diff --git a/atomics/T1089/T1089.md b/atomics/T1089/T1089.md
index 3a204074..58e645b2 100644
--- a/atomics/T1089/T1089.md
+++ b/atomics/T1089/T1089.md
@@ -22,6 +22,8 @@
 
 - [Atomic Test #9 - Disable Windows IIS HTTP Logging](#atomic-test-9---disable-windows-iis-http-logging)
 
+- [Atomic Test #10 - Uninstall Sysmon](#atomic-test-10---uninstall-sysmon)
+
 
 <br/>
 
@@ -174,3 +176,16 @@ This action requires HTTP logging configurations in IIS to be unlocked.
 C:\Windows\System32\inetsrv\appcmd.exe set config "#{website_name}" /section:httplogging /dontLog:true
 ```
 <br/>
+<br/>
+
+## Atomic Test #10 - Uninstall Sysmon
+Uninstall Sysinternals Sysmon for Defense Evasion
+
+**Supported Platforms:** Windows
+
+
+#### Run it with `command_prompt`!
+```
+sysmon -u
+```
+<br/>
diff --git a/atomics/index.md b/atomics/index.md
index 0f961080..2f9e800d 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -191,6 +191,7 @@
   - Atomic Test #7: Disable OpenDNS Umbrella [macos]
   - Atomic Test #8: Unload Sysmon Filter Driver [windows]
   - Atomic Test #9: Disable Windows IIS HTTP Logging [windows]
+  - Atomic Test #10: Uninstall Sysmon [windows]
 - T1480 Execution Guardrails [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1211 Exploitation for Defense Evasion [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1181 Extra Window Memory Injection [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 24ee6d7b..5b75afbb 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -5642,6 +5642,17 @@ defense-evasion:
         command: 'C:\Windows\System32\inetsrv\appcmd.exe set config "#{website_name}"
           /section:httplogging /dontLog:true
 
+'
+    - name: Uninstall Sysmon
+      description: 'Uninstall Sysinternals Sysmon for Defense Evasion
+
+'
+      supported_platforms:
+      - windows
+      executor:
+        name: command_prompt
+        command: 'sysmon -u
+
 '
   T1107:
     technique:
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index 0c8c9d76..ecb3aadb 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -34,6 +34,7 @@
 - [T1089 Disabling Security Tools](./T1089/T1089.md)
   - Atomic Test #8: Unload Sysmon Filter Driver [windows]
   - Atomic Test #9: Disable Windows IIS HTTP Logging [windows]
+  - Atomic Test #10: Uninstall Sysmon [windows]
 - T1480 Execution Guardrails [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1211 Exploitation for Defense Evasion [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1181 Extra Window Memory Injection [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)