When we released NeXpose Community Edition and Metasploit 3.3.1 two days ago, we received a lot of interest from members of the community. As people have downloaded the new releases and started using them, we've had a lot of great feedback. Your response has been exceptionally positive and people are finding a lot of value in the NeXpose/Metasploit integration. Sincere thanks to everyone who has provided feedback so far.
As with any free product version, there are some enterprise features that are not bundled with the NeXpose Community Edition. The NeXpose Community Edition allows a maximum of 32 IP's, does not ship with dynamic Web application scanning, and ships without configurable scan templates or discovery mode. While enterprise support is available for commercial product versions, answers to common questions and a forum for discussion have been set up on the Community Portal at http://community.rapid7.com
The rest of the enterprise features from NeXpose are available in Community edition at no cost, and you will have access to new vulnerability coverage within 24 hours of next week's MS Patch Tuesday updates. Metasploit integration in the NeXpose Community Edition goes beyond the manual import capabilities offered by commercial vendors up to this point, with support for launching NeXpose scans from the Metasploit console and the ability to import scan results automatically, and the ability to automatically launch exploit modules following scan completion.
Based on early feedback from some of you, the most requested feature was the addition of Discovery capabilities to this version. In response to your requests, we have released a metasploit update that allows NeXpose scans to be launched using a Metasploit database of discovery results, imported from tools such as nmap, etc. Details of the update can be found on the Metasploit site at http://www.metasploit.com/redmine/projects/framework/wiki/NeXpose_Plugin#Discove ry
We will continue to listen to your feedback and provide updates as responsively as possible. We hope that you enjoy using the NeXpose Community Edition with Metasploit and look forward to hearing your stories and experiences.
For those who have not yet had an opportunity to check it out, the NeXpose Community Edition is available at http://www.rapid7.com/nexposecommunitydownload.jsp
For those who are using the NeXpose Community Edition and would like to interact with other Security Professionals, we invite you to join the discussion at http://community.rapid7.com