Published on May 13, 2019

We rolled out support for automatic web service screenshots this morning in both the Rumble Agent and the Rumble Scanner (v0.6.6+). This option is on by default, and will result in Rumble capturing an image of each web service it encounters if the system it is running on has a working Google Chrome or Chromium installation. This feature can be toggling using the Scanner command line option --screenshots and from the New Scan screen in the Rumble Console:

Configuring Web Screenshots

To determine if your Agent can capture screenshots, view the Agent detail page, and look for an entry like the following:

Agent Screenshot Support

If screenshot support is not detected, make sure Google Chrome or Chromium has been installed in the default location, and force an agent update to refresh the setting. Captured screenshots will appear in the asset detail of the Inventory section.

Asset Web Screenshot

This update tweaked several default settings, including the overall scan speed, to make scans more conservative with the number of sessions they generate. The command-line scanner received a few minor updates, including additional fields in the config output, and tweaks to a few command-line options. The --syn-ports and --connect-ports options have been merged into a single --tcp-ports parameter, while the --syn-max-sockets and --connect-max-sockets are now simply --max-sockets.

Please give the new web screenshot support a whirl and drop us a line with your feedback.

Similar Content

Scanning for HTTP/2 with Rumble
Published on August 15, 2019
This Tuesday, Jonathan Looney, a researcher at Netflix, disclosed seven different ways to break common HTTP/2 protocol implementations, while an eighth issue was disclosed by Piotr Sikora of Google. These issues could be used to exhaust the resources of affected HTTP/2 implementations. Shortly after the HTTP/2 issues were disclosed, a Rumble user reached out asking if we could help identify HTTP/2 endpoints on their network. We are happy to announce that as of version 0.
Hunting for Network Bridges with Rumble
Published on August 5, 2019
Thanks to the wonderful user feedback from Beta 5, a handful of bug fixes and improvements have been deployed along with a new feature: Network Bridge Detection! The bridge report shows external networks in red, internal networks in green, and multihomed assets that bridge these networks in orange. Zooming in will show asset and subnet details, while clicking a node will take you to the asset page for bridge nodes and to a CIDR-based inventory search for network nodes.
Rumble Network Discovery Beta 5
Published on July 30, 2019
Rumble Two Ways with Beta 5 The last few months have been incredible thanks to our wonderful beta community and their vocal feedback. Quite a few folks asked for a version of Rumble they could use independent of the cloud and Beta 5 delivers it. The Rumble Scanner has undergone a makeover and now handles fingerprinting, asset correlation, and rudimentary reporting, making it far more adaptable for restrictive environments and security consulting.