From 2fadd2287cc6b1bd86d04c7eaf70136efce2a4aa Mon Sep 17 00:00:00 2001
From: Atomic Red Team doc generator <opensource@redcanary.com>
Date: Fri, 16 Dec 2022 21:55:22 +0000
Subject: [PATCH] Generated docs from job=generate-docs branch=master [ci skip]

---
 atomics/Indexes/index.yaml     | 8 +++-----
 atomics/T1059.001/T1059.001.md | 1 +
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index b1136a6d..1d281a64 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -46458,13 +46458,11 @@ execution:
         name: powershell
     - name: Abuse Nslookup with DNS Records
       auto_generated_guid: 999bff6d-dc15-44c9-9f5c-e1051bfc86e1
-      description: 'Red teamer''s avoid IEX and Invoke-WebRequest in your PowerShell
-        commands. Instead, host a text record with a payload to compromise hosts.
-
-        '
+      description: |
+        Red teamer's avoid IEX and Invoke-WebRequest in your PowerShell commands. Instead, host a text record with a payload to compromise hosts.
+        [reference](https://twitter.com/jstrosch/status/1237382986557001729)
       supported_platforms:
       - windows
-      reference: https://twitter.com/jstrosch/status/1237382986557001729
       executor:
         command: |
           # creating a custom nslookup function that will indeed call nslookup but forces the result to be "whoami"
diff --git a/atomics/T1059.001/T1059.001.md b/atomics/T1059.001/T1059.001.md
index e3bb4baa..5a8e543a 100644
--- a/atomics/T1059.001/T1059.001.md
+++ b/atomics/T1059.001/T1059.001.md
@@ -881,6 +881,7 @@ Invoke-AllChecks
 
 ## Atomic Test #22 - Abuse Nslookup with DNS Records
 Red teamer's avoid IEX and Invoke-WebRequest in your PowerShell commands. Instead, host a text record with a payload to compromise hosts.
+[reference](https://twitter.com/jstrosch/status/1237382986557001729)
 
 **Supported Platforms:** Windows