Dumpster-diving for computer parts. Accidentally annoying some of the biggest tech companies on the planet. Building tools that changed how cybersecurity works. For HD Moore, that’s just a normal career arc.
In 2025, HD popped up on a bunch of podcasts to swap stories, share strong opinions, and generally say the quiet parts out loud. We’ve rounded up four standout episodes that are smart, funny, and refreshingly candid.
From Air Force to Exploits: MetaSploit, runZero, and Building Like a Hacker (Dialed in with Greg Martin) #
Before creating MetaSploit, HD Moore was reverse engineering software for the Air Force while still in high school. In this episode, he shares the origin story of one of the most influential open source tools in cybersecurity, his transition from tinkerer to product builder, and how that same hacker mindset still drives runZero today.
Greg Martin (Ghost Security) and HD dig into the power and challenges of open source, what it means to build like a hacker, and why finding flaws in your own tools is part of the process. If you're into security, innovation, or building things that break things, this one’s for you.
Microsoft Tried to Get Me Fired Weekly (HD Moore on the Alice & Bob Podcast) #
James Maude and Marc Maiffret (Adventures of Alice & Bob Podcast) sit down with HD to explore his journey from a teenager dumpster-diving for computer parts to navigating the early backlash around Metasploit.
It’s a look at what happens when open-source security research collides with very large vendors — and why a bit of friction is often a sign you’re doing something right.
Why CVEs won’t save you in 2025 (The Hackers Cache) #
In this episode of The Hacker’s Cache, HD discusses with Kyser Clark why relying on CVEs is putting organizations at risk in 2025. They unpack the truth about the risks hiding outside traditional vulnerability tracking, from overlooked SSH exposures to entire classes of issues that never earn a CVE at all.
Along the way, HD shares some bold takes on AI’s role in security, the dangers of over-reliance on tools and certifications, and why exposing version numbers might actually make systems safer. It’s a must-listen for any ethical hackers, pentesters, and cybersecurity professionals who want insights into how attackers are really staying ahead.
Metasploit's origin, browser bugs & exposure management (HD on Be Fearless podcast) #
In this candid conversation, HD shares the story behind building the world's most widely used penetration testing framework, war stories from the early days of cybersecurity, and how his Month of Browser Bugs Project (which inspired our own Year of Browser Bugs Initiative) spelled the end of ActiveX.
It’s part history lesson, part reminder that exposure management has always been about understanding what’s actually reachable, not just what looks scary on paper.
If you’re in the mood for tales from the trenches, fewer buzzwords and more straight talk, these episodes are a great place to spend an hour or two. Expect more of the same in 2026!
