BACKGROUND

By default, PowerShell may save your console history into a file containing elements of the session. Use the techniques here to secure your sessions.

REQUIREMENTS

To continue, you must have a PowerShell $PROFILE already (Test-Path $PROFILE). If needed (i.e. response is false), then create one with New-Item -Type File -Path $PROFILE -Force.

OBJECTIVE

Here, we configure PowerShell to clear history and reset the file every time PowerShell is launched.

This technique works on everything that runs PowerShell (Linux, Windows, macOS)!

Step 1.  Add the following to your $PROFILE (i.e. nano $PROFILE):

## Clear console history
[Microsoft.PowerShell.PSConsoleReadLine]::ClearHistory()

## Remove History File
$exists = Test-Path -Path (Get-PSReadlineOption).HistorySavePath -ErrorAction Ignore
if($exists){
    $null = Remove-Item -Path (Get-PSReadlineOption).HistorySavePath
}

## Create History File
$null = New-Item -type File -Path (Get-PSReadlineOption).HistorySavePath

## Clear session history
$null = Clear-History

Step 2.  Save Changes and re-launch PowerShell
This requires a real exit from PowerShell to kick in (i.e. you cannot just & $PROFILE like some profile changes).

Step 3.  Enjoy (and brag to your InfoSec team)!

For more information about the PowerShell $PROFILE see help about_Profiles or view the help online at:

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_profiles?view=powershell-6)