What is it?

External types are payload types where the creation of the agent is handled by an external process. Because of this, the creation and loading of modules cannot be applied to an external payload type. Everything else works just fine though.

How do you know?

To see if a payload type is external or not, go to "Manage Operations" -> "Payload Management" from the top navigation bar. From there, you will see a blue light on payload types that are externally managed:

Informational Components

Despite the agent being created externally, there's still a lot that can be tracked within Apfell. Commands must still be registered (even though no code is given) and the payload type must be registered with the corresponding C2 profiles it can communicate over.

Command Transforms

For external payload types, they can still execute command transforms. This is because there's a special, super generic, external docker container running behind the scenes where these command transforms take place. This allows external payload types to still do basic text manipulation and some feature hooking within Apfell without needing a special container.