T1105 Ingress Tool Transfer Mappings

Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1105 Ingress Tool Transfer
CA-7 Continuous Monitoring Protects T1105 Ingress Tool Transfer
CM-2 Baseline Configuration Protects T1105 Ingress Tool Transfer
CM-6 Configuration Settings Protects T1105 Ingress Tool Transfer
CM-7 Least Functionality Protects T1105 Ingress Tool Transfer
SC-7 Boundary Protection Protects T1105 Ingress Tool Transfer
SI-3 Malicious Code Protection Protects T1105 Ingress Tool Transfer
SI-4 System Monitoring Protects T1105 Ingress Tool Transfer
alerts_for_windows_machines Alerts for Windows Machines technique_scores T1105 Ingress Tool Transfer
azure_defender_for_storage Azure Defender for Storage technique_scores T1105 Ingress Tool Transfer
azure_defender_for_storage Azure Defender for Storage technique_scores T1105 Ingress Tool Transfer
azure_sentinel Azure Sentinel technique_scores T1105 Ingress Tool Transfer
azure_defender_for_app_service Azure Defender for App Service technique_scores T1105 Ingress Tool Transfer
microsoft_antimalware_for_azure Microsoft Antimalware for Azure technique_scores T1105 Ingress Tool Transfer
microsoft_antimalware_for_azure Microsoft Antimalware for Azure technique_scores T1105 Ingress Tool Transfer