diff --git a/atomics/T1018/T1018.md b/atomics/T1018/T1018.md
index 76959b7a..3485c181 100644
--- a/atomics/T1018/T1018.md
+++ b/atomics/T1018/T1018.md
@@ -18,14 +18,16 @@ Utilities such as "ping" and others can be used to gather information about remo
 
 - [Atomic Test #1 - Remote System Discovery - net](#atomic-test-1---remote-system-discovery---net)
 
-- [Atomic Test #2 - Remote System Discover - ping sweep](#atomic-test-2---remote-system-discover---ping-sweep)
+- [Atomic Test #2 - Remote System Discovery - ping sweep](#atomic-test-2---remote-system-discovery---ping-sweep)
 
-- [Atomic Test #3 - Remote System Discover - arp](#atomic-test-3---remote-system-discover---arp)
+- [Atomic Test #3 - Remote System Discovery - arp](#atomic-test-3---remote-system-discovery---arp)
 
 - [Atomic Test #4 - Remote System Discovery - arp nix](#atomic-test-4---remote-system-discovery---arp-nix)
 
 - [Atomic Test #5 - Remote System Discovery - sweep](#atomic-test-5---remote-system-discovery---sweep)
 
+- [Atomic Test #6 - Remote System Discovery - nslookup](#atomic-test-6---remote-system-discovery---nslookup)
+
 
 <br/>
 
@@ -46,7 +48,7 @@ net view
 <br/>
 <br/>
 
-## Atomic Test #2 - Remote System Discover - ping sweep
+## Atomic Test #2 - Remote System Discovery - ping sweep
 Identify remote systems via ping sweep
 
 **Supported Platforms:** Windows
@@ -62,7 +64,7 @@ for /l %i in (1,1,254) do ping -n 1 -w 100 192.168.1.%i
 <br/>
 <br/>
 
-## Atomic Test #3 - Remote System Discover - arp
+## Atomic Test #3 - Remote System Discovery - arp
 Identify remote systems via arp
 
 **Supported Platforms:** Windows
@@ -107,4 +109,25 @@ for ip in $(seq 1 254); do ping -c 1 192.168.1.$ip -o; [ $? -eq 0 ] && echo "192
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #6 - Remote System Discovery - nslookup
+Powershell script that runs nslookup on cmd.exe against the local /24 network of the first network adaptor listed in ipconfig
+
+**Supported Platforms:** Windows
+
+
+#### Run it with `powershell`!  Elevation Required (e.g. root or admin) 
+```
+$localip = ((ipconfig | findstr [0-9].\.)[0]).Split()[-1]
+$pieces = $localip.split(".")
+$firstOctet = $pieces[0]
+$secondOctet = $pieces[1]
+$thirdOctet = $pieces[2]
+foreach ($ip in 1..255 | % { "$firstOctet.$secondOctet.$thirdOctet.$_" } ) {cmd.exe /c nslookup $ip}
+```
+
+
+
 <br/>
diff --git a/atomics/index.md b/atomics/index.md
index 5fcb9042..20bbb19f 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -475,10 +475,11 @@
   - Atomic Test #1: Query Registry [windows]
 - [T1018 Remote System Discovery](./T1018/T1018.md)
   - Atomic Test #1: Remote System Discovery - net [windows]
-  - Atomic Test #2: Remote System Discover - ping sweep [windows]
-  - Atomic Test #3: Remote System Discover - arp [windows]
+  - Atomic Test #2: Remote System Discovery - ping sweep [windows]
+  - Atomic Test #3: Remote System Discovery - arp [windows]
   - Atomic Test #4: Remote System Discovery - arp nix [linux, macos]
   - Atomic Test #5: Remote System Discovery - sweep [linux, macos]
+  - Atomic Test #6: Remote System Discovery - nslookup [windows]
 - [T1063 Security Software Discovery](./T1063/T1063.md)
   - Atomic Test #1: Security Software Discovery [windows]
   - Atomic Test #2: Security Software Discovery - powershell [windows]
diff --git a/atomics/index.yaml b/atomics/index.yaml
index ff5fe7ae..246d53c7 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -14016,7 +14016,7 @@ discovery:
         command: |
           net view /domain
           net view
-    - name: Remote System Discover - ping sweep
+    - name: Remote System Discovery - ping sweep
       description: 'Identify remote systems via ping sweep
 
 '
@@ -14028,7 +14028,7 @@ discovery:
         command: 'for /l %i in (1,1,254) do ping -n 1 -w 100 192.168.1.%i
 
 '
-    - name: Remote System Discover - arp
+    - name: Remote System Discovery - arp
       description: 'Identify remote systems via arp
 
 '
@@ -14067,6 +14067,23 @@ discovery:
           0 ] && echo "192.168.1.$ip UP" || : ; done
 
 '
+    - name: Remote System Discovery - nslookup
+      description: 'Powershell script that runs nslookup on cmd.exe against the local
+        /24 network of the first network adaptor listed in ipconfig
+
+'
+      supported_platforms:
+      - windows
+      executor:
+        name: powershell
+        elevation_required: true
+        command: |
+          $localip = ((ipconfig | findstr [0-9].\.)[0]).Split()[-1]
+          $pieces = $localip.split(".")
+          $firstOctet = $pieces[0]
+          $secondOctet = $pieces[1]
+          $thirdOctet = $pieces[2]
+          foreach ($ip in 1..255 | % { "$firstOctet.$secondOctet.$thirdOctet.$_" } ) {cmd.exe /c nslookup $ip}
   T1063:
     technique:
       external_references:
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index 9edb0fda..cea20bb2 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -320,8 +320,9 @@
   - Atomic Test #1: Query Registry [windows]
 - [T1018 Remote System Discovery](./T1018/T1018.md)
   - Atomic Test #1: Remote System Discovery - net [windows]
-  - Atomic Test #2: Remote System Discover - ping sweep [windows]
-  - Atomic Test #3: Remote System Discover - arp [windows]
+  - Atomic Test #2: Remote System Discovery - ping sweep [windows]
+  - Atomic Test #3: Remote System Discovery - arp [windows]
+  - Atomic Test #6: Remote System Discovery - nslookup [windows]
 - [T1063 Security Software Discovery](./T1063/T1063.md)
   - Atomic Test #1: Security Software Discovery [windows]
   - Atomic Test #2: Security Software Discovery - powershell [windows]