 time here from Lauren systems. And in July of 2021, I did a video on a tool called rumble. And I was pretty blown away with just how well it worked at doing asset discovery of devices on your network. Pretty amazing product. And I just renewed my license. So I wanted to throw that out there that this is not a sponsored video. I actually pay and integrate this into our stack of tools that we use at my company. I wanted to get those things out upfront, but I do want to mention if you want to use it in your home lab or want to try all the product, I do have a link down below if you'd like to click it, not a paid link. It just is a tracking link. If people want to know, you know, how they discovered rumble, it will let you know. And it's basically run zero was the new name slash Tom Lawrence, but that's linked down below if you're interested or you just want to go there and say, I don't want to tell people I'm associated with watching that Tom Lawrence guy either way. I wish I had to be upfront, very clear about the purpose and any of the driving biases I have towards any of the products I talk about. Now, speaking of driving biases, yes, I'm biased. I like the product, which is why I'm doing the updated video. Originally it was called rumble in 2021. It was built by HD more and I found it on the risky business podcast. Those are a lot of the interesting tidbits that I'll leave link down below if you want to listen to the risky business podcast or listen to the darknet diaries episode to learn a little bit more about who HD more is. But when certain people create tools, it creates a level of interest to me because well, having the hacking background means they usually build really focused useful tools. Fast forward to November of 2022 when we're recording this video now and the tool has matured quite a bit and it's become a lot prettier with a lot of integrations. Matter of fact, the significant changes are going to be just how much they've expanded what they can discover the protocols they use for discovery. The ability to fingerprint assets much better and the fact that they've added all kinds of more in depth discovery protocols such as Landtronics ubiquity protocol Kerberos, LDAP, NFS mounts, PPTP. It's always a hard one for me to say and a whole lot more. Now it's also has integrations that we'll be talking about with a lot of other commercial products. And essentially that's the audience that this is going to be targeted at is if you're an internal IT team trying to get a handle on how many assets that you do know about or some you maybe didn't know about and looking for a full RFC 1918 discovery tool, that's this tool for those of you that are homelabbers that follow me and just want to test it out. By the way, you get a full free 21 day trial. There's a link down below. You can click to kind of get started with that, as I said. But if you want to just test it out for free, they actually have a free tier they're offering as well. So if you want to use this in your home lab for discovery of up to 256 assets, that's the features they're offering as well. But let's dive right into the dashboard, how it works and actually how it works and probably the dashboards. I want to go over and explain it just in case you haven't watched my previous video, which is linked down below. So this is what the dashboard looks like here in November of 2022. But let's start with how do you deploy an agent and what is supported for these agents in terms of where you can set it up. So if you go to deploy, and we're going to see my registered explorer that was running on my laptop, which is running Linux. So it says pop OS all sites. I was at an event called it nation, they had a Wi Fi network without host separation. Therefore, I couldn't resist scanning the network to, you know, do a little insight and discover what was on the network. As far as deploying these agents or explorers, as they're referred to deploy run zero explorers, it'll run on Windows Linux distributions, Apple Mac and BSD variants. When I say Linux distributions, it's more than just Linux x 64. It also does 32 several variations of arm and MIPS power PC and s 390 X IBM Z. So pretty well supported here in terms of options back over here to the registered explorers. It will tell you if the explorers out of date. So latest version is 3.3. This was only run once and this was set up as a project. When you're building out the client or the site that you need to do, you start with building it either as an organization or as a project. And if we go here and we just create a new project, for example, the projects are a project that becomes read only after 30 days on automatically deleted after 90. These are great for doing client discoveries. This is something we'll use them for or limited engagements we have with a client where it's a project that they want us to help redo something on a network. And the first step, of course, is figuring out where is everything on the network documenting it and then coming up with a plan to do this. And hopefully it takes, you know, less than 30 days to get this done. Generally, it does, but at least starting as that also projects can be converted go over to organizations. There's a way you can take these and take this project here, for example, which is the it nation project and down here, which it says, I wonder what I can find it. I need it nation 22 Wi-Fi. You can put some descriptions in here. But if I wanted to, I can promote to organization. There's a button right here. So if that project takes longer, you want to promote it there or delete it later. That's definitely an option. Let's go back over here and talk about an organization that I've set up, which is called LTS Tom. Now normally, I'm gonna hit this pull down. There's a long, long list here. They have granular permission. So I created this user called YouTube demo and said you only have permission to these two things. But this does support multi tenant and sports multi users. So we have all of our users set up and configured. And you can decide what sites you want to give them permission to view. So that's all granular and does have permission controls on that. But when we switch back over here, we're go to this organization, the LTS Tom one, and we're going to go to the site. And we'll click on primary site because for any organization, you can have a series of sites underneath of it. But for this one, I had set up, I build out my essentially studio slash home office network and define the subnets. This subnets actually across the VPN. This is my office lab where I a lot of my demos are and I wanted to go across the VPN and scan, it's completely capability it has. And then we want to go ahead and say, you know, define these different networks. Now you can just tell it to scan everything. And obviously, if you're doing a client discovery scan, all the things is probably what you want to do. Because well, some people think they only have this many networks. And when you run a scan that's in depth, you may find they have more devices than even they knew about, which is part of the point of this tool. All right, next thing after this is going to be what does it look like after you scan and what does a full dashboard of things look like. So here are the 58 recent assets, active scans running none right now, you can build it to be a recurring scan. And when you build these recurring scans, it will give you differentials between each scan if you ran it once a week, once a day might be a bit much, but you can then start building trends for what's going on in that network. And it's got these nice dashboards. And I like this because it kind of gives you an idea. And it also tells you where the asset source information came from. And these are those integrations I was talking about now for this demo, I didn't have any of these integrations, but go ahead and check out their blog, check out their resource library of videos, they actually have more in depth talks about all the different integrations they have. And because I don't use all of these different tools, I can't really demo them as well as they do. So being able to tie this to all those other things to some of the really cool features when you're building out the network, because well, things are all over the place. But this can serve them as a central point of data by pulling in all those other data points with all those other integrations. Now, I do like some of these like most seen last seen, I think the dashboards are just kind of fun to play with you can see how many pf senses we might have. So really simple, quick reports, all sites, primary, if you had each one broke down, this is fun when you're looking at clients with large sites to be able to go, what's this or how many of these are. And sometimes you may want to from the dashboard, show me the oddball devices and find them. Now, let's just jump right over to what it looks like with the inventory and the assets that we have in here. And let me clear that I was playing with this last time in my live stream and showing people how you can pivot through things. And so we'll go ahead and clear. So we want to see all the assets. Now, you can filter results 2050 100 256 512 1024. It's like the little, you know, on the amount of results you can show over there just kind of novel that it does that on that multiplier. But for any device you're looking at here, you'll see all across all the networks, we can scroll through them all, we can kind of figure out what they are. Now let's do something like a look at these cameras. Here's an Amcrest camera and we can do things like just find me the word Amcrest kind of like a generic search. But if you want to get more specific with the searches, you can click on any one of the assets that you have in here. And then from here, we can do these very specific search like hardware product. This is IP 8 m 24 6 e. Let's go ahead and search for an asset with matching value. Perfect. I've now pivoted that quickly to understand that attribute hardware product hardware product equals IP 8 m dash 24 96 e. This is great when you're trying to discover what's on a network or in when you have these running continuously. And you know there's a problem with a product that you have to figure out is across your networks. Really great to be able to quickly find and drill into any of those type of assets. And this goes across really any of them. And right next to it is the copy value to clipboard. This shouldn't be overlooked. I mean, yeah, I can do this and I do this way too much. But being able to just quickly, let's just click and copy to clipboard. That is often overlooked. I've talked about this in XTP and G and the team at XTP and G puts this all over the place in there since I don't know it's those little things that make a big difference on being a time saver. Now another thing that's a big time saver on any of this is any of these how it says console inventory view assets. And we take this out of full screen. You can see this URL at the top and this URL at the top is actually really handy because then I can also with my other people that are logged in at my staff throw this right back at them and say, Hey, check out this asset. So I don't have to give them any pathing to try to figure out where that is. You can share links with people. That's just really once again, a time saver when you want to have a discussion about some of the assets and things around there. Now as you scroll down through here, you're going to see the service protocols that are on there. Once again, there are things we can dig through, look up different software. Sometimes if those are discovered can be a pivot point HTML inputs. So you get a lot of raw data here. And if you're running one of these agents on a device that has chrome installed, they can grab screenshots of all of these things. And actually, I really like the screenshots are really handy because sometimes you're like, What was that device again? And the screenshot really reveals it matter of fact, that's that way you can browse through all your devices but is by clicking the screenshots. And it has an inventory of all the screenshots of, Hey, look, there's my PF sense sign in or there's a true NAS. And there's all these different things scroll throughout. And what was this thing? Oh, that's a printer wouldn't and great. Now I know that this is a printer. And then from there, let's pivot to dig into the printer. Hey, it has SNMP on there, we can kind of go through. It's a brother. There's the firmware that it's running. It gathers a lot of data about all these. And of course, if you're a large network, try and figure out how many of your printers have the most up to date firmware, being able to search for brother and sort them by firmware and create an export list, quite handy for getting your job done. As we go down here, we can actually look through services, ARP Mac vendor ubiquity networks, we can get rid of that and filter see what other services it finds. Once again, you can load these across lots of different ways to pivot the data. And boy, there's a lot of data in here. So we can look at the different protocols are used what IPs are used on, which versions of open SSH. And if you have it set up, you can actually tell it to open an application from there and launch SSH or HTTP to go right to the asset. It's all these little conveniences because the goal is always having time saving ways to get these things done, which is part of the reason I really like a lot of this. Now it's ABC because I got it zoomed in scrolling quite a bit across. But you also have things like how it was detected paying our first scene, last scene based on how long you've been running these. I actually started to do this demo video a few months ago with this particular demo client. Then I got sidetracked and renewing my license for the tool reminded me of, Hey, I should probably do an updated video. Now go down here to software. It's not doing like a software inventory necessarily a beach machine. It's not that type of software inventory. It's a discovery software inventory for things like, Hey, we're running air tunes on this particular device or we see open SSL engine X NTP. So it gives you a lot and can give you things like let's dig through what PHP version it thinks is over here. So you like, All right, here's where we found PHP running. It's obviously on this PF sense here. And they can start pulling together all the data around it and the device once again, different ways to pivot through there. Vulnerabilities. It's not a vulnerability scanner. So no vulnerable entities have been ingested enterprise plans can connect with third party sources to support vulnerability scanning. And this is back to the somers integrations of your actual vulnerability scanners of pulling that data in here to make it more useful. I don't have it tied to any of the wireless devices, but it does a special wireless discovery users and groups once again, because you can tie this to your actor directory, which will allow you to correlate data such as the users that are attached to any particular device. Hence, the more you ingest data, this can become a very large discovery tool, just to give you all those different pivot points when you're going through here. Now let's talk about the reporting. Now this is going to depend on the type of asset it finds what are not things like their switch inventory works. This one actually doesn't work for the ubiquity switches, even though they have some ubiquity discovery protocol, it doesn't seem to actually be able to do any type of discovery for switch topology. But back over reports, subnet utilization reports do work quite well, and it'll tell you how much of the space you're using for each of the subnets. This can actually be really handy because it's a common question of, you know, do we need to build another subnet? Do we need to expand a subnet? Please don't make them too big, but getting some asset utilization by subnet. Hey, that's pretty cool. Network bridge reports, they have some good demos in their YouTube, I'll leave a link down below to that, but those are going to be the ability to see where your network bridges are. And for example, the 192.168.60.10 is also across these other networks, there's different ways to see how things were bridged. There's not much on my network, but for some networks, and sometimes this is a interesting discovery by companies seeing what's on different things and has perhaps routing that they didn't expect that allowed these networks to be bridged in well as asset route planning, you can take any two assets and figure out how they get to each other or how they talk to each other or if they can talk to each other. So you can do the trace between there. And it says potentially, living room nest, which it's not actually a nest, that's weird that it discovers that it's actually just a Google, one of the Google talking boxes are called. I forgot the name of them right now. But it's interesting that it may be called nests, by the way, because of other reasons and silliness. But it'll tell you the different ways and different ways it thinks that can get there. Now, I found some interesting things about how these traces aren't always accurate. And let me explain the reason you may get a device and it's because the perception from where the agent was run is that it would be able to get to there. But because it's not running from there, it makes the assumption of how these two things can talk to each other. But I already know I have a firewall rule that doesn't allow it. Another analysis that you can do are the service attributes, really clever that they have this if you wanted to build TCP IP window sizes, HTTP codes, HTTP messages servers, they're all different ways to kind of build reports or ciphers because you want to know what TLS ciphers run your network. They give you just a lot of great information to be able to pivot from SMB dialects, SMB native LMS, or MongoDB versions, maybe you have some type of vulnerability that requires you to try to discover across your network, you know what version you're running of these particular things and want to find them all. So you have even things like virtual machines, ILO attributes, AWS image IDs, domain membership, all protocols, only SAP RDP network switch report assets by switch. Once again, the switches I'm using, I didn't have any discovery available to some unified switches, but it does work with some different switch manufacturers, quite a few different ones, just unified doesn't have any particular, well, I didn't configure, I should say any particular SNMP features of the unified for it to give back any information that's something you can do, maybe I'll do some testing later. But you kind of get an idea of once you tie all these together, all the different things you can do on that. So hopefully this gives you a good overview of the run zero product. But honestly, if you want to understand something better, or at least what works for me is I try out the product, that's what got me started, I got excited when I seen all the things you could find. And there's that link down below to start a free trial, get going with it and see what might be on your network or what you thought was on your network versus what's really on your network, those things are sometimes going, huh, that's interesting. I like having those discovery moments like that, I've certainly had it a couple times with this. Nonetheless, as always, if you want to have a more in-depth discussion about this topic or any other topic I talk about on my channel, head over to my forums, and I'll see you next time. Thanks. your support is greatly appreciated. For deals, discounts, and offers, check out our affiliate links in the description of all of our videos, including a link to our shirt store where we have a wide variety of shirts that we sell and designs come out well randomly. So check back frequently. And finally our forums, forums.laurancesystems.com is where you can have a more in-depth discussion about this video and other tech topics covered on this channel. Thanks again for watching and look forward to hearing from you.