Added procedural variation to include PowerShell execution and WMIC (#1801)

* Added procedural variation to include PowerShell execution and WMIC

* Removed empty GUID lines

* Changed wmic to only command_prompt instead of powershell and command_prompt

Co-authored-by: Tim Schulz <tim@scythe.io>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>

atomics/T1057/T1057.yaml

@@ -34,4 +34,36 @@ atomic_tests:
     command: |
       tasklist
     name: command_prompt
+- name: Process Discovery - Get-Process
+  description: |
+    Utilize Get-Process PowerShell cmdlet to identify processes.
 
+    Upon successful execution, powershell.exe will execute Get-Process to list processes. Output will be via stdout. 
+  supported_platforms:
+  - windows
+  executor:
+    command: |
+      Get-Process
+    name: powershell
+- name: Process Discovery - get-wmiObject
+  description: |
+    Utilize get-wmiObject PowerShell cmdlet to identify processes.
+
+    Upon successful execution, powershell.exe will execute get-wmiObject to list processes. Output will be via stdout. 
+  supported_platforms:
+  - windows
+  executor:
+    command: |
+      get-wmiObject -class Win32_Process
+    name: powershell
+- name: Process Discovery - wmic process
+  description: |
+    Utilize windows management instrumentation to identify processes.
+
+    Upon successful execution, WMIC will execute process to list processes. Output will be via stdout. 
+  supported_platforms:
+  - windows
+  executor:
+    command: |
+      wmic process get /format:list
+    name: command_prompt