diff --git a/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py
index ea608b85d..ee6c02f58 100644
--- a/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py
+++ b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py
@@ -9,3 +9,6 @@ def get_linux_timestomping_commands():
         f'cat {TEMP_FILE} ; '
         f'rm {TEMP_FILE} -f'
     ]
+
+
+# Commands' source: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1070.006/T1070.006.md
diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py
index c18baabfc..9f23193f7 100644
--- a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py
+++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py
@@ -3,3 +3,6 @@ TEMP_FILE = 'monkey-timestomping-file.txt'
 
 def get_windows_timestomping_commands():
     return 'powershell.exe infection_monkey/post_breach/timestomping/windows/timestomping.ps1'
+
+
+# Commands' source: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1070.006/T1070.006.md