Cerebra: Why I finally made my cyber terminal public

March 31, 2026•4 min read

I have been building versions of this for years.

It started as my own way of keeping shells, remote access, notes, and security tooling from fragmenting across a pile of windows. Over time it stopped feeling like "my terminal setup" and started feeling like its own product. That is why I finally decided to make it public as Cerebra.

What I wanted was not just a prettier terminal. I wanted one operator workspace where execution, context, evidence, enrichment, and analysis stay attached to the same job.

Cerebra workspace

What Cerebra actually is

Cerebra is closer to a cybersecurity IDE than a classic terminal app.

The public site describes it as a next-generation IDE/terminal for CyberSecurity, IT, DevOps, and developers, and that is the right framing. The core idea is simple: put the things I actually use together in one desktop flow instead of forcing them to live in disconnected tools.

That means:

multi-pane workspaces with persistent tabs and reusable layouts
SSH, RDP, VNC, and local shell in the same interface
runbooks that execute directly into the active pane
notes, screenshots, and evidence beside the live session
AI that reasons over the current workspace instead of acting like a detached chatbot
built-in intelligence, reverse-engineering, and quick crypto/transform utilities
CyberViewer for flow graphs, pivot paths, and operational structure

That combination is what made Cerebra worth publishing. Each individual idea exists somewhere else. The value is in keeping them connected.

Why I kept pushing the runbook model

One thing I strongly dislike in day-to-day security work is the gap between documentation and execution. Playbooks often end up as stale notes, copied commands, or random snippets spread across files and chat threads.

In Cerebra, runbooks are meant to be executable. The command card is not just a reminder. It can push directly into the active shell or pane, which makes the workflow much tighter for pentesting, OSINT, cloud work, bug bounty, and all the other messy places where repetition is real and context-switching is expensive.

Cerebra runbooks

That is a small design choice on paper, but it changes the feel of the whole workspace.

Why the AI part had to stay inside the workspace

I am not interested in AI as a floating chat bubble with no visibility into the actual work.

The more interesting direction is giving the AI live workspace context so it can reason over what is already open: sessions, output, panes, notes, and the surrounding operator state. Cerebra also has an AI-Cyber mode where the AI is positioned to see and control the live workspace rather than work blind.

That matters much more to me than generic prompt-response UX because cybersecurity work is rarely isolated. The useful context is already in the workspace. The AI should meet the work there.

Cerebra AI toolkit

Graphs, notes, and analysis are part of the same job

Another reason I kept building Cerebra is that the non-terminal parts of the workflow are often where the real understanding happens.

Sometimes I need a clean graph of an attack flow or pivot path. Sometimes I need quick enrichment on a domain, IP, URL, or hash. Sometimes I need deobfuscation, IoC extraction, JWT decoding, or fast utility transforms. Sometimes I just need notes, screenshots, and evidence to stay attached to the operator trail.

That is why Cerebra includes CyberViewer, intelligence utilities, reverse-engineering helpers, and quick transforms inside the same workspace. I did not want the workflow to break every time the task changed shape.

Cerebra CyberViewer

Why I made it public now

For a long time, keeping this private was fine because I was building it for myself first.

At some point that stopped being the right answer. The workspace had become coherent enough, useful enough, and distinct enough that hiding it on my own machine made less sense than putting it in front of the community and letting other people use it, critique it, and push it further.

That is really the story here. Cerebra is the result of years of operator frustration being turned into a tool I actually want to work in every day. Once it reached that point, making it public felt natural.

At the time of writing, the public download page lists version 2.0.0, with macOS Apple Silicon, Windows, and Linux builds available, plus preview or experimental channels where appropriate.

If you want to see the product directly, the official site is cerebra.sh and the public repository is github.com/abdessamad-elamrani/cerebra.sh.