From 0b3543c2c1db6629bd176dfab32e1f5435e3ebe7 Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Thu, 23 Aug 2018 00:37:54 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1069/T1069.md   | 37 +++++++++++++++++++++++++++++++++++++
 atomics/index.md         |  2 ++
 atomics/windows-index.md |  2 ++
 3 files changed, 41 insertions(+)

diff --git a/atomics/T1069/T1069.md b/atomics/T1069/T1069.md
index 158be098..77f6d1c2 100644
--- a/atomics/T1069/T1069.md
+++ b/atomics/T1069/T1069.md
@@ -28,6 +28,10 @@ Permissions Required: User</blockquote>
 
 - [Atomic Test #1 - Permission Groups Discovery](#atomic-test-1---permission-groups-discovery)
 
+- [Atomic Test #2 - Permission Groups Discovery Windows](#atomic-test-2---permission-groups-discovery-windows)
+
+- [Atomic Test #3 - Permission Groups Discovery PowerShell](#atomic-test-3---permission-groups-discovery-powershell)
+
 
 <br/>
 
@@ -44,3 +48,36 @@ dscl . -list /Groups
 groups
 ```
 <br/>
+<br/>
+
+## Atomic Test #2 - Permission Groups Discovery Windows
+Permission Groups Discovery for Windows
+
+**Supported Platforms:** Windows
+
+
+#### Run it with `command_prompt`!
+```
+net localgroup
+net group /domain
+```
+<br/>
+<br/>
+
+## Atomic Test #3 - Permission Groups Discovery PowerShell
+Permission Groups Discovery utilizing PowerShell
+
+**Supported Platforms:** Windows
+
+
+#### Inputs
+| Name | Description | Type | Default Value | 
+|------|-------------|------|---------------|
+| user | User to identify what groups a user is a member of | string | administrator|
+
+#### Run it with `powershell`!
+```
+get-localgroup
+get-ADPrinicipalGroupMembership #{user} | select name
+```
+<br/>
diff --git a/atomics/index.md b/atomics/index.md
index 36aa1fe5..500be340 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -349,6 +349,8 @@
 - T1120 Peripheral Device Discovery [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1069 Permission Groups Discovery](./T1069/T1069.md)
   - Atomic Test #1: Permission Groups Discovery [macos, linux]
+  - Atomic Test #2: Permission Groups Discovery Windows [windows]
+  - Atomic Test #3: Permission Groups Discovery PowerShell [windows]
 - [T1057 Process Discovery](./T1057/T1057.md)
   - Atomic Test #1: Process Discovery - ps [macos, centos, ubuntu, linux]
 - [T1012 Query Registry](./T1012/T1012.md)
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index 1fc460a7..eef73ab5 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -231,6 +231,8 @@
 - [T1201 Password Policy Discovery](./T1201/T1201.md)
 - T1120 Peripheral Device Discovery [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1069 Permission Groups Discovery](./T1069/T1069.md)
+  - Atomic Test #2: Permission Groups Discovery Windows [windows]
+  - Atomic Test #3: Permission Groups Discovery PowerShell [windows]
 - [T1057 Process Discovery](./T1057/T1057.md)
 - [T1012 Query Registry](./T1012/T1012.md)
   - Atomic Test #1: Query Registry [windows]