Bash History file is very useful for investigation purposes.
Location: /Users/<username>/.bash_history
- Usually it stores upto last 500 Bash Command but sometimes in live response/collection - you may get little more.
Location: /Users/<username>/.bash_history
- Usually it stores upto last 500 Bash Command but sometimes in live response/collection - you may get little more.
- It's a hidden file
- It's only get created if user use Terminal App
- By default - There is no timestamp but you can add one please see this post:
RSS Feed