Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

New tool: convert-ts-bash-history.py, (Fri, Sep 26th)

published on 2025-09-26 22:26:21 UTC by
Content:
In SANS FOR577[1], we talk about timelines on day 5, both filesystem and super-timelines. but sometimes, I want something quick and dirty and rather than fire up plaso, just to create a timeline of .bash_history data, it is nice to just be able to parse them and, if timestamps are enabled, see them in a human-readable form. I've had some students in class write scripts to do this and even had one promise to share it with me after class, but I never ended up getting it so I decided to write my own. This script takes the path to 1 or more .bash_history files and returns a PSV (pipe separated values) list (on stdout) in the form: <filename>|<datetime>|<command> where the <datetime> is in ISO-8601 format (the one true date time format, but only to 1 sec resolution since that his the best that the .bash_history file will give us). In a future version I will probably offer an option to change from PSV to CSV. 
Article: New tool: convert-ts-bash-history.py, (Fri, Sep 26th) - published 10 days ago.

https://isc.sans.edu/diary/rss/32324   
Published: 2025 09 26 22:26:21
Received: 2025 09 26 23:35:05
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 8

Custom HTML Block

Click to Open Code Editor