Risky Biz Soap Box, Episode 55: Rumble and DCE/RPC party tricks

This Soap Box is brought to you by Rumble, the asset discovery company founded by HD Moore. For those of you who don’t know, HD is a security legend, having done all sorts of amazing research over the years and creating Metasploit all the way back in 2003.

This guy, as you’ll hear, vibrates at a slightly higher frequency than the rest of us. He’s one of those people who’s not only insanely talented, but he’s also insanely hardworking, which is why we get to have nice things like Metsaploit and, now, Rumble.

So: What is Rumble? It’s is an active asset discovery tool. You set it loose on your network and it shows you what’s there… but this isn’t your grandma’s portscanner. This thing can see through walls and around corners, and what it finds will genuinely blow you away. A couple of weeks ago a guy by the name of Tom Lawrence did an awesome 15 minute demo of Rumble for his YouTube channel.

I would highly recommend you watch it, even before you listen to this podcast. He does a fantastic job of demoing the product and showing that it’s able to make sense of what it sees to a very surprising degree. Tom demos it on a small network, but yeah, it scales – HD says Rumble counts a Fortune 5 among its customers.

Anyway, what HD has done with Rumble is create a tool – a lightweight scanner you can run from basically anywhere in a network – that will show you networks you didn’t know existed, it’ll identify devices with ridiculous granularity… it can even tell you if a windows box has EDR on it or a wireless card installed, all with an unauthenticated network scan.

Meet Our Speakers

HD Moore

Founder & CEO, runZero

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Resources

Podcasts
The shadow era AI, exploits, and cybersecurity's 90s comeback
HD Moore explains how AI is turning hacking back to the 90s, generating permanent exploit skeleton keys and breaking traditional defense.
Podcasts
When is a vulnerability not a vulnerability?
Attackers care about outcomes, not CVEs. Tod Beardsley joins Distilled Security to discuss reframing risk from checklist compliance to adversary...
Podcasts
Know Your Adversary with HD Moore
runZero CEO HD Moore breaks down the myth of air-gapped networks, the impact of AI on security, and why asset connectivity is everything.
Podcasts
Risky Biz Interview: Navigating the AI vibe shift with HD Moore
runZero Founder and CEO HD Moore drops by in this week's Risky Biz sponsor interview to talk about the concerning AI vibe shift and what to do...

See Results in Minutes

See & secure your total attack surface. Even the unknowns & unmanageable.