Security Headlines with HD Moore
Summary:
HD is a very interesting character, founder of Metasploit, security researcher, phone phreak, ruby hacker
and the founder of the company rumble!
He joins us in this episode to tell us the story of Metasploit, making security research
and internet scanning more accessible and normalized.
Tune in and listen to it here:
HD picked up an interest in computers and the telephone system at an early age and
spent his time reading ezines, 2600 and other magazines that talked about the force of technology and the
creative exploring we know as hacking.
The passion went from just making silly screen savers to starting to play with, the analog phone system.
Phreaking away on the phone lines and using the knowledge to travel wherever he wanted, on the phone lines.
In 2003, at the time where the internet still was young and the security research where kept in the dark.
HD wanted to shine some light on this and instead of commercializing and building a proprietary product he
created metasploit. In order to make exploits easy to use and available for the business side and the hobbyist.
HD received a lot of push back for doing this. A lot of people did not want to make security tools and techniques
available for the wide majority to use. They tried to get him fired, hares him and a lot more :/
This mob of angry people did not stop him from keep working at metasploit. Countless hours were spent porting
exploits to it. Making them easier to use and more accessible for everyone to use.
A couple of years later the metasploit project got bought up by the US-based company “rapid7”
which is home to several security related projects.
One of these interesting projects is Project Sonar. Project Sonar is continuously scanning and indexing
the entire internet. Creating a huge map of every device on the internet that you can search on based on timestamps.
Like a modern-day time-machine for exploring devices on the internet. This can be used for keeping track of
types of things, such as tracking Hillary Clinton’s email server.
Exploring the internet on a larger scale like this of course does not come without finding a lot of interesting
things, HD tells us about the time he found a surgical robot that was being used for operating on people
with a publicly accessible web interface. Luckily this was quickly reported and fixed!
Evolution is pushing innovation and scanning the entire internet, which was very hard to do a
while back is now not only cheap but can also be done in a couple of hours.
Today HD is the CEO of a company called Rumble, and has gone from exploring the public internet to
exploring the inner realms of intranets and internal networks.
Rumble leverages the power of the golang programming language to help companies explore their network.
We thank HD for making exploit development and internet scanning more normalized easier to use!
External links:
https://www.rumble.run/
https://www.metasploit.com/
https://www.rapid7.com/research/project-sonar/
https://en.wikipedia.org/wiki/SAINT_(software)
https://www.hdm.io/
https://github.com/hdm
https://2600.com/
https://en.wikipedia.org/wiki/WarVOX
https://zmap.io/
