T1015, set default input args to be a list of executables (#829)

* move emond test into correct T#

* only show cleanup with inputs if there are inputs

* set default to complete list

Co-authored-by: Tony M Lambert <ForensicITGuy@users.noreply.github.com>
Co-authored-by: Michael Haag <mike@redcanary.com>

atomics/T1015/T1015.yaml

@@ -5,17 +5,18 @@ display_name: Accessibility Features
 atomic_tests:
 - name: Attaches Command Prompt as a Debugger to a List of Target Processes
   description: |
-    This allows adversaries to execute the attached process
-    Attaches cmd.exe to osk.exe by default. Other useful values to include in parent_list include: 'sethc.exe, utilman.exe, magnify.exe, narrator.exe, DisplaySwitch.exe, atbroker.exe'.
+    Attaches cmd.exe to a list of processes. Configure your own Input arguments to a different executable or list of executables.
   supported_platforms:
     - windows
   input_arguments:
     parent_list:
-      description: Comma separated list of system binaries to which you want to attach each #{attached_process}. Default: "osk.exe"
+      description: |
+        Comma separated list of system binaries to which you want to attach each #{attached_process}. Default: "osk.exe"
       type: String
-      default: osk.exe
+      default: osk.exe, sethc.exe, utilman.exe, magnify.exe, narrator.exe, DisplaySwitch.exe, atbroker.exe
     attached_process:
-      description: "Full path to process to attach to target in #{parent_list}. Default: cmd.exe"
+      description: |
+        Full path to process to attach to target in #{parent_list}. Default: cmd.exe
       type: Path
       default: C:\windows\system32\cmd.exe