Welcome to the NeXpose Community Wiki¶

NeXpose is an award-winning vulnerability management solution from Rapid7. The NeXpose Community Edition is a free version of NeXpose that scans routers and operating systems for vulnerabilities. In addition, the Community Edition integrates with the Metasploit Exploit Framework. Commercial editions include additional features such as distributed scanning, more flexible reporting, and web/database scanning. Commercial editions also include product support. For more information about the various NeXpose editions, visit Rapid7. For more information about Rapid7 and what's happening, visit or subscribe to our blog.

This website focuses on the NeXpose Community edition but has resources that should be useful to all NeXpose users.

General FAQ
Technical FAQ
Reporting FAQ
Product Registration and Licensing FAQ

Community¶

How can you contribute or participate?

• Join the NeXpose users mailing list
  • Check out the Archived mailing list here
• You can interact with other members of the community on the official Rapid7 IRC channel.
  • Server: irc.freenode.net
  • Channel: #rapid7
• Participate in the community and we'll give you permission to add to the Wiki

NeXpose Quick Start¶

1. Review the system requirements for NeXpose Community Edition
2. Download the NeXpose Community Edition
3. Install NeXpose (Follow the Install Guide)
4. Browse to https://<yourip>:3780 and login using the username and password you specified during installation

For more information on scanning check Getting Started Scanning with NeXpose

Metasploit + NeXpose Quick Start¶

1. Install NeXpose following the above steps.
2. Download and install the latest version of Metasploit. You will need Metasploit 3.3.1 in order to integrate with NeXpose.
3. Start NeXpose and then launch the Metasploit Console (msfconsole)
4. Follow the NeXpose Plugin guide

Alpha release of NeXpose for Windows XP¶

An alpha version of NeXpose that runs on 32-bit Windows XP is now available.

Resources¶

General FAQ
Technical FAQ
Reporting FAQ
Product Registration and Licensing FAQ
Video Tutorials

User Guide

• Logging In
• Getting Started Scanning with NeXpose
• Reporting Basics
• User Administration Basics
• Understanding Sites and Assets Groups
• Vulnerabilities
• Working with Scan Templates
• Alerting
• NeXpose Search Functionality
• Cool Tips and Tricks

Customization and Integration

• Writing Vulnerability Checks
• Vulnerability Check Examples
• Converting a NASL check to NeXpose
• NeXpose API
• Creating custom NeXpose risk scoring strategies
• LDAP/Kerberos

Troubleshooting + Maintenance
Note: Not all of the functionality discussed in the following guides is available in the free community edition of NeXpose. Please see NeXpose Editions for more information.

• NeXpose Tuning Guide
• Maintaining NeXpose
• NeXpose Command-Line Operation

Known Issues
Common Errors
Community Release Notes