Generate docs from job=validate_atomics_generate_docs branch=master

atomics/T1489/T1489.md

@@ -16,7 +16,9 @@ Adversaries may accomplish this by disabling individual services of high importa
 <br/>
 
 ## Atomic Test #1 - Windows - Stop service using Service Controller
-Stops a specified service using the sc.exe command.
+Stops a specified service using the sc.exe command. Upon execution, if the spooler service was running infomration will be displayed saying
+it has changed to a state of STOP_PENDING. If the spooler service was not running "The service has not been started." will be displayed and it can be
+started by running the cleanup command.
 
 **Supported Platforms:** Windows
 
@@ -49,7 +51,9 @@ sc.exe start #{service_name}
 <br/>
 
 ## Atomic Test #2 - Windows - Stop service using net.exe
-Stops a specified service using the net.exe command.
+Stops a specified service using the net.exe command. Upon execution, if the service was running "The Print Spooler service was stopped successfully."
+will be displayed. If the service was not running, "The Print Spooler service is not started." will be displayed and it can be
+started by running the cleanup command.
 
 **Supported Platforms:** Windows
 
@@ -82,8 +86,10 @@ net.exe start #{service_name}
 <br/>
 
 ## Atomic Test #3 - Windows - Stop service by killing process
-Stops a specified service killng the service's process. 
-This technique was used by WannaCry.
+Stops a specified service killng the service's process.
+This technique was used by WannaCry. Upon execution, if the spoolsv service was running "SUCCESS: The process "spoolsv.exe" with PID 2316 has been terminated."
+will be displayed. If the service was not running "ERROR: The process "spoolsv.exe" not found." will be displayed and it can be
+started by running the cleanup command.
 
 **Supported Platforms:** Windows
 

atomics/index.yaml

@@ -16380,9 +16380,10 @@ impact:
       identifier: T1489
     atomic_tests:
     - name: Windows - Stop service using Service Controller
-      description: 'Stops a specified service using the sc.exe command.
-
-'
+      description: |
+        Stops a specified service using the sc.exe command. Upon execution, if the spooler service was running infomration will be displayed saying
+        it has changed to a state of STOP_PENDING. If the spooler service was not running "The service has not been started." will be displayed and it can be
+        started by running the cleanup command.
       supported_platforms:
       - windows
       input_arguments:
@@ -16400,9 +16401,10 @@ impact:
 
 '
     - name: Windows - Stop service using net.exe
-      description: 'Stops a specified service using the net.exe command.
-
-'
+      description: |
+        Stops a specified service using the net.exe command. Upon execution, if the service was running "The Print Spooler service was stopped successfully."
+        will be displayed. If the service was not running, "The Print Spooler service is not started." will be displayed and it can be
+        started by running the cleanup command.
       supported_platforms:
       - windows
       input_arguments:
@@ -16420,8 +16422,11 @@ impact:
 
 '
     - name: Windows - Stop service by killing process
-      description: "Stops a specified service killng the service's process. \nThis
-        technique was used by WannaCry.\n"
+      description: |
+        Stops a specified service killng the service's process.
+        This technique was used by WannaCry. Upon execution, if the spoolsv service was running "SUCCESS: The process "spoolsv.exe" with PID 2316 has been terminated."
+        will be displayed. If the service was not running "ERROR: The process "spoolsv.exe" not found." will be displayed and it can be
+        started by running the cleanup command.
       supported_platforms:
       - windows
       input_arguments: