Rumble Network Discovery Beta 1


Now that the first beta release of Rumble Network Discovery is available for testing, we wanted to highlight some of the things that the product does differently.

Command-Line Scanner & Offline Support #

This release allows basic inventory to be completed using either an installed agent or the command-line scanner. Both the agent and the scanner consist of a single executable with no external dependencies. The command-line scanner can be used in offline environments and for work that is security sensitive, where uploading data back to the cloud isn't an option.

Rumble Network Discovery Beta 1 Command Line

Ridiculously Fast #

A typical /24 network can be scanned scanned in less than 30 seconds. Rumble does this using a scanning engine built from scratch with exactly one purpose in mind. Careful selection of probes and port types enables Rumble to gather detailed information across the network almost instantly. Rumble can be tuned down for slower environments and ramped up to cover huge networks quickly. Sprawling, complex, and highly segmented networks are what Rumble was built for.

Rumble Network Discovery Beta 1 Scanning Speed

Multi-Homed Asset Identification #

Rumble uses a handful of techniques to identify additional network interfaces across scanned assets, without credentials or access to a span port. This allows for detection of security pivot points and better recognition of misconfigured and otherwise exposed hosts. Rumble scans can identify systems that are connected through a VPN, running virtualization software, and bridging network segments.

Rumble Network Discovery Beta 1 Multi-Homed Detection

Almost-Magic MAC Address Detection #

Rumble can obtain MAC addresses from devices outside of the local network, without credentials, across a wide range of systems. This detection is combined with our research into MAC fingerprinting and age detection to provide insights into systems that are difficult to obtain otherwise.

Rumble Network Discovery Beta 1 MAC Discovery

Names, Domains, and Hostnames #

Rumble tries to pull system names out of a multitude of services. This allows inventories to show not just the NetBIOS or reverse DNS name for an asset, but also a list of any web sites being hosted, and often additional information about a device, such as the service tag or serial number. Domain names are automatically obtained from a number of services and by parsing out identified hostnames.

Rumble Network Discovery Beta 1 Name Discovery

Continuous Research #

Rumble was created with the goal of building the best network discovery platform through continuous research. The highlights above cover some of the work that has been done so far, but we have still have a long way to go. You can hear details of some of our discovery techniques at the upcoming InfoSec Southwest 2019 security conference in Austin, Texas. In the meantime, kick the tires on the beta and let us know what we got wrong (or right!).

Written by HD Moore

HD Moore is the co-founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.
More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Related Articles

Product Release
Introducing the customizable dashboard, Wiz integration, and more!
Introducing the customizable dashboard, Wiz Integration, and other Q2 2024 enhancements to the runZero Platform.
Product Release
How to integrate your SIEM platform with runZero to create an actionable asset inventory
Learn how to combine runZero's real-time asset inventory with SIEM exports for comprehensive asset tracking and historical data analysis..
runZero Insights
Celebrating Women’s History Month with trailblazers & innovators
It’s Women’s History Month! runZero is celebrating all month long by highlighting innovative women who have been technological trailblazers.
Upcoming NYDFS regulatory requirements on asset inventory and vulnerability enumeration
Is your business prepared for the approaching deadlines for complying with the latest version of the NYDFS Cybersecurity Regulation (23 NYCRR 500)?...

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved