Tool Comparison¶
See how PentLog compares to traditional terminal logging tools and why professionals choose it for security engagements.
Feature Comparison Matrix¶
- Full Support
- Partial Support
- Not Supported
| Feature | script |
tmux |
PentLog |
|---|---|---|---|
| Terminal Fidelity | |||
| Full-Text Search | |||
| Automatic Organization | |||
| Timestamps | |||
| Compliance Ready | |||
| Session Replay | |||
| Report Generation | |||
| Database Index | |||
| Live Sharing | |||
| Crash Recovery | |||
| AI Analysis | |||
| GIF Export |
Detailed Breakdown¶
Terminal Fidelity¶
- Captures raw output stream
- Breaks on ANSI escape codes
- Cursor movements not handled
- Terminal artifacts in output
Not suitable for evidence
Output contains garbled text from cursor movements and color codes.
- Better than
script - Captures pane content
- Missing redraws and some sequences
- Lossy capture
Partial fidelity
Some terminal sequences are lost, especially during rapid output.
- Virtual Terminal Emulator
- Perfect fidelity: colors, overwrites, redraws
- What you see is exactly what you get
Evidence-grade quality
Every visual element is captured with perfect accuracy.
Search Capability¶
- Manual
greponly - No metadata or context
- Session-by-session files
- No cross-session search
- Copy mode (current session only)
- No search history
- No regex support
- Full-text search across all sessions
- Regex support:
pentlog search "nmap.*-sV" --regex - Boolean operators:
AND,OR,NOT - Filter by date, client, engagement
- Interactive TUI with live results
:material-folder-tree: Organization¶
- Manual file naming
- No structure or hierarchy
- Easy to lose track
- Flat file organization
- Session names only
- No hierarchy
- Limited metadata
- Client → Engagement → Phase hierarchy
- Automatic organization
- Context-aware operations
- SQLite database index
Compliance¶
- No integrity verification
- No encryption
- No audit trail
- Not admissible as evidence
- SHA256 integrity hashes (
pentlog freeze) - AES-256 encrypted archives
- Detailed audit trails
- Timestamped everything
- Compliance-ready
When to Use Each Tool¶
-
Use
scriptwhen:
- Quick one-off logging
- No compliance requirements
- Simple debugging
- Need universal availability (pre-installed)
-
Use
tmuxwhen:
- Need session persistence
- Multiple windows/panes required
- Remote work with reconnect capability
- Team screen sharing
-
Use PentLog when:
- Professional penetration testing
- Compliance requirements (SOC2, ISO27001)
- Evidence documentation for legal
- Client report generation
- Long-term organization needed
- Audit trail required
Migration Guide¶
From script¶
Before vs After
From tmux¶
Before vs After
Performance Comparison¶
| Metric | script |
tmux |
PentLog |
|---|---|---|---|
| Startup Time | ~10ms | ~50ms | ~100ms |
| Disk Usage | Low | Medium | Medium |
| CPU Overhead | Minimal | Low | Low |
| Search Speed | Slow (grep) | N/A | Fast (SQLite) |
| Concurrent Sessions | 1 | Many | Many |
Performance Note
PentLog's slight startup overhead is negligible compared to the productivity gains from search, organization, and report generation.
Summary¶
| Use Case | Recommended Tool |
|---|---|
| Quick debugging | script |
| Session persistence | tmux |
| Professional pentesting | PentLog |
| Compliance/auditing | PentLog |
| Evidence documentation | PentLog |
| Team collaboration | PentLog |
| Certification prep (OSCP) | PentLog |
Ready to upgrade? Get Started with PentLog