# Initial Access - [Webshells](https://red.0xbad53c.com/red-team-operations/initial-access/webshells.md): This category talks about webshells. Our aim is usually to load a C2 framework from the webshell or execute other code without spawning suspicious subprocesses from the web server process. - [Java (JSP) - Bring Your Own Jar](https://red.0xbad53c.com/red-team-operations/initial-access/webshells/java-jsp-bring-your-own-jar.md): On this page, we will explore how to reflectively load a class from a Java library and call its main method. In red team context, this can be used to stage additional java code without touching disk. - [IIS - SOAP](https://red.0xbad53c.com/red-team-operations/initial-access/webshells/iis-soap.md): This page describes how to run shellcode from a webshell with a .soap extension. Sometimes web applications use upload blacklists and forget about this extension type. - [Macro Attacks](https://red.0xbad53c.com/red-team-operations/initial-access/macro-attacks.md): This category talks about Office macro attacks, which are often used in combination with phishing to establish a foothold on the victim's machine. - [Talking Documents with SpVoice COM](https://red.0xbad53c.com/red-team-operations/initial-access/macro-attacks/talking-documents-with-spvoice-com.md): This page describes how to use the Microsoft Speech API to let your office document talk to the end user. - [Binary File Write via Microsoft Speech API](https://red.0xbad53c.com/red-team-operations/initial-access/macro-attacks/binary-file-write-via-microsoft-speech-api.md): This page describes how to use the Microsoft Speech API to write binary files from office documents. - [Mark-Of-The-Web Bypass with 7-zip](https://red.0xbad53c.com/red-team-operations/initial-access/macro-attacks/mark-of-the-web-bypass-with-7-zip.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://red.0xbad53c.com/red-team-operations/initial-access.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.