Clear command history in network OS which is used for defense evasion

Open a handle on the drive volume via the \.\ DOS device path specifier and perform direct access read of the first few bytes of the volume.

Clear command history in linux which is used for defense evasion.

Identifies when a user attempts to clear console history. An adversary may clear the command history of a compromised account to conceal the actions undertaken during an intrusion.

Detects scripts or commands that disabled the Powershell command history by removing psreadline module