Inprotect Logo

Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license.
For full project information, please see the SourceForge project site at

Download latest stable version (0.22.5)

Click here to download the latest version of Inprotect or view the summary of changes.

If you are running an older release (<= 0.22.4), please upgrade.

New Development roadmap plan

After much deliberation, the development team have agreed upon a Development roadmap plan to ensure that future versions are more supportable, stable and scalable. As per any good project plan, we will be tackling this in small but important chunks. It will take some time as we all have real jobs, real lives and (yes) girlfriends.

So as of this release, we will not be making any feature request enhancements to the 0.2x branch but we will fix bugs that are reported through the SourceForge Bug Tracker. The roadmap is as follows:
Unfortunately we cannot commit to dates, but we will be working on 0.3x from next week.

We hope you appreciate what we are trying to achieve and thanks for your continued support.

The Inprotect Team.

Screenshots now online

We have now made a selection of screenshots available on the SourceForge project page. You can view these here.

Release 0.22.5 (Stable)

We have released Inprotect 0.22.5 and is now available for download at Existing users are strongly recommended to upgrade.

Please report any bugs through the SourceForge Bug Tracker (

The following bugs have been resolved:
  • 1560708 - auth.php - inconsistent usage of sess_user variable.
  • 1557608 - Clean up $OUTDIR (/tmp) when running
  • 1555147 - Nmap NASL bundled in the tarball is not working correctly when using default ports (Nmap v4.x) or custom ports (Nmap v3.x).
  • 1555132 - Patches do not use the configuration items from the inprotect.cfg file.
  • 1554771 - Undefined variable (scantime) in sched.php produces PHP Info message.
  • 1554159 - All Nmap scan results were being displayed under the last host scanned instead of grouped by host.
  • 1553749 - Trend results not returned when you have a user called "All".
  • 1553744 - Content-Type header not being sent when displaying PDF reports. Some browsers will display the raw data stream instead of the PDF.
  • 1553442 - Installation instructions link is broken in help.php. Have changed it to point to the Inprotect SourceForge documentation page.
  • 1553118 - Scans executed using Inprotect v0.21 and below running under the admin user will not have their results displayed / searchable once v0.22 and above is installed.
  • 1548308 - A handful of report items are being mistaken for dupes and therefore, are not reported.
  • 1540618 - Wrong risk rating recorded (this is the second and final version of the fix).
  • 1096926 - Possible to schedule a scan without any online / configured Nessus servers.

This release also sees a number of Feature Requests implemented:
  • 1560716 - Get nmap.nasl signed so no need to disable signed plugin check.
  • 1560440 - Implement sorting results by service.
  • 1559857 - Add Inprotect version info to page titles.
  • 1559846 - Make the notes text box bigger.
  • 1559845 - results.php - add notes or view plugin info into a popup.
  • 1558579 - Added Inprotect version info to header.php.
  • 1555201 - Added a "Run Scan Now" button to the list of schedules displayed on page 1 of sched.php.
  • 1553752 - Include user filter in search.php similar to trend.php. Allows for searching of a particular user or all users results providing you are an administrator.
  • 1552765 - Display the currently logged in username (in the top right hand corner).
  • 1538933, 1538935, 1538938 - Standardise report headers in both HTML and PDF versions. Also now use human readable dates.