diff --git a/atomics/T1059.001/T1059.001.yaml b/atomics/T1059.001/T1059.001.yaml
index 1ea1fbf6..9b52b7bc 100644
--- a/atomics/T1059.001/T1059.001.yaml
+++ b/atomics/T1059.001/T1059.001.yaml
@@ -430,9 +430,9 @@ atomic_tests:
   auto_generated_guid: 999bff6d-dc15-44c9-9f5c-e1051bfc86e1
   description: |
     Red teamer's avoid IEX and Invoke-WebRequest in your PowerShell commands. Instead, host a text record with a payload to compromise hosts.
+    [reference](https://twitter.com/jstrosch/status/1237382986557001729)
   supported_platforms:
   - windows
-  reference : https://twitter.com/jstrosch/status/1237382986557001729
   executor:
     command: |
       # creating a custom nslookup function that will indeed call nslookup but forces the result to be "whoami"