Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Explore
Products
- NEW!
  Exposure Command
  Take Command of Your Attack Surface
  Request Demo
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The 2024 Attack Intelligence Report
  Read the latest research by Rapid7 Labs
  READ NOW
Company
Partners
Sign In

All Products

Platform
- TECHNOLOGY
  The Rapid7 Command Platform
  AI-Powered Cybersecurity Platform
  Explore
Products
- NEW!
  Exposure Command
  Take Command of Your Attack Surface
  Request Demo
- DETECTION & RESPONSE
- Next-Gen SIEM
  INSIGHTIDR
- Threat Intelligence
  THREAT COMMAND
Services
- MXDR
  Managed Threat Complete
  24x7 MXDR to secure your extended ecosystem
  Request Demo
- DETECTION & RESPONSE
- Managed XDR
  MANAGED THREAT COMPLETE
- Incident Response Services
  EXPERIENCING A BREACH?
Resources
- NEW
  The 2024 Attack Intelligence Report
  Read the latest research by Rapid7 Labs
  READ NOW
Company
Partners

Sign In

Documentation
All Products
Release Notes

Release Notes

Insight Product Release Notes

InsightVM
InsightIDR
InsightAppSec
InsightConnect
InsightCloudSec
tCell
Threat Command

More Release Notes

Metasploit
AppSpider Pro
AppSpider Enterprise
Komand
Nexpose
Insight Agent
Insight Network Sensor
InsightOps

Metasploit Pro Recent Releases

Nov 19, 20244.22.6-2024111901

Updates the PostgreSQL version to 13. This upgrade may take more time than usual to complete.

Nov 14, 20244.22.5-2024111401

Adds additional logging and diagnostic tooling support for Metasploit Pro, as well 10 new modules including SolarWinds Web Help Desk (CVE-2024-28987) and more.

Nov 06, 20244.22.5-2024110601

Fixes an issue were users were unable to delete bulk credentials via the select all option when managing credentials for a project.

Oct 28, 20244.22.5-2024102801

This release updates the Ruby and nginx components of Metasploit Pro, and includes enhancements for ESC-15 and 4 new modules.

Oct 14, 20244.22.4-2024101401

We have updated Metasploit Pro's bruteforce capabilities to now support Kerberos scanning. We have also fixed multiple issues for Windows Server 2022 installations, as well as improved the installation time and bootup stability on all environments. This release also contains 8 new modules.

Sep 16, 20244.22.4-2024091601

We have updated Metasploit Pro's bruteforce capabilities to now support LDAP scanning. Metasploit Pro's network scanning capabilities have been improved. This release also includes 7 new modules, such as pgAdmin CVE-2024-3116, Ivanti Virtual Traffic Manager (vTM) CVE-2024-7593, and more. Users that are connecting to a Windows environment to perform their Metasploit Pro updates or installs (either via RDP, SSH, or similar) might have their connections to the server temporarily disconnect during this update - this is required to support the latest network scanning capabilities in Metasploit Pro.

Aug 22, 20244.22.3-2024082201

The Jenkins bruteforce capabilities now correctly identify when Jenkins requires authentication. This release also includes 3 new modules, including two SQL injection modules for DIAEnergie and Fortra FileCatalyst, as well as a SPIP Unauthenticated RCE Exploit.

Aug 19, 20244.22.3-2024081901

We have improved the stability of Metasploit Pro for Windows environments when starting. The Bruteforce capabilities have performance enhancements to support larger credentials lists. This release includes 8 new modules, such as Apache HugeGraph Server CVE-2024-27348, FortiClient EMS FCTID CVE-2023-48788, and more.