From eaa3a22167a148492527763cfc6aa756a0fc092c Mon Sep 17 00:00:00 2001
From: CircleCI Atomic Red Team doc generator <email>
Date: Wed, 27 Jun 2018 11:18:16 +0000
Subject: [PATCH] Generate docs from job=validate_atomics_generate_docs
 branch=master

---
 atomics/T1077/T1077.md   | 26 ++++++++++++++++++++++++--
 atomics/index.md         |  3 ++-
 atomics/windows-index.md |  3 ++-
 3 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/atomics/T1077/T1077.md b/atomics/T1077/T1077.md
index 99c7ea33..cbe4893e 100644
--- a/atomics/T1077/T1077.md
+++ b/atomics/T1077/T1077.md
@@ -20,12 +20,14 @@ Use of domain account in administrator group on remote system or default system
 
 ## Atomic Tests
 
-- [Atomic Test #1 - TODO](#atomic-test-1---todo)
+- [Atomic Test #1 - Map admin share](#atomic-test-1---map-admin-share)
+
+- [Atomic Test #2 - Map Admin Share PowerShell](#atomic-test-2---map-admin-share-powershell)
 
 
 <br/>
 
-## Atomic Test #1 - TODO
+## Atomic Test #1 - Map admin share
 Connecting To Remote Shares
 
 **Supported Platforms:** Windows
@@ -44,3 +46,23 @@ Connecting To Remote Shares
 cmd.exe /c "net use \\#{computer_name}\#{share_name} #{password} /u:#{user_name}"
 ```
 <br/>
+<br/>
+
+## Atomic Test #2 - Map Admin Share PowerShell
+Map Admin share utilizing PowerShell
+
+**Supported Platforms:** Windows
+
+
+#### Inputs
+| Name | Description | Type | Default Value | 
+|------|-------------|------|---------------|
+| share_name | Examples C$, IPC$, Admin$ | String | C$|
+| computer_name | Target Computer Name | String | Target|
+| map_name | Mapped Drive Letter | String | g|
+
+#### Run it with `powershell`!
+```
+New-PSDrive -name #{map_name} -psprovider filesystem -root \\#{computer_name}\#{share_name}
+```
+<br/>
diff --git a/atomics/index.md b/atomics/index.md
index 9d1693af..f7864b4f 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -486,7 +486,8 @@
 - T1080 Taint Shared Content [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1072 Third-party Software [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1077 Windows Admin Shares](./T1077/T1077.md)
-  - Atomic Test #1: TODO [windows]
+  - Atomic Test #1: Map admin share [windows]
+  - Atomic Test #2: Map Admin Share PowerShell [windows]
 - [T1028 Windows Remote Management](./T1028/T1028.md)
   - Atomic Test #1: Enable Windows Remote Management [windows]
   - Atomic Test #2: PowerShell Lateral Movement [windows]
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index 28bdc779..39955382 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -288,7 +288,8 @@
 - T1080 Taint Shared Content [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1072 Third-party Software [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1077 Windows Admin Shares](./T1077/T1077.md)
-  - Atomic Test #1: TODO [windows]
+  - Atomic Test #1: Map admin share [windows]
+  - Atomic Test #2: Map Admin Share PowerShell [windows]
 - [T1028 Windows Remote Management](./T1028/T1028.md)
   - Atomic Test #1: Enable Windows Remote Management [windows]
   - Atomic Test #2: PowerShell Lateral Movement [windows]