Research

August 19, 2021

BlackHat gems: HP iLO 5 vulnerabilities

Each year, August arrives with promises of hot weather and cool security research talks. The DEF CON, Black Hat, and BSidesLV security conferences bring people in from all over the world to share knowledge through conversations, villages, training, and talks. There are …

Read More
BlackHat gems: HP iLO 5 vulnerabilities

August 11, 2021

Fingerprinting Windows versions, AV, wireless cards over the network—all without authentication

Correctly identifying and categorizing network-connected systems without credentials is a tricky challenge and one of the fun parts of working at Rumble. This process of “fingerprinting” uses thousands of rules, pattern matches, and internal databases to take …

Read More
Fingerprinting Windows versions, AV, wireless cards over the network—all without authentication

August 3, 2021

Rumble 2.5: Identify endpoint protection agents, detect wireless & mobile Internet, and scan all your EC2 accounts

What’s new with Rumble 2.5? # Identify endpoint protection agents via integrations and unauthenticated scans Fingerprint wireless and mobile Internet on Windows without authentication Better fingerprinting for Windows 10 and 11, desktop/server, secondary IPs Discover …

Read More
Rumble 2.5: Identify endpoint protection agents, detect wireless & mobile Internet, and scan all your EC2 accounts

March 30, 2020

SMB2 Session Prediction & Consequences

Server Message Block Research # The Rumble scan engine received big updates this month for the HTTP, RDP, and SMB protocols. The SMB work was focused on improving protocol support for SMB1, SMB2, and SMB3, including better desktop/server detection, and reporting of available …

Read More
SMB2 Session Prediction & Consequences

January 3, 2020

Security Surprises with SNMP v3

runZero SNMP scanning runZero supports SNMPv1, SNMPv2 (the SNMPv2c variant), and SNMPv3. Watch below to learn more about how runZero works, and discover what's on your network in minutes with a 21-day free trial. Updated on 2021-10-08: This issue was cited in an excellent …

Read More
Security Surprises with SNMP v3

November 12, 2019

Network Discovery Powered by Research

Refocusing on Research # Our mission is to empower our customers with amazing network visibility through applied research. With the v1.1.0 release behind us, we are excited to renew our focus on research. Last month, our founder and CEO HD Moore presented at Texas Cyber …

Read More
Network Discovery Powered by Research

April 2, 2019

DNS Ping Scans via Open Resolvers

Our last post covered some of the ways that Rumble gathers information from DNS services.

While working on the tracer implementation, we identified a trick that other folks might find it useful. It turns out that most DNS resolvers do not filter the address ranges they will …

Read More
DNS Ping Scans via Open Resolvers

March 31, 2019

DNS Parlor Tricks for Network Discovery

DNS is an amazing protocol. After starting life as a simple mechanism for name resolution, it is now used to enforce TLS rules, prevent email impersonation, authorize users, protect endpoints, enable service discovery, and much more. DNS services run across a range of …

Read More
DNS Parlor Tricks for Network Discovery