Systems and methods for AIDA based exploit selection

What is claimed is: 1. A method for selecting a type of exploit for a simulated phishing communication, the method comprising: training a model by applying machine learning on at least one or more attributes of a plurality of users and one or more responses of a plurality of users from results of simulated phishing communications using a plurality of types of exploits, the model comprising a neural network trained to take as input one or more attributes of a user and one or more responses of the user and provides as output a type of exploit to use for that user responsive to the input; establishing, by a campaign controller, the model for selecting the type of exploit from a plurality of types of exploits to use in a simulated phishing communication to the user; identifying, by the campaign controller, the user for which to communicate the simulated phishing communication and one or more attributes of the user and one or more responses of the user to one or more simulated phishing communications; providing, by the campaign controller, each of the one or more attributes of the user and the one or more responses of the user as input to the model; receiving from the model, by the campaign controller responsive to providing the input, an output identifying a first type of exploit from the plurality of types of exploits to use for the user in the simulated phishing communication; selecting, by the campaign controller, the first type of exploit from the plurality of types of exploits, identified by the campaign controller from output of the model received by the campaign controller from the model; communicating, by the campaign controller, to the one or more devices of the user the simulated phishing communication comprising the first type of exploit selected by the campaign controller from output of the model. 2. The method of claim 1 , further comprising receiving, by the campaign controller, a response from the user to the simulated phishing communication. 3. The method of claim 2 , further comprising selecting, by the campaign controller based on at least the response, a second type of exploit for a second simulated phishing communication to be communicated to the one or more devices of the user, and communicating to the one or more devices of the user the second simulated phishing communication comprising the second type of exploit. 4. The method of claim 3 , further comprising selecting, by the campaign controller, a first template of a plurality of templates for the second simulated phishing communication, the first template comprising the second type of exploit. 5. The method of claim 3 , further comprising selecting, by the campaign controller a timing for the second simulated phishing communication. 6. The method of claim 1 , further comprising applying, by the campaign controller, one of artificial intelligence or machine learning to the results of simulated phishing communications to establish the model independent of any user establishing the model. 7. The method of claim 1 , wherein the model is a persona model trained to represent a certain type of persona or personality. 8. The method of claim 1 , wherein (b) further comprises selecting, by the campaign controller, a first template of a plurality of templates for the simulated phishing communication, the first template comprising the first type of exploit. 9. The method of claim 8 , further comprising applying, by the campaign controller to select the first template, one of artificial intelligence or machine learning to one or more of the following: one or more attributes of the user and one or more responses from the user. 10. The method of claim 8 , wherein the first template comprises a sequence of a plurality of simulated phishing communications, each of the plurality of simulated phishing communications comprising a different type of exploit of the plurality of types of exploits and a simulated phishing communication of the plurality of simulated phishing communications comprising the first type of exploit. 11. The method of claim 8 , wherein the first template comprises a sequence of a plurality of simulated phishing communications, each of the plurality of simulated phishing communications comprising a different timing between simulated phishing communications. 12. The method of claim 1 , wherein the plurality of types of exploit comprise one of a macro, an executable, a document with the executable or a link. 13. The method of claim 1 , further comprising selecting, by the campaign controller using the model, a second type of exploit of the plurality of types of exploits for a second simulated phishing communication to be communicated to one or more devices of a second user. 14. The method of claim 13 , further comprising communicating, by the campaign controller, to the one or more devices of the second user the second simulated phishing communication comprising the second type of exploit. 15. The method of claim 14 , further comprising determining, by the campaign controller, a third type of exploit to communicate via a third simulated phishing communication to the second user responsive to a response from the second user to the second simulated phishing communication. 16. A system for selecting a type of exploit for a simulated phishing communication, the system comprising: a model, stored in memory, and trained by applying machine learning to one or more attributes of a plurality of users and one or more responses of a plurality of users from results of simulated phishing communications using a plurality of types of exploits, wherein the model i-s comprises a neural network trained to take as input at least one or more attributes of a user and one or more responses of the user and provides as output a type of exploit to use for that user responsive to the input; a campaign controller executable on a processor, coupled to the memory and configured to: identify a user for which to communicate the simulated phishing communication and one or more attributes of the user and one or more responses of the user to one or more simulated phishing communications; provide each of the one or more attributes of the user and the one or more responses of the user as input to the model; receive from the model, responsive to the input, an output identifying a first type of exploit from the plurality of types of exploits to use for the user in the simulated phishing communication; select a first type of exploit from the plurality of types of exploits, identified by the campaign controller from output received by the campaign controller from the model; and communicate to the one or more devices of the user the simulated phishing communication comprising the first type of exploit. 17. The system of claim 16 , wherein the campaign controller is further configured to receive a response from the user to the simulated phishing communication. 18. The system of claim 17 , wherein the campaign controller is further configured to select, based on at least the response, a second type of exploit for a second simulated phishing communication to be communicated to the one or more devices of the user, and communicate to the one or more devices of the user the second simulated phishing communication comprising the second type of exploit. 19. The system of claim 18 , wherein the campaign controller is further configured to select a first template of a plurality of templates for the second simulated phishing communication, the first template comprising the second type of exploit.