> For the complete documentation index, see [llms.txt](https://kwcsec.gitbook.io/the-red-team-handbook/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://kwcsec.gitbook.io/the-red-team-handbook/techniques/initial-access/staging-stagers.md). # Staging/Stagers Stagers are used to: keep payload smalls, appear non malicious, and avoid detection. This will keep things nice and simple and will reduce the complexity of our payloads. Here are a list of stages, and their purpose: **STAGE 0** * Also known as Droppers and Loaders * Burnable and ready to adapt to new methods * Used for Initial payload delivery * Detecting defenses such as security products and application whitelisting * Used for bypassing such defenses like application whitelisting and amsi * facilitate transfer into the other stages **STAGE 1** * This is used for persistence and such * Used for situational awareness and information gathering * Will be the long term beacon * Will usually have robust communication, and will be very stable **STAGE 2** * This is where the fun starts * Privilege escalation * lateral movement * Network enumeration * AD attacks and credential access **STAGE 3** * The exfiltration phase * Find and extract sensitive data * encrypt traffic, uses traffic tunneling --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://kwcsec.gitbook.io/the-red-team-handbook/techniques/initial-access/staging-stagers.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.