hdm.io
HD Moore
@hdm.io
2K followers 1.4K following 81 posts
CEO and founder of runZero.com, previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams. Contact info, presentations, and more at https://hdm.io/
hdm.io
Posts Media Videos Starter Packs
hdm.io
HD Moore @hdm.io · 9h
Hello Austin Gophers! Join us tonight, Wednesday, October 8th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM central (with pizza and drinks!): www.meetup.com/atxgolang/ev...
ATX Golang Meetup - September 2025, Wed, Sep 10, 2025, 6:30 PM | Meetup
Join us for an evening of information, networking, friendship, beer, and pizza! You are invited to come discuss our favorite programming language and meet other Go develope
www.meetup.com
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 1d
🛡️ The attacker *will* get in. The real fight starts after the phish bites.

Learn how to stop lateral movement, harden internal pathways, and make your network an attacker’s nightmare.

👉 Read: www.runzero.com/blog/how-to-...
1
Reposted by HD Moore
campuscodi.risky.biz
Catalin Cimpanu @campuscodi.risky.biz · 4d
New Mic-E-Mouse technique turns your optical mouse into a microphone that records conversations

sites.google.com/view/mic-e-m...
Mic-E-Mouse
Your computer mouse has big ears. Image courtesy of GPT4/Dall-E-3, generated using the keywords "computer mouse with big ears and a microphone as a scroll wheel."
sites.google.com
1 3 20
hdm.io
HD Moore @hdm.io · 4d
thank you!
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 6d
🎙️ New Alice & Bob podcast by @BeyondTrust: runZero founder & CEO @hdm.io joins James Maude & @marcmaiffret.bsky.social to share how he went from dumpster-diving teen to cybersecurity pioneer
🎧 Listen: www.runzero.com/resources/al...
1 1
hdm.io
HD Moore @hdm.io · 6d
@SectorCa 2025 is fantastic! I last attended in 2008 and holy cow has it grown. Great to see Brian and Bruce still involved. Excellent talks, really sharp crowd, zero attitude, and everyone is incredibly friendly. You can find the slides from my morning keynote at hdm.io/decks/Sector...
SecTor Briefings: The Once and Future Rules of Cybersecurity - day two keynote by HD Moore
1
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 7d
✨ New report: Undead by design ✨

Zombie OSes aren’t just outdated, they’re risky. On Oct 14, Windows 10 goes EOL & 1/3 of Windows assets lose support. @todb.hugesuccess.org reveals how to protect your org:

👉 Read the (ungated!) report: www.runzero.com/resources/un...
3 1
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 9d
🎙️ Risky Business Soap Box: @hdm.io chats with @patrick.risky.biz on why the old vuln mgmt playbook fails + what keeps defenders up at night:

🔍 Accurate vuln reads w/o spraying creds
🤝 Signals from EDR (not silos)
☁️ Cloud visibility where blind spots pile up

👉 www.runzero.com/resources/ri...
1
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 9d
🍁 runZero is at SecTor!

🎤 Rob King — spotting counterfeit devices (Wed 4:15pm, Rm 716B)
🎤 @hdm.io — rules of cybersecurity (Thu 9am, Hall F)
🍻 HH w/@greynoise.io (Wed 6–8pm, The Pint)

👉RSVP: www.runzero.com/sector-happy...
✅ Register: sector.informafestivals.com/2025/
1 2
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 13d
The CVE program nearly lost its funding. Cue the collective InfoSec panic.

But only ~20% of incidents start with a CVE exploit. The rest? Misconfigs + bad segmentation exposures tools shrug at.

@todb.hugesuccess.org explores what a post-CVE world might mean: www.runzero.com/blog/grappli...
2 3
hdm.io
HD Moore @hdm.io · 16d
welcome! it's finally cooling off a bit
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 21d
📺 Join us today for the Security Week virtual Attack Surface Management Summit! Tune in for @hdm.io's keynote on "Rewriting the Rules of Exposure Management" to hear why traditional approaches keep failing and why we need a better way to manage vulns.

asmsummit.securityweek.com/en/
1 1
Reposted by HD Moore
runzero.com
runZero (Official Account) @runzero.com · 22d
In this new episode of Risky Business, Pat Gray and @hdm.io unpack the transformation of runZero into a full-blown vuln management platform. Tune in to get Pat's take on our unconventional approach to scanning -- without spraying credentials all over your network. www.runzero.com/resources/ri...
1 1
hdm.io
HD Moore @hdm.io · 28d
Hello Austin Gophers! Join us tonight, Wednesday, September 10th, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This meetup is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM CDT (with pizza and drinks!): www.meetup.com/atxgolang/ev...
ATX Golang Meetup - August 2025 - Hacker Lightning Talks, Wed, Aug 13, 2025, 6:30 PM | Meetup
Our August meetup includes lightning talks with a focus on using Go for cybersecurity, including recaps of awesome Go work from the 2025 Black Hat and DEF CON conferences.
www.meetup.com
3
hdm.io
HD Moore @hdm.io · Sep 6
Looking forward to seeing all you hackers in meatspace! I'm bouncing between tracks and sharing slides (Unconference today + Track 2 tomorrow) on the Discord. If you're at @blueteamcon.com this weekend, please say hi, I look like this:
A picture of HD Moore wearing plaid shirt, blue lanyard, and green backpack.
1 9
hdm.io
HD Moore @hdm.io · Aug 13
Hello Austin-area software engineers (or aspiring engineers)! Join us tonight, Wednesday, August 13, 2025 for two hours of lightning talks and discussion at the ATX Go meetup. This meetup is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM CDT: www.meetup.com/atxgolang/ev...
ATX Golang Meetup - August 2025 - Hacker Lightning Talks, Wed, Aug 13, 2025, 6:30 PM | Meetup
Our August meetup includes lightning talks with a focus on using Go for cybersecurity, including recaps of awesome Go work from the 2025 Black Hat and DEF CON conferences.
www.meetup.com
1 6
hdm.io
HD Moore @hdm.io · Aug 13
If you missed this talk at BH/DC last week, it's worth a read: "From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion". Awesome work from Shu-Hao, Tung (123ojp) covering practical attacks on GRE and VxLAN tunnels: media.defcon.org/DEF%20CON%20...
DEF CON title slide for "From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion"
2 2 12
hdm.io
HD Moore @hdm.io · Aug 13
Blue Team Con (@blueteamcon.com) is only three weeks away! I'm excited to share "The Death and Rebirth of Vulnerability Management", an analysis of coverage, tradeoffs, and efficacy across vulnerability scanners, endpoint agents, and open source security tools.

blueteamcon.com/directory/th...
The Death and Rebirth of Vulnerability Management - Blue Team Con
Learn more about our BTC 2025 talk: The Death and Rebirth of Vulnerability Management, presented by HD Moore.
blueteamcon.com
1 5
hdm.io
HD Moore @hdm.io · Aug 13
thank you!
1
Reposted by HD Moore
Sean Michael Kerner @techjournalist.bsky.social · Aug 12
The legendary @hdm.io was @defcon.bsky.social this year (of course!) and revealed some critical challenges in widely used SSH protocol and provider recommendations on how to make it better.
@networkworld.bsky.social

www.networkworld.com/article/4038...
Critical SSH vulnerabilities expose enterprise network infrastructure as patching lags
Researcher at DEF CON reveals some critical challenges in widely used SSH protocol and provider recommendations on how to make it better.
www.networkworld.com
4 7
hdm.io
HD Moore @hdm.io · Aug 13
Blue Team Con is just three weeks away!
blueteamcon.com
Blue Team Con @blueteamcon.com · Nov 24
Blue Team Con 2025. Training + Conference. September 4-7. Fairmont Chicago. www.blueteamcon.com
3
Reposted by HD Moore
canyonr.com
Canyon R @canyonr.com · Aug 9
Great talk on community building by @hdm.io and @circuitswan.bsky.social at the @dianainitiative.bsky.social. Definitely one of those talks that I didn’t know I needed till I was there. #defcon33 #CommunityBuilding
1 2 2
hdm.io
HD Moore @hdm.io · Aug 10
Thank you to everyone who made it out for my DEF CON 33 presentation, "Shaking Out Shells With SSHamble", you can find the materials online at hdm.io/decks/MOORE%...

This deck includes some lightly-censored zero-day (more decks @ hdm.io)
A top-level overview of the presentation presented as a grid of thumbnails, showing 42 slides.
4 8
hdm.io
HD Moore @hdm.io · Aug 10
thank you!
hdm.io
HD Moore @hdm.io · Aug 10
Are you an Austin-area software engineer who writes Go (or aspires to become one)? Join us Wednesday, August 13, 2025 for two hours of lightning talks and discussion.

This meetup is hosted by Capital Factory and runs from 6:30 PM to 8:30 PM CDT: www.meetup.com/atxgolang/ev...
ATX Golang Meetup - August 2025 - Hacker Lightning Talks, Wed, Aug 13, 2025, 6:30 PM | Meetup
Our August meetup includes lightning talks with a focus on using Go for cybersecurity, including recaps of awesome Go work from the 2025 Black Hat and DEF CON conferences.
www.meetup.com
3 5