Hacking Tools

ShellOpsLog : A Lightweight Command Logger

ShellOpsLog is a versatile tool designed to capture and log all executed commands during various operations, such as red and purple team engagements.

It provides a lightweight solution for tracking command history without recording their output. The logged commands are saved in a CSV file, making it easy to analyze and include in client deliverables or internal reviews.

Key Features

  • Portability: ShellOpsLog functions are portable, allowing deployment on remote hosts via SSH or RDP, providing flexibility in logging commands across different environments.
  • CSV Output: Logs are saved in a CSV format with columns for Timestamp, User, Path, and Command, facilitating easy review and analysis.
  • Responsibility: Users are reminded to be responsible for their actions when using this tool.

ShellOpsLog offers two primary implementations:

  1. Bash/Zsh Version (ShellOpsLog.sh):
    • Utilizes shell hooks like PROMPT_COMMAND in Bash or preexec in Zsh to log commands in Unix-based shells.
    • Usage:
      • Place the script in your filesystem or clone the repository.
      • Add source /path/to/ShellOpsLog.sh to your shell startup file (e.g., ~/.bashrc or ~/.zshrc).
      • Open a new terminal and manually call or uncomment the auto-start line at the bottom of the script.
      • Optionally specify a custom log directory with start_operation_log ~/Projects/MyClient.
      • Stop logging with stop_operation_log.
  2. PowerShell Version (Microsoft.PowerShell_profile.ps1):
    • Automatically logs commands in PowerShell sessions.
    • Usage:
      • Copy the script into your PowerShell profile file.
      • If the file doesn’t exist, create it with New-Item -ItemType File -Path $PROFILE -Force.
      • Restart PowerShell or open a new tab.
      • Manually call or uncomment the auto-start line.
      • Optionally specify a custom log directory with Start-OperationLog "C:\Projects\MyClient".
      • Stop logging with Stop-OperationLog.

While CMD support is available, it currently has limitations and is slated for updates in the future.

ShellOpsLog provides a simple yet effective way to track command history across different shell environments, making it a valuable tool for maintaining a clear record of activities during various operational engagements.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

5 days ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

5 days ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

6 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

1 week ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

1 week ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

1 week ago