H. D. Moore

Last updated
H. D. Moore
Hdm2018.png
Born1981
NationalityAmerican
Occupation(s) Information security researcher and programmer
Known for Metasploit
Website hdm.io

H. D. Moore is a network security expert, open source programmer, and hacker. He is the founder of the Metasploit Project and was the main developer of the Metasploit Framework, a penetration testing software suite.

Contents

Moore is currently the co-founder and chief technical officer of runZero, Inc, [1] a provider of cyber asset attack surface management software and cloud solutions. The company was originally founded in 2018 as Rumble, Inc and renamed to runZero, Inc. in 2022. [2]

Prior to starting runZero, Moore served as the vice president of research and development at Atredis Partners, [3] the chief research officer at Boston, Massachusetts-based security firm Rapid7, and remained the chief architect of the Metasploit Framework until his departure from Rapid7 in 2016. [4]

Information security work

Moore developed security software utilities for the United States Department of Defense as a teenager, [5] [ better source needed ] and founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development. [6]

He is known for his work in WarVOX, AxMan, the Metasploit Decloaking Engine and the Rogue Network Link Detection Tools, [7] and started a "Month of Browser Bugs" (MoBB) initiative in 2006 [8] as an experiment in fast-paced vulnerability discovery with full disclosure. This started the Month of Bugs project meme, and resulted a number of web browser patches and improved security measures.

Moore has discovered, or been involved in the discovery of, a number of critical security vulnerabilities. [9] [10]

Metasploit Framework

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration testing, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers worldwide. The framework is written in the Ruby programming language and includes components written in C and assembly language. [11] In October 2009, the Metasploit project was acquired by Rapid7. [12] While the Metasploit Framework continues to be free, Rapid7 has added commercial editions. [13] With the acquisition of the project, HD Moore became chief security officer at Rapid7, and later chief research officer, while remaining chief architect of Metasploit.

WarVOX

WarVOX is a software suite for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX processes the raw audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders using signal processing techniques.

AxMan

AxMan is an ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process.

Metasploit Decloaking Engine

The Metasploit Decloaking Engine is a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed.

The Rogue Network Link Detection Tools are designed to detect unauthorized outbound network links on large corporate networks. These tools send spoofed TCP SYN and ICMP Echo Requests with the original destination IP encoded into the packet, which can then be read back out by an external listening host.

Reception

Moore's work has gained him both praise and antagonism in the industry. Companies such as Microsoft have credited him with discovering vulnerabilities, yet some criticism of Metasploit and similar tools, due to their capacity for criminal use (rather than just offensive security), has fallen upon Moore himself. Moore has been warned by US law enforcement about his involvement in the Critical.IO scanning project. [14]

Related Research Articles

An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic. Such behavior frequently includes gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack. In lay terms, some exploit is akin to a 'hack'.

A penetration test, colloquially known as a pentest, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is performed to identify weaknesses, including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed.

In programming and software development, fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks. Typically, fuzzers are used to test programs that take structured inputs. This structure is specified, e.g., in a file format or protocol and distinguishes valid from invalid input. An effective fuzzer generates semi-valid inputs that are "valid enough" in that they are not directly rejected by the parser, but do create unexpected behaviors deeper in the program and are "invalid enough" to expose corner cases that have not been properly dealt with.

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.

<span class="mw-page-title-main">Metasploit</span> Computer security testing tool

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.

A month of bugs is a strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations.

webarchive is a Web archive file format available on macOS and Windows for saving and reviewing complete web pages using the Safari web browser. The webarchive format differs from a standalone HTML file because it also saves linked files such as images, CSS, and JavaScript. The webarchive format is a concatenation of source files with filenames saved in the binary plist format using NSKeyedArchiver. Support for webarchive documents was added in Safari 4 Beta on Windows and is included in subsequent versions. Safari in iOS 13 has support for web archive files. Previously there was a third party iOS app called Web Archive Viewer that provided this functionality.

A zero-day is a vulnerability or security hole in a computer system unknown to its owners, developers or anyone capable of mitigating it. Until the vulnerability is remedied, threat actors can exploit it in a zero-day exploit, or zero-day attack.

Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference. First held in April 2007 in Vancouver, the contest is now held twice a year, most recently in March 2024. Contestants are challenged to exploit widely used software and mobile devices with previously unknown vulnerabilities. Winners of the contest receive the device that they exploited and a cash prize. The Pwn2Own contest serves to demonstrate the vulnerability of devices and software in widespread use while also providing a checkpoint on the progress made in security since the previous year.

w3af Open-source web application security scanner

w3af is an open-source web application security scanner. The project provides a vulnerability scanner and exploitation tool for Web applications. It provides information about security vulnerabilities for use in penetration testing engagements. The scanner offers a graphical user interface and a command-line interface.

WarVOX was a free, open-source VOIP-based war dialing tool for exploring, classifying, and auditing phone systems. WarVOX processed audio from each call by using signal processing techniques and without the need of modems. WarVOX used VoIP providers over the Internet instead of modems used by other war dialers. It compared the pauses between words to identify numbers using particular voicemail systems.

<span class="mw-page-title-main">Kali Linux</span> Debian-based Linux distribution for penetration testing

Kali Linux is a Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security. The software is based on the Debian Testing branch: most packages Kali uses are imported from the Debian repositories.

A bug bounty program is a deal offered by many websites, organizations, and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.

<span class="mw-page-title-main">Heartbleed</span> Security bug in OpenSSL

Heartbleed is a security bug in some outdated versions of the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. It was introduced into the software in 2012 and publicly disclosed in April 2014. Heartbleed could be exploited regardless of whether the vulnerable OpenSSL instance is running as a TLS server or client. It resulted from improper input validation in the implementation of the TLS heartbeat extension. Thus, the bug's name derived from heartbeat. The vulnerability was classified as a buffer over-read, a situation where more data can be read than should be allowed.

Project Zero is a team of security analysts employed by Google tasked with finding zero-day vulnerabilities. It was announced on 15 July 2014.

<span class="mw-page-title-main">Stagefright (bug)</span> Software bug in Android

Stagefright is the name given to a group of software bugs that affect versions from 2.2 "Froyo" up until 5.1.1 "Lollipop" of the Android operating system exposing an estimated 950 million devices at the time. The name is taken from the affected library, which among other things, is used to unpack MMS messages. Exploitation of the bug allows an attacker to perform arbitrary operations on the victim's device through remote code execution and privilege escalation. Security researchers demonstrate the bugs with a proof of concept that sends specially crafted MMS messages to the victim device and in most cases requires no end-user actions upon message reception to succeed—the user doesn't have to do anything to 'accept' exploits using the bug; it happens in the background. A phone number is the only information needed to carry out the attack.

Offensive Security is an American international company working in information security, penetration testing and digital forensics. Operating from around 2007, the company created open source projects, advanced security courses, the ExploitDB vulnerability database, and the Kali Linux distribution. The company was started by Mati Aharoni, and employs security professionals with experience in security penetration testing and system security evaluation. The company has provided security counseling and training to many technology companies.

EternalBlue is computer exploit software developed by the U.S. National Security Agency (NSA). It is based on a vulnerability in Microsoft Windows that, at the time, allowed users to gain access to any number of computers connected to a network. The NSA had known about this vulnerability for several years but had not disclosed it to Microsoft yet, since they planned to use it as a defense mechanism against cyber attacks. In 2017, the NSA discovered that the software was stolen by a group of hackers known as the Shadow Brokers. Microsoft was informed of this and released security updates in March 2017 patching the vulnerability. While this was happening, the hacker group attempted to auction off the software, but did not succeed in finding a buyer. EternalBlue was then publicly released on April 14, 2017.

<span class="mw-page-title-main">Rafay Baloch</span> Pakistani ethical hacker and security researcher (born 1993)

Rafay Baloch is a Pakistani ethical hacker and security researcher. He has been featured and known by both national and international media and publications like Forbes, BBC, The Wall Street Journal, The Express Tribune and TechCrunch. He has been listed among the "Top 5 Ethical Hackers of 2014" by CheckMarx. Subsequently he was listed as one of "The 15 Most Successful Ethical Hackers WorldWide" and among "Top 25 Threat Seekers" by SCmagazine. Baloch has also been added in TechJuice 25 under 25 list for the year 2016 and got 13th rank in the list of high achievers. Reflectiz, a cyber security company, released the list of "Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021" recognizing Rafay Baloch as the top influencer. On 23 March 2022, ISPR recognized Rafay Baloch's contribution in the field of Cyber Security with Pride for Pakistan award. In 2021, Islamabad High court designated Rafay Baloch as an amicus curia for a case concerning social media regulations.

Log4Shell (CVE-2021-44228) is a zero-day vulnerability in Log4j, a popular Java logging framework, involving arbitrary code execution. The vulnerability had existed unnoticed since 2013 and was privately disclosed to the Apache Software Foundation, of which Log4j is a project, by Chen Zhaojun of Alibaba Cloud's security team on 24 November 2021. Before an official CVE identifier was made available on 10 December 2021, the vulnerability circulated with the name "Log4Shell", given by Free Wortley of the LunaSec team, which was initially used to track the issue online. Apache gave Log4Shell a CVSS severity rating of 10, the highest available score. The exploit was simple to execute and is estimated to have had the potential to affect hundreds of millions of devices.

References

  1. "runZero team", Mar 8, 2023, www.runzero.com/company/team/
  2. "Rumble Network Discovery is now runZero!", Aug 8, 2022, www.runzero.com/blog/introducing-runzero/
  3. "Team - Atredis Partners", May 14, 2019, www.atredis.com/team
  4. "HD Moore Chief Security Officer, Rapid7". RSA Conference. Archived from the original on 13 December 2014. Retrieved 15 November 2014.
  5. Jackson Higgins, Kelly (September 28, 2006). "HD Moore Unplugged". Dark Reading. Information Week. Retrieved July 15, 2015. Of course, being the industry's most famous white hat hacker also makes you a popular target
  6. Biancuzzi, Federico. "Metasploit 3.0 day". Security Focus. Retrieved 15 November 2014.
  7. http://hdm.io/ HD Moore’s personal page
  8. "A Month of Browser Bugs", August 3, 2006, www.schneier.com
  9. Keizer, Gregg (16 October 2007). "HD Moore takes iPhone exploits public". ComputerWorld. Retrieved 2017-04-27.
  10. Nachneir. "H.D. Moore Unveils Major UPnP Security Vulnerabilities". Watchguard Security. Retrieved 2017-04-27.
  11. Metasploit project page
  12. Rapid7 Acquires Metasploit
  13. Product page for commercial Metasploit editions
  14. Brewster, Tom (29 May 2014). "US cybercrime laws being used to target security researchers". The Guardian. Retrieved 15 November 2014.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.