Word document, ZIP file, or other formats to enhance realism and user deception.

Pagination and Navigation

At the bottom of the table, users can navigate between pages and adjust how many campaigns are displayed per page using the pagination controls. The interface supports bulk management of campaigns if necessary.

PreviousAccessing the EFI Module NextAttack Campaigns Distribution

Last updated 1 month ago