HTML Application Attack
If you come across a bot that will click any links in emails, this is the easiest and simplest attack to attempt.
Attacks-->Packages-->HTML Application
in prompt for method select powershell & select a listener
Generate the file and save to Attacking Machine (i just save as update.hta)
Now host the file on the cobalt web server
Click the link icon on the toolbar (Host a File)
Select the created update.hta
change the local uri to update.hta
copy the created link to paste into an email to the target
Profit!!!
References