From 3f7f18183e37a277e285a0659edb3259ed7b42fc Mon Sep 17 00:00:00 2001
From: BF <23193931+W00glin@users.noreply.github.com>
Date: Mon, 12 Feb 2024 13:22:20 -0500
Subject: [PATCH] Update T1613.md

---
 atomics/T1613/T1613.md | 71 +++++++++++++++++++++++++++++++++++-------
 1 file changed, 60 insertions(+), 11 deletions(-)

diff --git a/atomics/T1613/T1613.md b/atomics/T1613/T1613.md
index d8428ef9..7b516740 100644
--- a/atomics/T1613/T1613.md
+++ b/atomics/T1613/T1613.md
@@ -6,21 +6,15 @@ These resources can be viewed within web applications such as the Kubernetes das
 
 ## Atomic Tests
 
-- [Atomic Test #1 - Container and ResourceDiscovery](#atomic-test-1---container-and-resourcediscovery)
-
+- [Atomic Test #1 - Docker Container and ResourceDiscovery](#atomic-test-1---container-and-resourcediscovery)
+- [Atomic Test #2 - Podman Container and ResourceDiscovery](#atomic-test-2---podman-container-and-resourcediscovery)
 
 <br/>
 
-## Atomic Test #1 - Container and ResourceDiscovery
-Adversaries may attempt to discover containers and other resources that are available within a containers environment.
-
-**Supported Platforms:** Containers
-
-
-**auto_generated_guid:** 8a895923-f99f-4668-acf2-6cc59a44f05e
-
-
+## Atomic Test #1 - Docker Container and ResourceDiscovery
+Adversaries may attempt to discover Docker containers and other resources that are available within a containers environment.
 
+**Supported Platforms:** Docker, Containers
 
 
 
@@ -64,6 +58,61 @@ sudo systemctl start docker
 ```
 
 
+## Atomic Test #2 - Podman Container and ResourceDiscovery
+Adversaries may attempt to discover Podman containers and other resources that are available within a containers environment.
+
+**Supported Platforms:** Podman, Containers
+
+
+#### Attack Commands: Run with `sh`! 
+
+
+```sh
+podman build -t t1613 $PathtoAtomicsFolder/T1613/src/
+podman run --name t1613_container -d -t t1613
+podman ps
+podman stats --no-stream
+podman inspect $(podman ps -l -q --filter ancestor=t1613)
+```
+
+#### Cleanup Commands:
+```sh
+podman stop t1613_container
+podman rmi -f t1613_container
+```
+
+
+
+#### Dependencies:  Run with `sh`!
+##### Description: Verify podman is installed.
+##### Check Prereq Commands:
+```sh
+which podman
+```
+##### Get Prereq Commands:
+```sh
+if [ "" == "`which podman`" ]; then
+    echo "Podman Not Found"
+    if [ -n "`which apt-get`" ]; then
+        sudo apt-get -y install podman
+    elif [ -n "`which yum`" ]; then
+        sudo yum -y install podman
+    fi
+else
+    echo "Podman installed"
+fi
+
+```
+##### Description: Verify docker service is running.
+##### Check Prereq Commands:
+```sh
+sudo systemctl status podman  --no-pager
+```
+##### Get Prereq Commands:
+```sh
+sudo systemctl start podman
+```
+
 
 
 <br/>