Getting an error with sysmon

ahmedkhlief / APT-Hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

https://shells.systems/introducing-apt-hunter-threat-hunting-tool-via-windows-event-log/

GNU General Public License v3.0

1.26k stars 238 forks source link

Getting an error with sysmon #11

Closed rangerrkm closed 3 years ago

rangerrkm commented 3 years ago

Hello,

I'm getting this error:

File "APT-Hunter.py", line 108, in evtxdetect EvtxDetection.detect_events_Sysmon_log(sysmon_path) File "C:\IR\APT-Hunter-main-Windows-V1.1-Stable\lib\EvtxDetection.py", line 2018, in detect_events_Sysmon_log if CommandLine[0].strip().find(i)>-1: IndexError: list index out of range

Using python 3.7.4 and Sysmon 13.02

Command: python APT-Hunter.py -t evtx --sysmon c:/temp3/logs/wineventlog/Sysmon.evtx -o Test_00

Thanks,

ahmedkhlief commented 3 years ago

A lot changed since April , kindly check and let me know if the issue still exist