HD Moore <hdm@digitaloffense.net> (PGP)

HD is Chief Security Officer at Rapid7 and Chief Architect of Metasploit, the leading open-source penetration testing platform. HD founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development. Prior to joining Rapid7 and continuing his work on the Metasploit Framework, HD was the Director of Security Research at BreakingPoint Systems, where he focused on the content and security testing features of the BreakingPoint product line. Prior to BreakingPoint, HD spent seven years providing vulnerability assessments, leading penetration tests, and developing exploit code.

More information: LinkedIn | Twitter | Code

Software Projects

  • The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

  • WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX processes the raw audio from each call and does not use a modem directly. This unique model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders using signal processing techniques.

  • AxMan is a web-based ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process. This allows for a much more realistic test than other COM-based assessment tools.

  • The Metasploit Decloaking Engine is a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed.

  • The Rogue Network Link Detection Tools are designed to detect unauthorized outbound network links on large corporate networks. These tools send spoofed TCP SYN and ICMP Echo Requests with the original destination IP encoded into the packet, which can then be read back out by an external listening host.

Research Projects

  • HD created the Month of Browser Bugs project as an experiment in fast-paced vulnerability discovery in combination with full disclosure. This started the "Month Of" project meme and resulted a massive number of browser patches and improved security measures.

Presentations

  • Presented "WarVOX" at Defcon 2009
  • Presented "Metasploit Evolved" at Defcon 2009
  • Presented "WarVOX" at Security B-Sides Las Vegas 2009
  • Presented "The Future of Metasploit" at SANS Pen-test Summit 2009
  • Presented "Exploiting IPv6" at SecTor 2008
  • Presented "Metasploit Prime" at SecTor 2008
  • Presented the keynote at SANS Penetration Testing Summit 2008
  • Presented "Tactical Exploitation" at Defcon 2007
  • Presented "Tactical Exploitation" at Black Hat Briefings 2007
  • Presented "Live Free or Hack Hard: Metasploit 2007" at CanSecWest 2007
  • Presented "Metasploit" at FOSDEM 2007
  • Presented "Metasploit 3" at IT-ISAC October 2006
  • Presented "Metasploit Reloaded" at Black Hat Briefings 2006
  • Presented "Thermoptic Camouflage" at Black Hat Briefings 2006
  • Presented "Six Degrees of XSSPloitation" at Black Hat Briefings 2006
  • Presented "Metasploitation" at Cansecwest 2006
  • Presented "Metasploit v3.0" at Microsoft Blue Hat (2006)
  • Presented "Bitten on the ASP" at Microsoft Blue Hat (2006)
  • Presented "Abusing Disaster Recovery Systems" at InterzoneWest 2005
  • Presented "Abusing Disaster Recovery Systems" at FIRST 2005
  • Presented "The Art of Blue Teaming" to the UTSA CIAS group in 2005
  • Presented "We Have the Technology" at Microsoft Blue Hat 2005
  • Presented "Advances in Exploit Technology" at Cansecwest 2005
  • Presented "Hacking Like in the Movies" at Defcon XII 2004
  • Presented "Hacking Like in the Movies" at Black Hat Briefings 2004
  • Presented "Modern ASP.NET Caveats" at Cansecwest 2004
  • Presented "Exploiting the Metasploit Framework" at Cansecwest 2004
  • Presented "Advanced Exploit Development" at Hack-in-the-Box 2003
  • Presented "Breaking ASP.NET" at Cansecwest 2002
  • Presented "SQL Injection" at SANS Bootcamp in 2002
  • Presented "Smashing Windows" at SANS Bootcamp in 2002
  • Presented "Making NT Bleed" at SANS I/O Wargames in 2001
  • Presented "Making NT Bleed" at Cansecwest 2001