// WHO
My name is HD Moore, I am the founder and CEO of runZero, the single source of truth for exposure management and the best way for organizations to minimize risk across their total attack surface. I love network protocols, device fingerprinting, and security research. Prior to starting runZero, I was best known as the founder of Metasploit.
// CONTACT PROTOCOLS
This is a comprehensive list of the accounts I use to communicate. If you see an account claiming to be me that is not on this list, it's likely an impersonator. If they offer to help you recover cryptocurrency funds, break into someone else's systems, or offer commercial services, it is almost certainly a scam.
- email (personal)
- xhdmio
- email (work)
- hdmrunZerocom
- mastodon
- @hdm@infosec.exchange [mirror]
- signal
- hdm.01
- bluesky
- @hdm.io
- discord
- _hdm_
- @hdmoore
- github
- @hdm
- @hdmoore
- blog
- runZero.com
// PRESENTATIONS
- The Once and Future Rules of Cybersecurity
- SecTor - October 2025
- The Death and Rebirth of Vulnerability Management
- Blue Team Con 2025 - September 2025
- Shaking Out Shells With SSHamble
- DEF CON 33 - August 2025
- Forging Strong Communities In Uncertain Times
- The Diana Initiative - August 2025
- Turbo Tactical Exploitation: 22 Tips for Tricky Targets
- BSides Las Vegas - August 2025
- A Pirate's Guide to Snake Oil & Security
- NorthSec - May 2025
- Charting the SSH Multiverse
- BSides San Francisco - April 2025
- Vulnerability Management Is Broken: What's The Fix?
- Omdia Webcast - April 2025
- Your Next Incident Won't Have a CVE
- Attack Surface Cybersecurity Summit - March 2025
- Numbers of the Beast
- Kybertuska - March 2025
- Building Open Source Security Communities
- SnowFROC `25 - March 2025
- The Unreasonable Effectiveness of Inside Out Attack Surface Management
- DarkReading - December 2024
- Big MAC Attack
- Hacker Hoedown - November 2024
- Hacker Numerology
- RowdyCon - October 2024
- Hacker Numerology
- LASCON - October 2024
- A Pebble Down the Well: Network Exploration
- JawnCon 0x1 - October 2024
- SSHamble: Unexpected Exposures in the Secure Shell
- DEF CON 32 - August 2024
- Secure Shells in Shambles
- Black Hat USA - August 2024
- 25 Years of Vulnerability Mismanagement
- CypherCon - April 2024
- Wires & Outliers
- Texas Cyber Summit - September 2023
- Modern Network Discovery
- Duo Tech Talks - December 2019
- Modern Internet Scale Reconnaissance
- BSides Las Vegas 2017
- Internet of Threats
- United Summit 2015
- The Security Space Age
- HouSecCon 2013
- Scanning Darkly
- DerbyCon 2013
- The Threat Landscape
- United Summit 2013
- Untangling Windows 8 Web Services
- OWASP Austin 2013
- Serial Offenders
- InfoSecSouthwest 2013
- Serial Offenders
- AusCERT 2013 SCADA Forum
- Global Network Security
- AusCERT 2013
- Global Vulnerability Analysis
- Queensland Police Workshop 2013
- Serial Offenders
- AISA 2013
- Using Metasploit on Kali Linux
- Rapid7 Webcast 2013
- Global Vulnerability Analysis
- RSA USA 2013
- Security Flaws in Universal Plug and Play
- Rapid7 Webcast 2013
- The Wild West
- DerbyCon 2012
- Validating Risks in Your Security Program
- Rapid7 Webcast 2012
- Empirical Exploitation
- SANS Pen-test Summit 2012
- The Root Shell Index
- OWASP Austin 2012
- Terrible Things in Network Security
- Secure360 2012
- Easy Network Intrusion with Java
- Rapid7 Webcast 2012
- How Automated Security Assessments Stop Untargeted Attacks
- Rapid7 Webcast 2012
- Identifying IPv6 Security Risks in IPv4 Networks
- Rapid7 Webcast 2012
- Effective Password Testing using Metasploit
- Rapid7 Webcast 2012
- Metasploit Community Edition
- Rapid7 Webcast 2011
- Acoustic Intrusions
- DerbyCon 2011
- Something Awesome (WarVOX)
- BSides Las Vegas 2011
- Fixing the Right Vulnerabilities
- Rapid7 Webcast 2011
- Metasploit 4.0
- Rapid7 Webcast 2011
- Oil Fields, Quake Live, and Metasploit
- BSides Austin 2011
- When CSOs Attack
- BSides San Francisco 2011
- Board Room Spy Cams
- Rapid7 Webcast 2011
- Beyond Exploits
- Secure360 2010
- Cyber Weaponry
- MIL-OSS 2010
- Fun with VxWorks
- DEF CON SkyTalks 2010
- Metasploit 3.4 and Beyond
- Rapid7 Webcast 2010
- Network Time Bandits
- BSides San Francisco 2010
- Metasploit and Money
- Black Hat DC 2010
- Death by 32 Bits
- SOURCE Boston 2010
- WarVOX
- DEF CON 2009
- Metasploit Evolved
- DEF CON 2009
- WarVOX
- BSides Las Vegas 2009
- The Future of Metasploit
- SANS Pen-test Summit 2009
- Exploiting IPv6
- SecTor 2008
- Metasploit Prime
- SecTor 2008
- Keynote
- SANS Penetration Testing Summit 2008
- Tactical Exploitation
- DEF CON 2007
- Tactical Exploitation
- Black Hat Briefings 2007
- Live Free or Hack Hard: Metasploit 2007
- CanSecWest 2007
- Metasploit
- FOSDEM 2007
- Metasploit 3
- IT-ISAC October 2006
- Metasploit Reloaded
- Black Hat Briefings 2006
- Thermoptic Camouflage
- Black Hat Briefings 2006
- Six Degrees of XSSPloitation
- Black Hat Briefings 2006
- Metasploitation
- Cansecwest 2006
- Metasploit v3.0
- Microsoft Blue Hat 2006
- Bitten on the ASP
- Microsoft Blue Hat 2006
- Abusing Disaster Recovery Systems
- InterzoneWest 2005
- Abusing Disaster Recovery Systems
- FIRST 2005
- The Art of Blue Teaming
- UTSA CIAS 2005
- We Have the Technology
- Microsoft Blue Hat 2005
- Advances in Exploit Technology
- Cansecwest 2005
- Hacking Like in the Movies
- DEF CON 2004
- Hacking Like in the Movies
- Black Hat Briefings 2004
- Modern ASP.NET Caveats
- Cansecwest 2004
- Exploiting the Metasploit Framework
- Cansecwest 2004
- Advanced Exploit Development
- Hack-in-the-Box 2003
- Breaking ASP.NET
- Cansecwest 2002
- SQL Injection
- SANS Bootcamp 2002
- Smashing Windows
- SANS Bootcamp 2002
- Making NT Bleed
- SANS I/O Wargames 2001
- Making NT Bleed
- Cansecwest 2001
// PAPERS
- runZero Research Report: Volume 1
- with Rob King & Tom Sellers at RSA Conference 2024
- Balkanization from Above
- with Dan Geer in USENIX ;login: (August 2015)
- Mitigating Service Account Credential Theft on Windows
- with Joe Bialek & Ashwath Murthy
- Tactical Exploitation
- with Valsmith at Black Hat USA 2010