T1570 Lateral Tool Transfer Mappings

Adversaries may transfer tools or other files between systems in a compromised environment. Files may be copied from one system to another to stage adversary tools or other files over the course of an operation. Adversaries may copy files laterally between internal victim systems to support lateral movement using inherent file sharing protocols such as file sharing over SMB to connected network shares or with authenticated connections with SMB/Windows Admin Shares or Remote Desktop Protocol. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.



Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
virtual_private_cloud Virtual Private Cloud technique_scores T1570 Lateral Tool Transfer