Support for Apple macOS Agents & Scanners

|
Updated

Fresh on the heels on Beta 3, we are excited to announce support for the Apple macOS platform. To install the Rumble macOS Agent, copy the download link from the Agents page, download a local copy, and install it using the command line:

$ curl -o agent.bin https://console.runzero.com/download/agent/[unique-id-here]/[timestamp]/runzero-agent-darwin-amd64.bin
$ chmod u+x agent.bin
$ sudo ./agent.bin

macOS Agent

For a quick rundown on how to use the command-line scanner, take a look at the scanner documentation. The macOS scanner uses /dev/bpf devices for raw socket support and requires root access to run ARP and TCP SYN scans as a result.

The macOS Agent and Scanner do not use the Apple code signing mechanism yet, but they do include embedded signatures from us. For information on how to validate the internal signature, head over to the binary verification documentation.

As always, if you have any feedback, run into any issues, or just want to say hello, drop us a line.

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Explore more runZero

Product
Announcing runZero 5.0: Exposure management built to outpace AI-driven attacks
When you're up against AI, every minute counts. Get deep, actionable intelligence across your entire attack surface to close the gaps and hold the...
Product Videos
runZero 5.0: Platform Demo
With the new 5.0 release, runZero is giving defenders the edge they need to succeed in the AI-attack era.
runZero Perspective
BOD 26-04: A new era of prioritized remediation
A complete breakdown of CISA's BOD 26-04 directive. Learn how the shift to SSVC, risk-based KEV prioritization, and 3-day remediation impacts your...
runZero Perspective
Dawn of the apex agentic adversary
When agentic AI can weaponize exploits in seconds, visibility is everything. Stop the predator with runZero’s exposure management for the AI-attack...
Webcasts
runZero Hour, Ep. 32: AI-pocalypse now? Why the 2026 DBIR is actually good news
In this episode of runZero Hour, Tod Beardsley, Brianna Cluck, and Verizon's Alex Pinto broke down 2026 DBIR trends, AI threats, and runZero 5.0.
Podcasts
The shadow era AI, exploits, and cybersecurity's 90s comeback
HD Moore explains how AI is turning hacking back to the 90s, generating permanent exploit skeleton keys and breaking traditional defense.
Talks
Identifying exposures at scale with BloodHound OpenGraph
Traditional exposure management misses hidden attack paths. Learn how BloodHound and Cypher queries can uncover vulnerabilities beyond individual...
Podcasts
When is a vulnerability not a vulnerability?
Attackers care about outcomes, not CVEs. Tod Beardsley joins Distilled Security to discuss reframing risk from checklist compliance to adversary...

See Results in Minutes

See & secure your total attack surface. Even the unknowns & unmanageable.