HD Moore
@hdm.io
CEO and founder of runZero.com, previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams. Contact info, presentations, and more at https://hdm.io/
Identify insecure TLS services with the enhanced runZero Certificate Inventory: www.runzero.com/blog/identif...
Identify insecure TLS services with runZero Certificate Inventory
The runZero Certificates Inventory is an essential tool for seeing and securing every certificate in your environment. Explore these essential use cases.
www.runzero.com
November 6, 2025 at 3:07 PM
Identify insecure TLS services with the enhanced runZero Certificate Inventory: www.runzero.com/blog/identif...
Reposted by HD Moore
🎃 Happy Halloween! The end of #CybersecurityAwarenessMonth means it's time for our EoL-palooza grand finale!
The scariest find? A surge of End-of-Life Proxmox systems... software zombies attackers feast on.
🧟♂️ @hdm.io has the guide to hunt them down: www.runzero.com/blog/managin...
The scariest find? A surge of End-of-Life Proxmox systems... software zombies attackers feast on.
🧟♂️ @hdm.io has the guide to hunt them down: www.runzero.com/blog/managin...
After VMware: Managing EOL for Proxmox Hypervisors
Outdated Proxmox VE installs leave systems exposed as users migrate from VMware. With runZero you can easily identify EoL hosts and expiring TLS certs.
www.runzero.com
October 31, 2025 at 1:44 PM
🎃 Happy Halloween! The end of #CybersecurityAwarenessMonth means it's time for our EoL-palooza grand finale!
The scariest find? A surge of End-of-Life Proxmox systems... software zombies attackers feast on.
🧟♂️ @hdm.io has the guide to hunt them down: www.runzero.com/blog/managin...
The scariest find? A surge of End-of-Life Proxmox systems... software zombies attackers feast on.
🧟♂️ @hdm.io has the guide to hunt them down: www.runzero.com/blog/managin...
Austin Hackers Anonymous (AHA) is TONIGHT (2025-10-30) takeonme.org - Have some zero-day to share? AHA is an official CNA and will issue CVEs for vulnerabilities disclosed at the meeting. I'm planning to demo more SSHamble.com findings along with BloodHound OpenGraph stuff. See yall soon!
AHA!
Austin Hackers Anonymous!
takeonme.org
October 30, 2025 at 9:18 PM
Austin Hackers Anonymous (AHA) is TONIGHT (2025-10-30) takeonme.org - Have some zero-day to share? AHA is an official CNA and will issue CVEs for vulnerabilities disclosed at the meeting. I'm planning to demo more SSHamble.com findings along with BloodHound OpenGraph stuff. See yall soon!
Reposted by HD Moore
So this story is super duper interesting for a whole ton of reasons, but one big one is its a very rare glimpse into the private valuation of high-end exploits held by major defense contractors
bsky.app/profile/lega...
bsky.app/profile/lega...
Peter Williams, A former executive with US defense contractor L3Harris has pleaded guilty to selling digital spy tools to a Russian broker, the Justice Department announced. Williams pleaded to two counts of theft of trade secrets reut.rs/49o7Q0I
October 29, 2025 at 11:45 PM
So this story is super duper interesting for a whole ton of reasons, but one big one is its a very rare glimpse into the private valuation of high-end exploits held by major defense contractors
bsky.app/profile/lega...
bsky.app/profile/lega...
Just like chocolate and peanut butter, runZero and BloodHound are an amazing combination. Today we are introducing runZeroHound - an open source toolkit for bringing runZero Asset Inventory data into BloodHound attack graphs: www.runzero.com/blog/introdu...
Uncovering network attack paths with runZeroHound
runZeroHound converts runZero asset inventories into BloodHound OpenGraph imports, enabling Cypher-based analysis of real network attack paths.
www.runzero.com
October 27, 2025 at 4:34 PM
Just like chocolate and peanut butter, runZero and BloodHound are an amazing combination. Today we are introducing runZeroHound - an open source toolkit for bringing runZero Asset Inventory data into BloodHound attack graphs: www.runzero.com/blog/introdu...
Reposted by HD Moore
It's the spooky season, so several of my ebooks are on sale. 💀🎃🪦
Aloha from Hell appears to be $2.99 everywhere, and The Secrets of Insects is $6.99.
Dead Set and King Bullet are $1.99 each on Amazon.
US only
Aloha from Hell appears to be $2.99 everywhere, and The Secrets of Insects is $6.99.
Dead Set and King Bullet are $1.99 each on Amazon.
US only
October 23, 2025 at 5:03 PM
It's the spooky season, so several of my ebooks are on sale. 💀🎃🪦
Aloha from Hell appears to be $2.99 everywhere, and The Secrets of Insects is $6.99.
Dead Set and King Bullet are $1.99 each on Amazon.
US only
Aloha from Hell appears to be $2.99 everywhere, and The Secrets of Insects is $6.99.
Dead Set and King Bullet are $1.99 each on Amazon.
US only
SpecterOps released "DumpGuard" along with a detailed article on how they were able to bypass Windows Credential Guard in both privileged and unprivileged contexts. I learned a ton about Isolated LSA and friends: specterops.io/blog/2025/10...
Catching Credential Guard Off Guard - SpecterOps
Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.
specterops.io
October 23, 2025 at 7:19 PM
SpecterOps released "DumpGuard" along with a detailed article on how they were able to bypass Windows Credential Guard in both privileged and unprivileged contexts. I learned a ton about Isolated LSA and friends: specterops.io/blog/2025/10...
Reposted by HD Moore
Our new website has launched. We will continue to update the site with information as it becomes available.
https://bsidespyongyang.com/
https://bsidespyongyang.com/
October 20, 2025 at 3:55 AM
Our new website has launched. We will continue to update the site with information as it becomes available.
https://bsidespyongyang.com/
https://bsidespyongyang.com/
Reposted by HD Moore
🎙️ Join @hdm.io, @todb.hugesuccess.org & @sawaba.bsky.social for a live SC Media webcast:
“Fixing a Broken System: Why Legacy Vulnerability Management Tools Can’t Keep Up”
Learn what’s next for exposure & attack surface management.
📅 Oct 29
⏰ 2 PM ET
🔗 www.scworld.com/cybercast/fi...
“Fixing a Broken System: Why Legacy Vulnerability Management Tools Can’t Keep Up”
Learn what’s next for exposure & attack surface management.
📅 Oct 29
⏰ 2 PM ET
🔗 www.scworld.com/cybercast/fi...
October 22, 2025 at 2:06 PM
🎙️ Join @hdm.io, @todb.hugesuccess.org & @sawaba.bsky.social for a live SC Media webcast:
“Fixing a Broken System: Why Legacy Vulnerability Management Tools Can’t Keep Up”
Learn what’s next for exposure & attack surface management.
📅 Oct 29
⏰ 2 PM ET
🔗 www.scworld.com/cybercast/fi...
“Fixing a Broken System: Why Legacy Vulnerability Management Tools Can’t Keep Up”
Learn what’s next for exposure & attack surface management.
📅 Oct 29
⏰ 2 PM ET
🔗 www.scworld.com/cybercast/fi...
Reposted by HD Moore
I ♥️ encryption
Senator Ron Wyden calls on the Internet Society community to 📣 "GET LOUD" 📣 this Global Encryption Day!
"Get loud because you are the glue that holds the Internet together." - @wyden.senate.gov
Thank you for fighting for the Internet to give power to the powerless and a voice to the voiceless!
"Get loud because you are the glue that holds the Internet together." - @wyden.senate.gov
Thank you for fighting for the Internet to give power to the powerless and a voice to the voiceless!
Encryption Matters: In Conversation with Sally Wentworth and US Senator Ron Wyden
YouTube video by Internet Society
www.youtube.com
October 21, 2025 at 4:24 PM
I ♥️ encryption
Today's runZero Hour is up with Rob King, Tod Beardsley, and EOL expert and technology necromancer, captn3m0 (pronounced “nemo”). They will summon and explore runZero’s latest research paper, “Undead by design: Benchmarking end-of-life operating systems”:
www.youtube.com/watch?v=BXBb...
www.youtube.com/watch?v=BXBb...
runZero Hour: Episode 23
Join us for a scary episode of runZero Hour with Rob King, Tod Beardsley, and EOL expert and technology necromancer, captn3m0 (pronounced “nemo”). They will summon and explore runZero’s latest…
www.youtube.com
October 15, 2025 at 6:11 PM
Today's runZero Hour is up with Rob King, Tod Beardsley, and EOL expert and technology necromancer, captn3m0 (pronounced “nemo”). They will summon and explore runZero’s latest research paper, “Undead by design: Benchmarking end-of-life operating systems”:
www.youtube.com/watch?v=BXBb...
www.youtube.com/watch?v=BXBb...
JawnCon (jawncon.org) 0x02 just wrapped! I wish I could make it this year, but settled for catching the talks on the live stream:
Main Stage Day 1: www.youtube.com/live/Cvf-mAd...
Man Stage Day 2: www.youtube.com/watch?v=bcr6...
Classroom Day 2: www.youtube.com/watch?v=1aML...
Main Stage Day 1: www.youtube.com/live/Cvf-mAd...
Man Stage Day 2: www.youtube.com/watch?v=bcr6...
Classroom Day 2: www.youtube.com/watch?v=1aML...
October 13, 2025 at 8:43 PM
JawnCon (jawncon.org) 0x02 just wrapped! I wish I could make it this year, but settled for catching the talks on the live stream:
Main Stage Day 1: www.youtube.com/live/Cvf-mAd...
Man Stage Day 2: www.youtube.com/watch?v=bcr6...
Classroom Day 2: www.youtube.com/watch?v=1aML...
Main Stage Day 1: www.youtube.com/live/Cvf-mAd...
Man Stage Day 2: www.youtube.com/watch?v=bcr6...
Classroom Day 2: www.youtube.com/watch?v=1aML...
Hello Austin Gophers! Join us tonight, Wednesday, October 8th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM central (with pizza and drinks!): www.meetup.com/atxgolang/ev...
ATX Golang Meetup - September 2025, Wed, Sep 10, 2025, 6:30 PM | Meetup
Join us for an evening of information, networking, friendship, beer, and pizza! You are invited to come discuss our favorite programming language and meet other Go develope
www.meetup.com
October 8, 2025 at 4:46 PM
Hello Austin Gophers! Join us tonight, Wednesday, October 8th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM central (with pizza and drinks!): www.meetup.com/atxgolang/ev...
Reposted by HD Moore
🛡️ The attacker *will* get in. The real fight starts after the phish bites.
Learn how to stop lateral movement, harden internal pathways, and make your network an attacker’s nightmare.
👉 Read: www.runzero.com/blog/how-to-...
Learn how to stop lateral movement, harden internal pathways, and make your network an attacker’s nightmare.
👉 Read: www.runzero.com/blog/how-to-...
October 7, 2025 at 4:02 PM
🛡️ The attacker *will* get in. The real fight starts after the phish bites.
Learn how to stop lateral movement, harden internal pathways, and make your network an attacker’s nightmare.
👉 Read: www.runzero.com/blog/how-to-...
Learn how to stop lateral movement, harden internal pathways, and make your network an attacker’s nightmare.
👉 Read: www.runzero.com/blog/how-to-...
Reposted by HD Moore
New Mic-E-Mouse technique turns your optical mouse into a microphone that records conversations
sites.google.com/view/mic-e-m...
sites.google.com/view/mic-e-m...
Mic-E-Mouse
Your computer mouse has big ears.
Image courtesy of GPT4/Dall-E-3, generated using the keywords "computer mouse with big ears and a microphone as a scroll wheel."
sites.google.com
October 4, 2025 at 10:33 PM
New Mic-E-Mouse technique turns your optical mouse into a microphone that records conversations
sites.google.com/view/mic-e-m...
sites.google.com/view/mic-e-m...
Reposted by HD Moore
🎙️ New Alice & Bob podcast by @BeyondTrust: runZero founder & CEO @hdm.io joins James Maude & @marcmaiffret.bsky.social to share how he went from dumpster-diving teen to cybersecurity pioneer
🎧 Listen: www.runzero.com/resources/al...
🎧 Listen: www.runzero.com/resources/al...
October 2, 2025 at 8:08 PM
🎙️ New Alice & Bob podcast by @BeyondTrust: runZero founder & CEO @hdm.io joins James Maude & @marcmaiffret.bsky.social to share how he went from dumpster-diving teen to cybersecurity pioneer
🎧 Listen: www.runzero.com/resources/al...
🎧 Listen: www.runzero.com/resources/al...
@SectorCa 2025 is fantastic! I last attended in 2008 and holy cow has it grown. Great to see Brian and Bruce still involved. Excellent talks, really sharp crowd, zero attitude, and everyone is incredibly friendly. You can find the slides from my morning keynote at hdm.io/decks/Sector...
October 2, 2025 at 4:13 PM
@SectorCa 2025 is fantastic! I last attended in 2008 and holy cow has it grown. Great to see Brian and Bruce still involved. Excellent talks, really sharp crowd, zero attitude, and everyone is incredibly friendly. You can find the slides from my morning keynote at hdm.io/decks/Sector...
Reposted by HD Moore
✨ New report: Undead by design ✨
Zombie OSes aren’t just outdated, they’re risky. On Oct 14, Windows 10 goes EOL & 1/3 of Windows assets lose support. @todb.hugesuccess.org reveals how to protect your org:
👉 Read the (ungated!) report: www.runzero.com/resources/un...
Zombie OSes aren’t just outdated, they’re risky. On Oct 14, Windows 10 goes EOL & 1/3 of Windows assets lose support. @todb.hugesuccess.org reveals how to protect your org:
👉 Read the (ungated!) report: www.runzero.com/resources/un...
October 1, 2025 at 1:55 PM
✨ New report: Undead by design ✨
Zombie OSes aren’t just outdated, they’re risky. On Oct 14, Windows 10 goes EOL & 1/3 of Windows assets lose support. @todb.hugesuccess.org reveals how to protect your org:
👉 Read the (ungated!) report: www.runzero.com/resources/un...
Zombie OSes aren’t just outdated, they’re risky. On Oct 14, Windows 10 goes EOL & 1/3 of Windows assets lose support. @todb.hugesuccess.org reveals how to protect your org:
👉 Read the (ungated!) report: www.runzero.com/resources/un...
Reposted by HD Moore
🎙️ Risky Business Soap Box: @hdm.io chats with @patrick.risky.biz on why the old vuln mgmt playbook fails + what keeps defenders up at night:
🔍 Accurate vuln reads w/o spraying creds
🤝 Signals from EDR (not silos)
☁️ Cloud visibility where blind spots pile up
👉 www.runzero.com/resources/ri...
🔍 Accurate vuln reads w/o spraying creds
🤝 Signals from EDR (not silos)
☁️ Cloud visibility where blind spots pile up
👉 www.runzero.com/resources/ri...
September 29, 2025 at 8:01 PM
🎙️ Risky Business Soap Box: @hdm.io chats with @patrick.risky.biz on why the old vuln mgmt playbook fails + what keeps defenders up at night:
🔍 Accurate vuln reads w/o spraying creds
🤝 Signals from EDR (not silos)
☁️ Cloud visibility where blind spots pile up
👉 www.runzero.com/resources/ri...
🔍 Accurate vuln reads w/o spraying creds
🤝 Signals from EDR (not silos)
☁️ Cloud visibility where blind spots pile up
👉 www.runzero.com/resources/ri...
Reposted by HD Moore
🍁 runZero is at SecTor!
🎤 Rob King — spotting counterfeit devices (Wed 4:15pm, Rm 716B)
🎤 @hdm.io — rules of cybersecurity (Thu 9am, Hall F)
🍻 HH w/@greynoise.io (Wed 6–8pm, The Pint)
👉RSVP: www.runzero.com/sector-happy...
✅ Register: sector.informafestivals.com/2025/
🎤 Rob King — spotting counterfeit devices (Wed 4:15pm, Rm 716B)
🎤 @hdm.io — rules of cybersecurity (Thu 9am, Hall F)
🍻 HH w/@greynoise.io (Wed 6–8pm, The Pint)
👉RSVP: www.runzero.com/sector-happy...
✅ Register: sector.informafestivals.com/2025/
September 29, 2025 at 5:09 PM
🍁 runZero is at SecTor!
🎤 Rob King — spotting counterfeit devices (Wed 4:15pm, Rm 716B)
🎤 @hdm.io — rules of cybersecurity (Thu 9am, Hall F)
🍻 HH w/@greynoise.io (Wed 6–8pm, The Pint)
👉RSVP: www.runzero.com/sector-happy...
✅ Register: sector.informafestivals.com/2025/
🎤 Rob King — spotting counterfeit devices (Wed 4:15pm, Rm 716B)
🎤 @hdm.io — rules of cybersecurity (Thu 9am, Hall F)
🍻 HH w/@greynoise.io (Wed 6–8pm, The Pint)
👉RSVP: www.runzero.com/sector-happy...
✅ Register: sector.informafestivals.com/2025/
Reposted by HD Moore
The CVE program nearly lost its funding. Cue the collective InfoSec panic.
But only ~20% of incidents start with a CVE exploit. The rest? Misconfigs + bad segmentation exposures tools shrug at.
@todb.hugesuccess.org explores what a post-CVE world might mean: www.runzero.com/blog/grappli...
But only ~20% of incidents start with a CVE exploit. The rest? Misconfigs + bad segmentation exposures tools shrug at.
@todb.hugesuccess.org explores what a post-CVE world might mean: www.runzero.com/blog/grappli...
September 25, 2025 at 7:01 PM
The CVE program nearly lost its funding. Cue the collective InfoSec panic.
But only ~20% of incidents start with a CVE exploit. The rest? Misconfigs + bad segmentation exposures tools shrug at.
@todb.hugesuccess.org explores what a post-CVE world might mean: www.runzero.com/blog/grappli...
But only ~20% of incidents start with a CVE exploit. The rest? Misconfigs + bad segmentation exposures tools shrug at.
@todb.hugesuccess.org explores what a post-CVE world might mean: www.runzero.com/blog/grappli...
Reposted by HD Moore
📺 Join us today for the Security Week virtual Attack Surface Management Summit! Tune in for @hdm.io's keynote on "Rewriting the Rules of Exposure Management" to hear why traditional approaches keep failing and why we need a better way to manage vulns.
asmsummit.securityweek.com/en/
asmsummit.securityweek.com/en/
September 17, 2025 at 3:31 PM
📺 Join us today for the Security Week virtual Attack Surface Management Summit! Tune in for @hdm.io's keynote on "Rewriting the Rules of Exposure Management" to hear why traditional approaches keep failing and why we need a better way to manage vulns.
asmsummit.securityweek.com/en/
asmsummit.securityweek.com/en/
Reposted by HD Moore
In this new episode of Risky Business, Pat Gray and @hdm.io unpack the transformation of runZero into a full-blown vuln management platform. Tune in to get Pat's take on our unconventional approach to scanning -- without spraying credentials all over your network. www.runzero.com/resources/ri...
September 16, 2025 at 6:13 PM
In this new episode of Risky Business, Pat Gray and @hdm.io unpack the transformation of runZero into a full-blown vuln management platform. Tune in to get Pat's take on our unconventional approach to scanning -- without spraying credentials all over your network. www.runzero.com/resources/ri...
Hello Austin Gophers! Join us tonight, Wednesday, September 10th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This meetup is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM CDT (with pizza and drinks!): www.meetup.com/atxgolang/ev...
ATX Golang Meetup - August 2025 - Hacker Lightning Talks, Wed, Aug 13, 2025, 6:30 PM | Meetup
Our August meetup includes lightning talks with a focus on using Go for cybersecurity, including recaps of awesome Go work from the 2025 Black Hat and DEF CON conferences.
www.meetup.com
September 10, 2025 at 4:11 PM
Hello Austin Gophers! Join us tonight, Wednesday, September 10th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This meetup is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM CDT (with pizza and drinks!): www.meetup.com/atxgolang/ev...
Looking forward to seeing all you hackers in meatspace! I'm bouncing between tracks and sharing slides (Unconference today + Track 2 tomorrow) on the Discord. If you're at @blueteamcon.com this weekend, please say hi, I look like this:
September 6, 2025 at 7:13 PM
Looking forward to seeing all you hackers in meatspace! I'm bouncing between tracks and sharing slides (Unconference today + Track 2 tomorrow) on the Discord. If you're at @blueteamcon.com this weekend, please say hi, I look like this: