Automatic Web Screenshots

|
Updated

We rolled out support for automatic web service screenshots this morning in both the Rumble Agent and the runZero Scanner (v0.6.6+). This option is on by default, and will result in Rumble capturing an image of each web service it encounters if the system it is running on has a working Google Chrome or Chromium installation. This feature can be toggling using the Scanner command line option --screenshots and from the New Scan screen in the Rumble Console:

Configuring Web Screenshots

To determine if your Agent can capture screenshots, view the Agent detail page, and look for an entry like the following:

Agent Screenshot Support

If screenshot support is not detected, make sure Google Chrome has been installed in the default location, and force an agent update to refresh the setting. Captured screenshots will appear in the asset detail of the Inventory section.

Asset Web Screenshot

This update tweaked several default settings, including the overall scan speed, to make scans more conservative with the number of sessions they generate. The command-line scanner received a few minor updates, including additional fields in the config output, and tweaks to a few command-line options. The --syn-ports and --connect-ports options have been merged into a single --tcp-ports parameter, while the --syn-max-sockets and --connect-max-sockets are now simply --max-sockets.

Please give the new web screenshot support a whirl and drop us a line with your feedback.

Written by HD Moore

HD Moore is the founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

More about HD Moore
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

runZero Insights
Taming the Typhoons: How runZero Keeps You Ahead of State-Sponsored Cyber Threats
China's Typhoon cyber attacks are evolving, but runZero helps you stay one step ahead with unmatched visibility and proactive defense.
runZero Insights
Ensure compliance with DORA’s ICT risk framework using runZero
Learn how to uncover unmanaged and unknown assets— including IT, OT, and IoT— to meet DORA's hidden risk requirements using runZero.
Life at runZero
Employee Spotlight: Doug Markiewicz
Doug Markiewicz is a strategic Customer Success Engineer with a passion for solving complex cybersecurity problems. Learn more about his journey as...
runZero Insights
Evolving from IT to IoT: Flax Typhoon preyed on the lesser knowns
A look at Flax Typhoon's latest operations, and how runZero’s unknown and IoT asset visibility can help calm the storm for security teams.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved