From 55c553ddd3eb3bd660a5d2d2be3f7a5a8845199b Mon Sep 17 00:00:00 2001
From: Atomic Red Team doc generator <opensource@redcanary.com>
Date: Mon, 6 Oct 2025 15:40:17 +0000
Subject: [PATCH] Generated docs from job=generate-docs branch=master [ci skip]

---
 atomics/Indexes/index.yaml       | 3 +--
 atomics/Indexes/macos-index.yaml | 3 +--
 atomics/T1553.001/T1553.001.md   | 4 ++--
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 3692e672..aa41f5d5 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -6569,10 +6569,9 @@ defense-evasion:
           type: path
           default: myapp.app
       executor:
-        command: 'sudo xattr -d com.apple.quarantine #{app_path}
+        command: 'xattr -d com.apple.quarantine #{app_path}
 
           '
-        elevation_required: true
         name: sh
   T1553.002:
     technique:
diff --git a/atomics/Indexes/macos-index.yaml b/atomics/Indexes/macos-index.yaml
index 970b5d33..ea209ba6 100644
--- a/atomics/Indexes/macos-index.yaml
+++ b/atomics/Indexes/macos-index.yaml
@@ -3500,10 +3500,9 @@ defense-evasion:
           type: path
           default: myapp.app
       executor:
-        command: 'sudo xattr -d com.apple.quarantine #{app_path}
+        command: 'xattr -d com.apple.quarantine #{app_path}
 
           '
-        elevation_required: true
         name: sh
   T1553.002:
     technique:
diff --git a/atomics/T1553.001/T1553.001.md b/atomics/T1553.001/T1553.001.md
index b0444423..1cc4f037 100644
--- a/atomics/T1553.001/T1553.001.md
+++ b/atomics/T1553.001/T1553.001.md
@@ -45,11 +45,11 @@ Gatekeeper Bypass via command line
 | app_path | Path to app to be used | path | myapp.app|
 
 
-#### Attack Commands: Run with `sh`!  Elevation Required (e.g. root or admin) 
+#### Attack Commands: Run with `sh`! 
 
 
 ```sh
-sudo xattr -d com.apple.quarantine #{app_path}
+xattr -d com.apple.quarantine #{app_path}
 ```