Skip to content
PentLog Evidence-First Logger

PentLog

Evidence-first penetration testing logger.

Capture every command, find anything, prove everything. High-fidelity terminal logging with AI analysis, searchable content, and compliance-ready reports.

Getting Started Installation
TTYREC Fidelity SQLite + JSON Audit-Ready Reports
$pentlog create Context: ACME / Red Team / Phase 2 $pentlog shell Recording session... ttyrec-2026-02-20-1732 Integrity hash: 3f2a1d9b...c1b9
Live Evidence
Searchable
Encrypted

PentLog — Evidence-First Pentest Logger

Start in minutes

Install once, create a context, and begin recording.

The same workflow scales from labs to full client engagements.

Quickstart Installation

Install + first session

curl -sSf https://raw.githubusercontent.com/aancw/pentlog/main/install.sh | sh
pentlog setup
pentlog create
pentlog shell

Evidence Chain

Full-fidelity ttyrec recordings, context metadata, and integrity hashes keep your chain of custody intact.

Session Intelligence

Search across logs and notes, extract timelines, and pinpoint exactly what happened and when.

Delivery Ready

Generate Markdown or HTML reports, archive with AES-256 encryption, and ship in client-ready format.

Getting Started

Learn the core workflow and create your first context.

User Guide

Sessions, search, notes, timeline, export, and AI analysis.

Advanced

Archiving, crash recovery, configuration, and storage layout.

Reference

CLI commands, flags, and tool comparisons.

Found a bug or want a feature? Open an issue. PentLog is licensed under the MIT License.

Capabilities

Everything you need, without the noise

Purpose-built to capture, organize, and prove your findings from first command to final report.

01

High-Fidelity Recording

Full-fidelity ttyrec capture with ANSI color, cursor moves, and redraws preserved.

02

Powerful Search

Regex + boolean search across logs and notes with fast incremental results.

03

Compliance Reports

Markdown and HTML reports with hashes, audit trails, and AES-256 archives.

04

AI Analysis

Summaries and vulnerability insights from Gemini or local Ollama models.

05

Live Sharing

Stream sessions in real time with an xterm.js viewer and full history.

06

Crash Recovery

Heartbeats and stale-session detection protect evidence from crashes.

07

Timeline Browser

Browse chronological command timelines, view output, and export JSON.

08

Context-Aware Sessions

Organize by client, engagement, and phase with auto metadata tracking.

09

Vulnerability Management

Track findings with severity, remediation notes, and session traceability.

Workflow

From engagement to evidence in three steps

01

Set context

Create client, engagement, and phase metadata once. PentLog tracks the rest.

02

Record everything

Use pentlog shell to capture full terminal state, including ANSI, cursor moves, and redraws.

03

Search and report

Find any command, extract timelines, and export reports with integrity hashes.

Ready to begin?

Capture defensible evidence in minutes

Install PentLog, start a session, and ship a report the same day.

Quickstart User Guide