ShellOpsLog : A Lightweight Command Logger

ShellOpsLog is a versatile tool designed to capture and log all executed commands during various operations, such as red and purple team engagements.

It provides a lightweight solution for tracking command history without recording their output. The logged commands are saved in a CSV file, making it easy to analyze and include in client deliverables or internal reviews.

Key Features

• Portability: ShellOpsLog functions are portable, allowing deployment on remote hosts via SSH or RDP, providing flexibility in logging commands across different environments.
• CSV Output: Logs are saved in a CSV format with columns for Timestamp, User, Path, and Command, facilitating easy review and analysis.
• Responsibility: Users are reminded to be responsible for their actions when using this tool.

ShellOpsLog offers two primary implementations:

1. Bash/Zsh Version (ShellOpsLog.sh):
   • Utilizes shell hooks like PROMPT_COMMAND in Bash or preexec in Zsh to log commands in Unix-based shells.
   • Usage:
     • Place the script in your filesystem or clone the repository.
     • Add source /path/to/ShellOpsLog.sh to your shell startup file (e.g., ~/.bashrc or ~/.zshrc).
     • Open a new terminal and manually call or uncomment the auto-start line at the bottom of the script.
     • Optionally specify a custom log directory with start_operation_log ~/Projects/MyClient.
     • Stop logging with stop_operation_log.
2. PowerShell Version (Microsoft.PowerShell_profile.ps1):
   • Automatically logs commands in PowerShell sessions.
   • Usage:
     • Copy the script into your PowerShell profile file.
     • If the file doesn’t exist, create it with New-Item -ItemType File -Path $PROFILE -Force.
     • Restart PowerShell or open a new tab.
     • Manually call or uncomment the auto-start line.
     • Optionally specify a custom log directory with Start-OperationLog "C:\Projects\MyClient".
     • Stop logging with Stop-OperationLog.

While CMD support is available, it currently has limitations and is slated for updates in the future.

ShellOpsLog provides a simple yet effective way to track command history across different shell environments, making it a valuable tool for maintaining a clear record of activities during various operational engagements.