H. D. Moore

From Wikipedia, the free encyclopedia
  (Redirected from HD Moore)
Jump to: navigation, search
H. D. Moore
Born 1981
Nationality U.S. American
Occupation Information security researcher and programmer
Employer Rapid7
Known for Metasploit
Website hdm.io

H D Moore is network security expert, open source programmer, and hacker. He is the developer of the Metasploit Framework, a penetration testing software suite, and the founder of the Metasploit Project.

He now serves as Chief Research Officer at Boston, MA based security firm Rapid7, a provider of security data and analytics software and cloud solutions, but remains the chief architect of the Metasploit Framework.[1]

He has been referred to as "the industry's most famous white hat hacker"[2]

Information Security work[edit]

Moore developed security software utilities for the United States Department of Defense as a teenager,[3] and founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development.[4]

He is known for his work in WarVOX, AxMan, the Metasploit Decloaking Engine and the Rogue Network Link Detection Tools.,[5] and started a "Month of Browser Bugs" (MoBB) initiative in 2006[6] as an experiment in fast-paced vulnerability discovery with full disclosure. This started the Month of Bugs project meme, and resulted a number of web browser patches and improved security measures.

Moore has discovered, or been involved in the discovery of, a number of critical security vulnerabilities.[7][8]

Metasploit Framework[edit]

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration testing, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembly language.[9] In October 2009, the Metasploit project was acquired by Rapid7.[10] While the Metasploit Framework continues to be free, Rapid7 has added a commercial edition called Metasploit Express.[11] With the acquisition of the project, HD Moore became Chief Security Officer at Rapid7 while remaining Chief Architect of Metasploit.


Main article: WarVOX

WarVOX is a software suite for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX processes the raw audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders using signal processing techniques.


AxMan is an ActiveX fuzzing engine. The goal of AxMan is to discover vulnerabilities in COM objects exposed through Internet Explorer. Since AxMan is web-based, any security changes in the browser will also affect the results of the fuzzing process.

Metasploit Decloaking Engine[edit]

The Metasploit Decloaking Engine is a system for identifying the real IP address of a web user, regardless of proxy settings, using a combination of client-side technologies and custom services. No vulnerabilities are exploited by this tool. A properly configured Tor setup should not result in any identifying information being exposed.

Rogue Network Link Detection Tools[edit]

The Rogue Network Link Detection Tools are designed to detect unauthorized outbound network links on large corporate networks. These tools send spoofed TCP SYN and ICMP Echo Requests with the original destination IP encoded into the packet, which can then be read back out by an external listening host.


Moore's work has gained him both praise and antagonism in the industry. Companies such as Microsoft have credited him with discovering vulnerabilities, yet there has been criticism of Metasploit and similar tools due to their capacity to be used for criminal purposes instead of just offensive security and some of that criticism has fallen upon Moore himself. Moore has been warned by US law enforcement about his involvement in the Critical.IO scanning project.[12] According to Moore, though, "We're always chasing the bad guys – the good guys are never ahead. We're not the ones who wrote these exploits. They are often found in the wild and the defenders are generally following the black hats."[13]


  1. ^ . RSA Conference http://www.rsaconference.com/speakers/hd-moore. Retrieved 15 November 2014.  Missing or empty |title= (help)
  2. ^ Jackson Higgins, Kelly (September 28, 2006). "HD Moore Unplugged". Dark Reading. Information Week. Retrieved July 15, 2015. Of course, being the industry's most famous white hat hacker also makes you a popular target 
  3. ^ Jackson Higgins, Kelly. "HD Moore Unplugged". InformationWeek. Retrieved 15 November 2014. 
  4. ^ Biancuzzi, Federico. "Metasploit 3.0 day". Security Focus. Retrieved 15 November 2014. 
  5. ^ http://hdm.io/ HD Moore’s personal page
  6. ^ "A Month of Browser Bugs", August 3, 2006, www.schneier.com
  7. ^ Keizer, Gregg. "HD Moore takes iPhone exploits public". ComputerWorld. Retrieved 15 November 2014. 
  8. ^ Nachneir. Watchguard Security http://watchguardsecuritycenter.com/2013/01/31/h-d-moore-unveils-major-upnp-security-vulnerabilities/. Retrieved 15 November 2014.  Missing or empty |title= (help)
  9. ^ Metasploit project page
  10. ^ Rapid7 Acquires Metasploit
  11. ^ Product page for Metasploit Express
  12. ^ Brewster, Tom. "US cybercrime laws being used to target security researchers". The Guardian. Retrieved 15 November 2014. 
  13. ^ Bort, Julie. "Metasploit's HD Moore from (almost) rags to (not quite) riches". Infoworld. Retrieved 15 November 2014. 

Further reading[edit]

External links[edit]