PentLog¶
Evidence-first penetration testing logger. Capture every command, find anything, prove everything.
Quick Install¶
Get started in under a minute:
curl -sSf https://raw.githubusercontent.com/aancw/pentlog/main/install.sh | sh
pentlog setup
pentlog create
pentlog shell
Full Installation Guide Quick Start Tutorial
What is PentLog?¶
PentLog is a professional terminal logging tool designed for penetration testers, security researchers, and compliance auditors. Built on ttyrec technology with a modern Virtual Terminal Emulator, it captures every command and output with perfect fidelity — preserving ANSI colors, cursor movements, and terminal state for flawless evidence.
Features¶
High-Fidelity Recording
Capture every keystroke with Virtual Terminal Emulator. ANSI colors, cursor movements, and redraws preserved perfectly.
Powerful Search
Find any command across all sessions instantly. Regex support, boolean operators (AND, OR, NOT), and live incremental search.
Compliance Reports
Generate Markdown/HTML reports with integrity hashes, encrypted archives, and detailed audit trails ready for delivery.
AI Analysis
Summarize findings with Google Gemini or local Ollama LLM. Get executive summaries and vulnerability insights automatically.
Live Sharing
Share terminal sessions in real-time via browser. Viewers see full history with dark-themed xterm.js viewer.
Crash Recovery
Protect evidence from SSH disconnects, OOM kills, and unexpected crashes. Automatic heartbeat and stale session detection.
Why PentLog?¶
The Problem with Traditional Logging¶
Using script, tmux, or basic shell redirection during pentests creates fragmented, unsearchable, unmaintainable evidence:
| Issue | Impact |
|---|---|
| Lost commands | Mixed with noise, impossible to extract context |
| No integrity | How do you prove logs weren't tampered with? |
| Manual reports | Hours spent copying/pasting into documents |
| Evidence gaps | ANSI codes, terminal artifacts, overwrites break readability |
| Compliance nightmares | No audit trails, no encrypted archives |
How PentLog Solves It¶
| Solution | Benefit |
|---|---|
| Evidence-First Design | Every command + output captured with perfect fidelity |
| Context & Metadata | Automatic timestamps, operator tracking, client/engagement organization |
| Searchable Everything | Find any command across all sessions with regex + boolean operators |
| Compliance-Ready | Integrity hashes, AES-256 encrypted archives, detailed audit trails |
| Reports in Minutes | Auto-generate Markdown/HTML with AI-powered summaries |
Who is PentLog For?¶
-
Penetration Testers
Capture every command during client engagements. Generate compliance-ready reports with perfect terminal fidelity. Organize by Client → Engagement → Phase.
-
Compliance Auditors
Maintain tamper-proof logs with integrity hashes. Create AES-256 encrypted archives for secure evidence delivery. Detailed audit trails for regulators.
-
Certification Students
Document every step for OSCP, PNPT, HTB writeups. Search across sessions to find any command. Export clean Markdown reports instantly.
-
Red Teamers
Record reproducible, timestamped sessions. Replay with exact timing. Share live sessions with teammates via browser.
Architecture Overview¶
flowchart TB
subgraph Input["User Input"]
Shell["Shell Session"]
Notes["Notes & Bookmarks"]
Vulns["Vulnerability Markers"]
end
subgraph Core["PentLog Core"]
TTY["TTY Recorder"]
VTE["Virtual Terminal Emulator"]
DB[(SQLite Database)]
end
subgraph Output["Output & Analysis"]
Search["Search Engine"]
Export["Report Export"]
AI["AI Analysis"]
Archive["Encrypted Archives"]
end
Shell --> TTY
TTY --> VTE
VTE --> DB
Notes --> DB
Vulns --> DB
DB --> Search
DB --> Export
Export --> AI
Export --> ArchiveCommunity & Support¶
-
GitHub Repository
Star us, report issues, and contribute to the project.
-
Issue Tracker
Found a bug? Have a feature request? Let us know!
-
Discussions
Ask questions, share ideas, and connect with the community.
Made for professionals. Evidence-first. No compromises. — Documentation built with Zensical.