Risky Biz Soap Box, Episode 55: Rumble and DCE/RPC party tricks

This Soap Box is brought to you by Rumble, the asset discovery company founded by HD Moore. For those of you who don’t know, HD is a security legend, having done all sorts of amazing research over the years and creating Metasploit all the way back in 2003.

This guy, as you’ll hear, vibrates at a slightly higher frequency than the rest of us. He’s one of those people who’s not only insanely talented, but he’s also insanely hardworking, which is why we get to have nice things like Metsaploit and, now, Rumble.

So: What is Rumble? It’s is an active asset discovery tool. You set it loose on your network and it shows you what’s there… but this isn’t your grandma’s portscanner. This thing can see through walls and around corners, and what it finds will genuinely blow you away. A couple of weeks ago a guy by the name of Tom Lawrence did an awesome 15 minute demo of Rumble for his YouTube channel.

I would highly recommend you watch it, even before you listen to this podcast. He does a fantastic job of demoing the product and showing that it’s able to make sense of what it sees to a very surprising degree. Tom demos it on a small network, but yeah, it scales – HD says Rumble counts a Fortune 5 among its customers.

Anyway, what HD has done with Rumble is create a tool – a lightweight scanner you can run from basically anywhere in a network – that will show you networks you didn’t know existed, it’ll identify devices with ridiculous granularity… it can even tell you if a windows box has EDR on it or a wireless card installed, all with an unauthenticated network scan.

Meet Our Speakers

HD Moore

CEO and Co-Founder

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Related Resources

Oil and Gas Upstream
Huxley Barbee discusses why and how cybersecurity for operational technology (OT) and industrial control systems (ICS) including oil and gas...
Risky Biz Interview: Breaking apart OT protocols
runZero's Rob King on the how and why of reverse engineering for active discovery
ExpedITioners Podcast: The modern divergence of environments and security methodologies
In this episode, Zach and Huxley talk about the modern divergence of environments and security methodologies.
Infosec Toolshed: Metasploit: Why did he do it?
Every top 10 list of security tools includes Metasploit. But how did the project get started?

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved