Cerno: One Tool to Triage, Orchestrate, and Track
Track 101 – 2:20pm
Chris Traynor Owner/Instructor Ridgeback Information Security, LLC
Bio
Chris is a penetration tester at Black Hills Information Security, where he conducts assessments of web applications, mobile apps, APIs, and networks across multiple industries.
He authored Offensive Tooling Foundations and Offensive Tooling for Operators, which he teaches through Antisyphon Training and at security conferences nationwide.
His background in web and mobile development, QA automation, and penetration testing helps him explain not just what attackers do, but why systems fail and how to think like both builder and breaker.
Talk Abstract
Vulnerability scanners export thousands of findings. You open them in a spreadsheet, start triaging rows, lose your place, re-run nmap manually, forget what you've already reviewed, and somewhere around finding #300 you're copy-pasting IP addresses into terminal windows while your notes document slowly becomes a liability. There's a better way.
Cerno is a free, open-source TUI tool that turns vulnerability scan output into an interactive, database-backed review workflow. It tracks your progress persistently so you can pick up exactly where you left off. It launches nmap NSE scripts, NetExec commands, and custom verification workflows directly from the finding you're reviewing — no more switching context between five tools. And because everything lives in a normalized SQLite database, you can compare findings across scans, trace a host's vulnerability history, and query your data however you need.
This talk walks through Cerno's design philosophy and a live demo: importing a scan, triaging findings, running tools, and comparing two scans to identify what's new vs. persistent. Whether you're a pentester drowning in exports, a consultant trying to deliver faster and more consistently, or a developer curious about building security tooling with Python and Rich, you'll leave with a free tool ready to use and ideas for building your own.
Intended Audience
Vulnerability review is a universal bottleneck — it slows down pentesters, delays reporting, and introduces inconsistency across engagements. Cerno addresses this with a free, open-source tool built around real-world workflow pain points. Whether you're a consultant looking to work more efficiently, a developer interested in security tooling, or just tired of managing findings in a spreadsheet, this talk offers something practical you can take home and use immediately.
How NSFW is this talk?
(How spicy is your talk in chilli's?)
Appropriate for all ages