See runZero in action

Contact us to book a demo with our team.

Automatic Web Screenshots

(updated ), by HD Moore
icon

We rolled out support for automatic web service screenshots this morning in both the Rumble Agent and the runZero Scanner (v0.6.6+). This option is on by default, and will result in Rumble capturing an image of each web service it encounters if the system it is running on has a working Google Chrome or Chromium installation. This feature can be toggling using the Scanner command line option --screenshots and from the New Scan screen in the Rumble Console:

Configuring Web Screenshots

To determine if your Agent can capture screenshots, view the Agent detail page, and look for an entry like the following:

Agent Screenshot Support

If screenshot support is not detected, make sure Google Chrome has been installed in the default location, and force an agent update to refresh the setting. Captured screenshots will appear in the asset detail of the Inventory section.

Asset Web Screenshot

This update tweaked several default settings, including the overall scan speed, to make scans more conservative with the number of sessions they generate. The command-line scanner received a few minor updates, including additional fields in the config output, and tweaks to a few command-line options. The --syn-ports and --connect-ports options have been merged into a single --tcp-ports parameter, while the --syn-max-sockets and --connect-max-sockets are now simply --max-sockets.

Please give the new web screenshot support a whirl and drop us a line with your feedback.

HD Moore
Written by HD Moore

HD Moore is the co-founder and CEO of runZero. Previously, he founded the Metasploit Project and served as the main developer of the Metasploit Framework, which is the world's most widely used penetration testing framework.

Similar Content

August 6, 2020

Recog development with runZero

Overview # Recog may be one of the most underrated open source security projects of all time. Recog started off in the early 2000s as the fingerprinting backend for Rapid7’s Nexpose (aka InsightVM) vulnerability scanner. It was released as open source in 2014 and …

Read More

August 4, 2020

Rumble 1.10: Continuous Scans, Site Defaults, and More!

Overview # Rumble 1.10 is live with continuous scanning, user interface updates, an event log, updates to the scan engine, additional fingerprints, and a new way to keep recurring scans in sync with their sites! Continuous Scanning # All paid plans now support a new …

Read More

July 7, 2020

Rumble 1.9.0: Scan Engine Updates, Reports, and More!

Overview # Rumble 1.9.0 is out with major updates to the scan engine, reports, fingerprinting, user interface, documentation, and much more! Scan Engine # Folks who scan external assets using their hostnames will now see asset correlation occur using the DNS name itself. For …

Read More

Subscribe and stay in the loop!

We won't share your email.

Unsubscribe at any time.