HD Moore
Encyclopedia
HD Moore is the creator of Metasploit, a popular penetration testing software. HD founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development. He is also known for his work in WarVOX
, AxMan, the Metasploit uncloaking Engine and the Rogue Network Link Detection Tools.
Currently, HD is Chief Security Officer at Rapid7
and Chief Architect of Metasploit, an open-source penetration testing platform.
project meme and resulted a massive number of browser patches and improved security measures.
WarVOX
WarVOX is a free, open-source VOIP-based war dialing tool for exploring, classifying, and auditing phone systems. WarVOX processes audio from each call without using modems, using signal processing techniques. WarVOX uses VoIP providers over the Internet instead of modems used by other war dialers...
, AxMan, the Metasploit uncloaking Engine and the Rogue Network Link Detection Tools.
Currently, HD is Chief Security Officer at Rapid7
Rapid7
Rapid7 is a vulnerability management and penetration testing company headquartered in Boston, Massachusetts. Its primary products are Nexpose and Metasploit...
and Chief Architect of Metasploit, an open-source penetration testing platform.
Software projects
- The Metasploit Framework is a development platform for creating security tools and exploitsExploit (computer security)An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic...
. The framework is used by network security professionals to perform penetration testing, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler. In October 2009, the Metasploit project was acquired by Rapid7Rapid7Rapid7 is a vulnerability management and penetration testing company headquartered in Boston, Massachusetts. Its primary products are Nexpose and Metasploit...
. While the Metasploit Framework continues to be free, Rapid7 has added a commercial edition called Metasploit Express. With the acquisition of the project, HD Moore became Chief Security Officer at Rapid7 while remaining Chief Architect of Metasploit.
- WarVOXWarVOXWarVOX is a free, open-source VOIP-based war dialing tool for exploring, classifying, and auditing phone systems. WarVOX processes audio from each call without using modems, using signal processing techniques. WarVOX uses VoIP providers over the Internet instead of modems used by other war dialers...
is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX processes the raw audio from each call and does not use a modem directly. This unique model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders using signal processing techniques.
- AxMan is an ActiveXActiveXActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....
fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process. This allows for a much more realistic test than other COM-based assessment tools.
- The Metasploit Decloaking Engine is a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed.
- The Rogue Network Link Detection Tools are designed to detect unauthorized outbound network links on large corporate networks. These tools send spoofed TCP SYN and ICMP Echo Requests with the original destination IP encoded into the packet, which can then be read back out by an external listening host.
Research projects
HD created the Month of Browser Bugs project as an experiment in fast-paced vulnerability discovery in combination with full disclosure. This started the Month of BugsMonth of Bugs
Month of Bugs is an increasingly popular strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations. The tenet is these corporations have shown themselves to be unresponsive and uncooperative to security alerts and that "responsible...
project meme and resulted a massive number of browser patches and improved security measures.
Further reading
- "The Hacker Diaries" by Dan Verton, Hardcover - Mar 26, 2002, ISBN 0072223642, pp. 166–181