From df6ed4a300a16352bdfaf85b445e560a76d60e05 Mon Sep 17 00:00:00 2001
From: Mo Amiri <mo.amiri@bt.com>
Date: Thu, 31 May 2018 00:52:47 +0100
Subject: [PATCH] Formatting

---
 .DS_Store                | Bin 0 -> 8196 bytes
 atomics/T1050/T1050.yaml |   2 --
 atomics/T1070/T1070.yaml |   9 ---------
 atomics/T1098/T1098.yaml |   4 ----
 atomics/T1173/T1173.yaml |   1 -
 atomics/T1197/T1197.yaml |   2 --
 6 files changed, 18 deletions(-)
 create mode 100644 .DS_Store

diff --git a/.DS_Store b/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..b44f269c7f97bd0f8f00bf00ddc8e3a3fa76bf85
GIT binary patch
literal 8196
zcmeHM-EPw`82#LCG~GZe(xmM&H%MHJshbcLLP(|Cgevi;Wv~lCUD9S-v^1I8lnzQ!
zZ+Hjb4R{o;xa2{2063p*rX<~vxIs+Vl6@TeJC1$)Ij&tI5{*G;jcA#OEJVi2Jd!g4
z*K?c-1zmC#D8MJ$CzslkP`?>YS(^f*fKk9GU=%P47zO?X1+Zsxu+G`{Rjo;l0!D%V
zQUU%x*ocgEjT43P(}6@D0e~|omH~O310=`RSl2jFD5+>uogRdy3Vp;7ijI1l&4G1|
z6NQRSLeWX+Hw%425%TTe+0vXuU7<;h0!D#p1^Db<rhBwaI~1hP?{V7;V-K~wpza`E
z{~-f%L`yj5Clpf`oHpH{9{JP(CO{XZt8{=|m-=)JY&XMnYho$a+CrwamTs-}tF<hf
zKIhn_3>!BOnRmVay|p*&AM0^`@s7iwpH!>gM4>n{d#PkubJpCIxtGpiJaiH_8T1=&
z?>Rp`ag#$&=Xc^bJk7h_v%nv=DvKL&l(<3U_ar&!_%L~~8$_LW*oX&Fr!U)aRE1@g
zt#YffJQ}Unsw?(-wK`t0N4IaTt=P9}weh%YEnQo?+uZBEelvPIe)kbWLJ;~(NDJ!u
zH2s8JPLx+pFAC%6fN6+D@-T5xPO9&yNl$WxHs~=uf@5q`lN$6Cxuz^}Fu`5wWcdX*
z$6v(MpYZh408<&jT_U*1KBkvl#HS%jdUV8>Md>Lke9g5}qWiG!f*DXqe%4yL=7*GP
zUd~#hry<_crlTB>-6+kQrw16_25n))4$@Wh`Gk@zOS*2FH47G$#0XDvmh5<G%OX9*
zxbsVaHBVcWq4gG)<0h=R4`-{KX3Sz%d@MA1={BWf+OkBuvacQJG0dyZItnYLBRa;e
zVr#5xoG9cfu9v$o(Cq&#hzUl43#33%^>vxg|6AwZ|6iaHnXVcIi~@hEfSB2IHXC5c
zUHuF;@A5X{9wG;}n<$hNB$*!qcs~8Z5P2J>%&BXfC`1W@xd@Oln8YaXR~7gPIk+Yw

literal 0
HcmV?d00001

diff --git a/atomics/T1050/T1050.yaml b/atomics/T1050/T1050.yaml
index 38434dfd..36cd2050 100644
--- a/atomics/T1050/T1050.yaml
+++ b/atomics/T1050/T1050.yaml
@@ -20,8 +20,6 @@ atomic_tests:
 
   supported_platforms:
     - windows
-  input_arguments:
-
   executor:
     name: powershell
     command: |
diff --git a/atomics/T1070/T1070.yaml b/atomics/T1070/T1070.yaml
index 1c5e738e..c9319649 100644
--- a/atomics/T1070/T1070.yaml
+++ b/atomics/T1070/T1070.yaml
@@ -6,7 +6,6 @@ atomic_tests:
 - name: Clear  Logs
   description: |
     Clear Windows Event Logs
-
   supported_platforms:
     - windows
   input_arguments:
@@ -14,33 +13,25 @@ atomic_tests:
       description: Windows Log Name, ex System
       type: String
       default: System
-
   executor:
     name: command_prompt
     command: |
       evtutil cl #{log_name}
-
 - name: FSUtil
   description: |
     Manages the update sequence number (USN) change journal, which provides a persistent log of all changes made to files on the volume.
-
   supported_platforms:
     - windows
-  input_arguments:
-
   executor:
     name: command_prompt
     command: |
       fsutil usn deletejournal /D C:
-
 - name: rm -rf
   description: |
     Delete system and audit logs
-
   supported_platforms:
     - macos
     - linux
-
   executor:
     name: sh
     command: |
diff --git a/atomics/T1098/T1098.yaml b/atomics/T1098/T1098.yaml
index 43baa340..05886865 100644
--- a/atomics/T1098/T1098.yaml
+++ b/atomics/T1098/T1098.yaml
@@ -6,12 +6,8 @@ atomic_tests:
 - name: Admin Account Manipulate
   description: |
     Manipulate Admin Account Name
-
   supported_platforms:
     - windows
-
-  input_arguments:
-
   executor:
     name: powershell
     command: |
diff --git a/atomics/T1173/T1173.yaml b/atomics/T1173/T1173.yaml
index 6a38bc08..55b6d044 100644
--- a/atomics/T1173/T1173.yaml
+++ b/atomics/T1173/T1173.yaml
@@ -12,7 +12,6 @@ atomic_tests:
 
   executor:
     name: manual
-    command: |
     steps: |
       Open Microsoft Word
 
diff --git a/atomics/T1197/T1197.yaml b/atomics/T1197/T1197.yaml
index 8ef540f0..53753e6d 100644
--- a/atomics/T1197/T1197.yaml
+++ b/atomics/T1197/T1197.yaml
@@ -10,7 +10,6 @@ atomic_tests:
 
   supported_platforms:
     - windows
-  input_arguments:
   executor:
     name: command_prompt
     command: |
@@ -21,7 +20,6 @@ atomic_tests:
     and execute a payload leveraging PowerShell
   supported_platforms:
     - windows
-  input_arguments:
   executor:
     name: powershell
     command: |