T1105 Ingress Tool Transfer Mappings

Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1105 Ingress Tool Transfer
CA-7 Continuous Monitoring Protects T1105 Ingress Tool Transfer
CM-2 Baseline Configuration Protects T1105 Ingress Tool Transfer
CM-6 Configuration Settings Protects T1105 Ingress Tool Transfer
CM-7 Least Functionality Protects T1105 Ingress Tool Transfer
SC-7 Boundary Protection Protects T1105 Ingress Tool Transfer
SI-3 Malicious Code Protection Protects T1105 Ingress Tool Transfer
SI-4 System Monitoring Protects T1105 Ingress Tool Transfer