diff --git a/atomics/T1065/T1065.yaml b/atomics/T1065/T1065.yaml
new file mode 100644
index 00000000..f96d5738
--- /dev/null
+++ b/atomics/T1065/T1065.yaml
@@ -0,0 +1,50 @@
+---
+attack_technique: T1065
+display_name: Adversaries may conduct C2 communications over a non-standard port to bypass proxies and firewalls.
+
+atomic_tests:
+- name: Testing usage of uncommonly used port with PowerShell
+  description: |
+    Testing uncommonly used port utilizing PowerShell
+
+  supported_platforms:
+    - windows
+
+  input_arguments:
+    port:
+      description: Specify uncommon port number
+      type: String
+      default: 8081
+    hostname:
+      description: Specify target hostname
+      type: String
+      default: google.com
+
+  executor:
+    name: powershell
+    command: |
+      test-netconnection -ComputerName #{hostname} -port #{port}
+
+- name: Testing usage of uncommonly used port
+  description: |
+    Testing uncommonly used port utilizing telnet.
+
+  supported_platforms:
+    - linux
+    - macos
+
+  input_arguments:
+    port:
+      description: Specify uncommon port number
+      type: String
+      default: 8081
+    hostname:
+      description: Specify target hostname
+      type: String
+      default: google.com
+
+  executor:
+    name: sh
+    command: |
+      telnet #{hostname} #{port}
+