Build a custom Package
This guide walks you through building a custom Package in the Targeting configuration.
For background on what Packages are and how they fit into Targeting, see Targeting.
Open the Packages tab
From the Targeting application, select the Configuration tab in the top navigation, then click Packages.
Create a new blank Package
Click the + New dropdown on the left side of the screen. You have two options:
- New blank package: Start from scratch with no pre-configured triggers or settings
- Clone an existing package: Copy an existing Package as a starting point and edit from there
For this guide, select New blank package. Method creates the Package and adds it to your list.
Open the edit form
With the new Package selected, click the Edit button in the top-right corner. This opens the full Package configuration form.
Configure the Package
Name and description
Give the Package a clear name and an optional description that explains what it targets and why.
For this example:
- Name:
Cloud Bucket Targeting Package - Description:
Targets vulnerabilities in cloud buckets.
Triggers
Triggers are the asset filters that decide which assets this Package enrolls as Targets. Use the Select dropdown to add one or more Triggers.
For this cloud bucket Package, select:
- Cloud Bucket: cloud storage buckets discovered in the Environment
- Exposed Database: databases with externally accessible interfaces
- Known Software Application: assets running software versions with known vulnerabilities
- Cloud Bucket with Open Access: cloud buckets with publicly accessible permissions
Environments
Set which Environments this Package runs against. Leave it set to Every environment to apply the Package wherever its Triggers match, including Environments added later.
Rules of Engagement
Rules of Engagement control how far automation proceeds before requiring your approval. The options are:
- Full auto: No gates. Agents run through validation, pentest, and exploitation without stopping.
- Stop after Validation: Auto-validate, then wait for your approval before running the pentest or exploit Agent.
- Stop after Pentest: Auto-validate and auto-pentest, then wait for your approval before exploitation.
- Manual only: Every transition requires explicit approval, starting with validation.
For this Package, select Stop after Validation. Agents will validate findings automatically before any pentest or exploit activity runs, and pause for your approval at that point.
Agents
Select which Agents run against assets this Package enrolls as Targets. The Package has three Agent slots: Validation Agent, Pentest Agent, and Exploit Agent. Each slot corresponds to a stage in the Targeting funnel and only runs if your Rules of Engagement allow it to proceed.
Method surfaces pre-built Agents that are compatible with the Package’s Triggers. Search for an Agent or browse the suggestions. For this Package, select Challenger Object Cloud Bucket Validation as the Validation Agent. It is the closest match to the cloud bucket trigger set configured above.
If no existing Agent fits your needs, you can build one. See Create an Agent for a full walkthrough.
Save the Package
Click Save in the top-right corner. Method saves the Package and makes it available for selection when you set up a Campaign.
To deploy it, start a new Campaign and select this Package in the Targeting step. See Start a new Campaign for a walkthrough.