diff --git a/atomics/T1214/T1214.md b/atomics/T1214/T1214.md
index 8ecc0b91..63acf2d9 100644
--- a/atomics/T1214/T1214.md
+++ b/atomics/T1214/T1214.md
@@ -10,8 +10,10 @@ Example commands to find Registry keys related to password information: (Citatio
 ## Atomic Tests
 
 - [Atomic Test #1 - Enumeration for Credentials in Registry](#atomic-test-1---enumeration-for-credentials-in-registry)
+
 - [Atomic Test #2 - Enumeration for PuTTY Credentials in Registry](#atomic-test-2---enumeration-for-putty-credentials-in-registry)
 
+
 <br/>
 
 ## Atomic Test #1 - Enumeration for Credentials in Registry
@@ -30,10 +32,13 @@ reg query HKCU /f password /t REG_SZ /s
 
 
 
+
+
+<br/>
 <br/>
 
 ## Atomic Test #2 - Enumeration for PuTTY Credentials in Registry
-Queries to enumerate for PuTTY credentials in the Registry. (Citation: TrendMicro Trickbot Analysis)
+Queries to enumerate for PuTTY credentials in the Registry.
 
 **Supported Platforms:** Windows
 
@@ -48,4 +53,5 @@ reg query HKCU\Software\SimonTatham\PuTTY\Sessions /t REG_SZ /s
 
 
 
+
 <br/>
diff --git a/atomics/index.md b/atomics/index.md
index 30917c2b..dfbe42c6 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -673,6 +673,7 @@
   - Atomic Test #4: Access unattend.xml [windows]
 - [T1214 Credentials in Registry](./T1214/T1214.md)
   - Atomic Test #1: Enumeration for Credentials in Registry [windows]
+  - Atomic Test #2: Enumeration for PuTTY Credentials in Registry [windows]
 - T1212 Exploitation for Credential Access [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1187 Forced Authentication [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1179 Hooking](./T1179/T1179.md)
diff --git a/atomics/index.yaml b/atomics/index.yaml
index ecca15ad..50d37bab 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -19997,6 +19997,18 @@ credential-access:
         command: |
           reg query HKLM /f password /t REG_SZ /s
           reg query HKCU /f password /t REG_SZ /s
+    - name: Enumeration for PuTTY Credentials in Registry
+      description: 'Queries to enumerate for PuTTY credentials in the Registry.
+
+'
+      supported_platforms:
+      - windows
+      executor:
+        name: command_prompt
+        elevation_required: false
+        command: 'reg query HKCU\Software\SimonTatham\PuTTY\Sessions /t REG_SZ /s
+
+'
   T1179:
     technique:
       x_mitre_data_sources:
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index d048ea07..217b401e 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -485,6 +485,7 @@
   - Atomic Test #4: Access unattend.xml [windows]
 - [T1214 Credentials in Registry](./T1214/T1214.md)
   - Atomic Test #1: Enumeration for Credentials in Registry [windows]
+  - Atomic Test #2: Enumeration for PuTTY Credentials in Registry [windows]
 - T1212 Exploitation for Credential Access [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1187 Forced Authentication [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1179 Hooking](./T1179/T1179.md)