Generate docs from job=validate_atomics_generate_docs branch=master

atomics/T1016/T1016.md

@@ -12,6 +12,8 @@ Adversaries may use the information from [System Network Configuration Discovery
 
 - [Atomic Test #3 - System Network Configuration Discovery](#atomic-test-3---system-network-configuration-discovery)
 
+- [Atomic Test #4 - System Network Configuration Discovery (Trickbot Style)](#atomic-test-4---system-network-configuration-discovery-trickbot-style)
+
 
 <br/>
 
@@ -66,4 +68,23 @@ ifconfig
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #4 - System Network Configuration Discovery (Trickbot Style)
+Identify network configuration information as seen by Trickbot and described here https://www.sneakymonkey.net/2019/10/29/trickbot-analysis-part-ii/
+
+**Supported Platforms:** Windows
+
+
+#### Run it with `command_prompt`! 
+```
+ipconfig /all
+net config workstation
+net view /all /domain
+nltest /domain_trusts
+```
+
+
+
 <br/>

atomics/index.md

@@ -614,6 +614,7 @@
   - Atomic Test #1: System Network Configuration Discovery [windows]
   - Atomic Test #2: List Windows Firewall Rules [windows]
   - Atomic Test #3: System Network Configuration Discovery [macos, linux]
+  - Atomic Test #4: System Network Configuration Discovery (Trickbot Style) [windows]
 - [T1049 System Network Connections Discovery](./T1049/T1049.md)
   - Atomic Test #1: System Network Connections Discovery [windows]
   - Atomic Test #2: System Network Connections Discovery with PowerShell [windows]

atomics/index.yaml

@@ -17560,6 +17560,21 @@ discovery:
           arp -a
           netstat -ant | awk '{print $NF}' | grep -v '[a-z]' | sort | uniq -c
           ifconfig
+    - name: System Network Configuration Discovery (Trickbot Style)
+      description: 'Identify network configuration information as seen by Trickbot
+        and described here https://www.sneakymonkey.net/2019/10/29/trickbot-analysis-part-ii/
+
+'
+      supported_platforms:
+      - windows
+      executor:
+        name: command_prompt
+        elevation_required: false
+        command: |-
+          ipconfig /all
+          net config workstation
+          net view /all /domain
+          nltest /domain_trusts
   T1049:
     technique:
       x_mitre_permissions_required:

atomics/windows-index.md

@@ -433,6 +433,7 @@
 - [T1016 System Network Configuration Discovery](./T1016/T1016.md)
   - Atomic Test #1: System Network Configuration Discovery [windows]
   - Atomic Test #2: List Windows Firewall Rules [windows]
+  - Atomic Test #4: System Network Configuration Discovery (Trickbot Style) [windows]
 - [T1049 System Network Connections Discovery](./T1049/T1049.md)
   - Atomic Test #1: System Network Connections Discovery [windows]
   - Atomic Test #2: System Network Connections Discovery with PowerShell [windows]