Tools
Ridgeback InfoSec is committed to advancing the security community through open-source tooling. Our projects are designed to solve real operational challenges faced by penetration testers, vulnerability managers, and security operators. All tools are MIT-licensed and available on GitHub.
Cerno
Cerno is a terminal user interface (TUI) tool that helps security professionals review Nessus vulnerability scan findings and orchestrate security testing tools. The name derives from the Latin verb cernō, meaning "to discern" or "to sift through"—reflecting its core mission of helping analysts distinguish critical vulnerabilities from noise in large scans.
-
Purpose
Review and organize Nessus vulnerability findings with persistent tracking across sessions, while orchestrating verification tools directly from the interface.
-
Key Features
- Interactive TUI with keyboard navigation
- SQLite persistence for cross-scan tracking
- Tool orchestration (nmap NSE, NetExec, custom commands)
- CVE extraction and Metasploit module searches
- NetExec integration for credential correlation
-
Use Cases
- Large-scale vulnerability assessment organization
- Automated vulnerability verification workflows
- Remediation tracking across multiple sessions
- Post-exploitation intelligence correlation
-
Installation
Requires Python 3.11+
Cerno maintains organized databases at ~/.cerno/cerno.db for cross-scan tracking and session resumption, enabling security teams to efficiently manage findings across complex, long-running assessments. The tool integrates with nmap, NetExec, and msfconsole for automated verification workflows.
View on GitHub Watch Webcast Report Issues
Auxiliary
Auxiliary is a collection of small Python utilities for reconnaissance, list processing, and local tooling. Built with zero external dependencies (standard library only), these tools streamline common operational tasks during penetration testing and vulnerability assessments.
-
Purpose
Provide lightweight, dependency-free utilities for reconnaissance workflows, target list processing, and operational tasks during security assessments.
-
Key Features
- DNS tools (reverse lookups, DC discovery via SRV records)
- Network utilities (IP extraction, normalization from scan outputs)
- Web reconnaissance (Gobuster output to URL list conversion)
- Firewall management (iptables with dry-run and backups)
- File processing (credential splitting, line-based chunking)
- Nessus integration (out-of-scope IP management)
- Stdlib-only dependencies (no external packages required)
-
Use Cases
- Streamlining reconnaissance workflows during authorized testing
- Normalizing and deduplicating target lists from multiple scanners
- Managing firewall rules during testing operations
- Processing credential dumps into usable formats
- Configuring vulnerability scanners with scope restrictions
-
Installation
Requires Python 3.8+
Auxiliary tools are accessible via a unified CLI (auxiliary <tool>) or individual commands with aux- prefixes. All functionality operates through command-line arguments or file inputs, making them ideal for scripting and automation in security workflows.
Contributing
We welcome contributions from the security community. Whether you've found a bug, have a feature request, or want to submit a pull request, your input helps make these tools better for everyone.
Ways to Contribute:
- Report Bugs: Found an issue? Open a ticket on the respective GitHub repository.
- Request Features: Have an idea for improvement? We'd love to hear it.
- Submit Pull Requests: Code contributions are always appreciated.
- Share Feedback: Let us know how you're using these tools in your workflows.
Visit our GitHub organization to explore all projects and get involved.