Release v.19.0

PentLog v0.19.1 Release Notes

PentLog v0.19.1 focuses on archive integrity, safer session handling, evidence-first reporting, and stronger web exposure guardrails.

✨ Added

Archive Integrity

• Archives now include manifest.json with deterministic hashes and file sizes.
• Imports verify archive manifests when present to detect tampering.
• Archived sessions now persist archive metadata in SQLite: archived_at, archive_path, archive_manifest_sha256

Safer Session & Shell Workflow

• Sessions now store lifecycle/runtime metadata such as recorder PID, hostname, host fingerprint, start/end time, and resume count.
• Added explicit legacy sync command pentlog sessions sync
• Added shell review workflow before recording: pentlog shell review

The review step shows client, engagement, phase, target/IP, context age, and recent context changes before evidence capture starts.

Web Search Triage

• Search results now include transcript context lines and note timestamps.
• Search result cards can drill down directly into the matching session and hit.
• Session detail now highlights the selected transcript line or operator note.

Explicit Web Exposure Modes

• pentlog web now requires an explicit decision before binding beyond loopback.
• Added: --public, --auth-token, --basic-auth

🔄 Changed

Safer Web Defaults

• pentlog web now uses existing built assets by default.
• Assets are rebuilt only when --rebuild is used or when assets are missing.
• UI/API routes now fail closed on non-loopback binds unless public mode or authentication is configured.

Evidence-First Report Exports

• Markdown and HTML exports now default to curated report sections instead of transcript-heavy dumps.

Session Recovery Improvements

• Stale/crash detection now uses lifecycle review instead of a fixed 5-minute heartbeat cutoff.
• Default stale timeout is now 30 minutes.
• Timeout can be overridden with:

PENTLOG_STALE_TIMEOUT_MIN=60
pentlog recover --timeout 60

• pentlog recover now separates likely-live, paused, review-needed, definitely stale, and crashed sessions.

Archive Secret Handling

• archive and import now prefer interactive password prompts or:

--password-stdin

• Legacy --password remains available but is deprecated.

Search State & API

• Web search filters are now URL-driven and bookmarkable.
• Search pagination now uses stable limit / offset semantics.
• Search responses now include real total_matches, context windows, and note timestamps.

🛠 Fixed

• archive --delete now updates database state correctly instead of creating later orphan drift.
• recover --clean-orphans is now reserved for genuine inconsistencies.
• Sensitive evidence/config writes now use stricter file permissions.
• Archive imports now validate manifest-backed archives.
• Search and session pages now preserve context better when jumping between hits.
• pentlog web --bind 0.0.0.0 no longer exposes engagement data with warning-only behavior.

🧪 Quality

Added and updated tests for:

• Search pagination
• Context-line search responses
• Web search metadata
• Archive integrity/import behavior
• Session lifecycle and archive-state handling

Release v0.18.0

PentLog v0.18.0 introduces a major Web Dashboard refresh focused on clarity, workflow speed, accessibility, and dark-mode readability for browser-based operations.

✨ Added

• Mission-Control Web Dashboard

  • New at-a-glance operational layout for active context, session health, findings, and artifact readiness
  • Better status visibility for ongoing engagements directly in the browser

• Unified Dashboard API

  • Added GET /api/dashboard/overview to return stats, activity, clients, context, and artifact summary in one payload

• Workflow Quick Actions

  • Direct links from dashboard into Sessions, Search, Reports, and Archives with scoped context

• Context-Aware URL Prefill

  • Web flows now support query-prefilled filters for faster navigation:
    • Sessions (client, phase, etc.)
    • Search (q, date/range options)
    • Reports (client, engagement, phase)

🔄 Changed

• Information Architecture

  • Reorganized dashboard sections to prioritize critical operational signals first

• UI Theme Cohesion

  • Refined dashboard color tokens and surface styling for better dark/light consistency

• Accessibility Improvements

  • Added skip-to-content support
  • Improved keyboard focus visibility
  • Improved active navigation semantics (aria-current)

🛠 Fixed

• Dark Mode Contrast

  • Resolved low-contrast text in empty/loading states (including Live Share empty state)

• Session State Reliability

  • Hardened session hydration in backend list/get paths:
    • state, last_sync_at, target, target_ip now consistently loaded
  • Improves reliability of state-based filtering and status rendering across web UI

🧪 Quality

• Added/updated tests for:
  • Dashboard overview aggregation behavior
  • Session state/target hydration behavior

Release v0.17.0

PentLog v0.17.0 introduces the new pentlog target command for managing multi-target engagements, along with deeper integration of target context across sessions, metadata, and prompts.

✨ Added

• Target Management
  • Introduced pentlog target for handling multi-target engagements
  • Supports add, list, switch, remove, and clear operations
  • Targets stored in ~/.pentlog/targets.json with name and optional IP/host
  • Active target reflected in prompt context

🔄 Changed

• Session Context & Metadata
  • Target information (target, target_ip) now flows across context, sessions, and prompts
  • Session metadata persists target fields (JSON + database)
  • Shell prompt displays active target
  • Session filenames now include target slug

Release v0.16.0

Overview

PentLog v0.16.0 introduces pause/resume recording, session tagging, and a new timeline dashboard, along with improvements to logging, performance, and session management.

✨ Added

• Pause/Resume Recording

  • pentlog pause / pentlog resume
  • Adds replay markers with timestamps
  • Keeps a single continuous session (useful for OSCP exams & long engagements)

• Structured Logging

  • Logs written to ~/.pentlog/pentlog.log
  • Uses log/slog with dual output (stderr + file)
  • Supports JSON/text output

• Session Tags

  • Tag, untag, list, and filter sessions
  • Indexed, deduplicated, and auto-cleaned on delete

• Session Size Monitoring

  • Background monitoring every 30s
  • Alerts at 5MB (warning) and 10MB (critical)

• Session Delete Command

  • pentlog sessions delete <id> (with interactive mode)
  • Removes .tty, .json, and notes files

• Engagement Timeline Dashboard

  • pentlog dashboard timeline
  • Unified time view for sessions, notes, phases, and findings

• Database Connection Pooling

  • Adds connection limits to improve stability under load

---

🔄 Changed

• Error Handling

  • Standardized with errors.Fatal()

• Human-Readable Sizes

  • Session sizes now shown in KB/MB/GB

Release v0.15.1

Dependencies

Improve ttyrec install guidance: Fedora users are directed to the OVH RPM (v1.1.7.1), and unsupported distros now get a clear manual-install link plus a suggestion to open a PentLog issue.

Release v0.15.0

Overview

PentLog v0.15.0 introduces live sharing directly from pentlog shell --share, with a new status API, viewer tracking, and full scrollback for late joiners. It also strengthens crash recovery with seamless resume markers, and improves replay/session browsing

✨ Added

• Live Share via Shell: pentlog shell --share starts an in‑process WebSocket server alongside recording
  • Share URL displayed in the shell banner
  • .share_session saved so pentlog share status works from both share and shell --share
  • --share-port and --share-bind for network configuration
• Share Status API + Viewer Tracking
  • /status endpoint returns viewer count and client IPs as JSON
  • pentlog share status displays viewer info
  • Supports X-Forwarded-For for proxied connections
• Session Scrollback Buffer for late joiners
  • New viewers receive full session history on connect
  • Scrollback capped at 50MB with front‑trimming
  • Data sent as a single blob to preserve escape sequences
• Auto‑Resume Crashed Sessions
  • Interactive resume prompt on shell startup
  • Resume appends to existing .tty using ttyrec -a
  • “Session Resumed” banner inserted at resume point
  • Timestamps normalized to skip idle time
• Replay/session pagination and new engagement timeline dashboard view

🐛 Fixed

• Replay session ordering now shows newest sessions first
• Share status discovery for shell --share
• Viewer reconnect alignment and resume marker normalization
• Imported session sizes updated after insertion
• github.com/gorilla/websocket moved to direct dependency

Release v0.14.0

Overview

PentLog v0.14.0 introduces session recovery from archives, interactive GIF player for embedded recordings, HTTP report serving, and critical shell stability fixes. This release focuses on reporting workflow improvements and essential reliability enhancements for evidence integrity.

✨ Added

• Report Server: New pentlog serve command for viewing HTML reports with GIF players
  • Starts local HTTP server, solves CORS/file:// issues
  • Configurable port with --port flag
• HTTP Server in Export Flow: Option to serve report via HTTP after saving HTML
• Interactive GIF Player: Full-featured playback for embedded recordings
  • Play/pause controls, forward/backward navigation
  • Adjustable playback speed
• GIF Regeneration Prompt: Ask before regenerating existing GIFs during export
• Archive Import: New pentlog import <archive.zip> command to restore archived sessions
  • Support encrypted archives with --password flag
  • Granular targeting with -c/--client, -e/--engagement, -p/--phase
  • Preview with pentlog import list <archive>
• Database Backup Before Migration: Automatic safety mechanism before schema updates

🐛 Fixed

• Shell Hang on Start (SIGTTIN): Fix pentlog shell hanging after banner on macOS/Linux
  • Added Foreground: true with Ctty to fix background process group issue
• Signal Handling: Properly forward SIGINT/SIGTERM/SIGHUP to subprocess
  • Recording files properly flushed before exit
  • Session state accurately reflects exit type (CRASHED vs COMPLETED)

Release v0.13.0

Overview

PentLog v0.13.0 introduces rapid evidence capture hotkeys, crash recovery mechanisms, and bash session indicators for a more resilient and efficient penetration testing workflow. This release focuses on workflow acceleration and evidence protection during critical engagements.

✨ Major Features

Quick Note Hotkeys

Capture findings instantly without interrupting your flow:

• Ctrl+N: Quick note entry with single-line prompt
• Ctrl+G: Quick vulnerability entry with severity shortcut (c/h/m/l/i)
• Works seamlessly in bash and zsh shells
• Hotkey hints displayed on session start

Crash Recovery Mechanism

Protect evidence from unexpected session terminations:

• Session state tracking: active, completed, crashed
• 30-second heartbeat monitoring during recording
• New pentlog recover command to manage crashed/stale sessions
• Auto-detection of stale sessions (5+ min without heartbeat)
• Startup warnings for detected crashed sessions

Bash Session Indicators

Enhanced bash experience with session awareness:

• Persistent session indicator in bash prompts (like zsh)
• Transient right prompt disappearing after command execution
• Auto-detects bash version compatibility

Configuration Refactor

• Centralized ConfigManager singleton for all path management
• Consolidated config.GetXDir() functions → Manager().GetPaths()
• Better environment variable override support
• Single source of truth for configuration

🐛 Fixes

• Fixed bash rprompt positioning at right bottom of prompt
• Fixed transient rprompt behavior to match zsh

📈 Improvements

• Added --limit flag for session pagination
• Database schema updates for crash recovery
• Auto-run database migrations on startup

🔄 Upgrading

No breaking changes. Existing sessions automatically marked as completed on first run.

---

Full Changelog | Documentation

Release v0.12.0

We are excited to introduce the stable release of GIF Export, a native solution for converting your terminal sessions into high-quality, shareable animations without external dependencies. This release also brings a modern Incremental Search interface and significantly improved Dependency Management.

Features

🌟 GIF Export (Stable)

• Convert sessions to animated GIFs using native Go rendering
• Interactive resolution selection: 720p (1280×720) or 1080p (1920×1080)
• Improved ANSI color palette for better Kali Linux terminal rendering
• High-quality font rendering using Go Mono (gomono) font
• Resolution-aware font sizing (12pt for 720p, 14pt for 1080p)
• Support for single sessions, merged sessions, and direct file conversion
• GIF output saved to ~/.pentlog/reports/

Incremental Search with Bubble Tea

• Refactored pentlog search command with modern TUI
• Live search results as you type (background task execution)
• Scrollable viewport showing 10 results at a time, navigate all matches
• Smart scroll tracking keeps cursor always visible in viewport
• Result counter showing current position (e.g., "Result 5/139")
• Keyboard controls: ↑↓ navigate, Enter to open in pager, Home/End to jump
• Prevents UI freezing with async search execution
• Streamlined UI: query input, status bar, scrollable results, help footer

Dependency Management

• Smart dependency handling
• Auto-installation support for ttyrec and ttyplay on macOS/Linux
• Detailed health check via pentlog status --dependencies
• Graceful degradation (tool warns but continues if optional deps are missing)
• Updated install.sh to verify system requirements immediately

Export Management

• Enhanced pentlog export workflow
• View Existing Reports: Interactive menu to browse, select, and open previously generated reports for the current client.
• Overwrite Protection: Automatically detects if a report already exists for the selected scope.
• Smart Prompt: Show creation timestamp and ask for confirmation before regenerating a report.
• GIF Embedding: Option to embed clickable GIF recordings directly into HTML reports using --include-gifs.
• Template Updates: New pentlog update --template command to refresh report templates from the repository.

Release v0.11.0

🎯 What's New

✨ Interactive Timeline Browser

The new pentlog timeline command extracts and navigates command-level timelines from session recordings:

• Browse commands in an interactive scrollable list with precise timestamps
• Boxed detail view separating command metadata from output
• Search within timeline using / (same as search command)
• View full output in your pager (less)
• Smart preview showing first 10 lines of output
• Export timeline as JSON with accurate timestamps
• Consistent UX with pentlog search command

🔧 Timeline Preview Panel

Command details now display inline after selection:

• Shows timestamp, command, and output excerpt
• Displays before action menu for quick inspection
• No input blocking or responsiveness issues

🐛 Bug Fixes

Critical: Timeline Hang Resolution

Fixed severe responsiveness bug in pentlog timeline:

• ✅ Enter key now works instantly (was: frozen)
• ✅ Can exit with Esc/Ctrl+C (was: required kill -9)
• ✅ Export and all menu options responsive (was: input processing blocked)
• Root cause: promptui Details template rendering on every keystroke
• Solution: Moved preview to post-selection display (no template rendering)

🔐 Security Improvements

• Enhanced OSC sequence validation to prevent terminal injection
• Enforced secure file permissions for AI config files (0600)
• Fixed SUDO_USER home directory resolution for macOS
• Added password confirmation for archive encryption

📦 Other Improvements

• Updated prompt to guide users: "Enter to view details"
• Proper error messages when session files are missing
• Fixed archive cleanup on failures
• Code modernization: replaced deprecated ioutil functions
• Improved error handling with warnings to stderr