diff --git a/.gitignore b/.gitignore
index 31d1a359f..d9aaa4f3a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,5 @@ modules/**/Gemfile.lock
 modules/generators/network/pcap/files/packet.pcap
 lib/resources/images/scenario
 Gemfile.lock
+.vagrant
+rgloader
\ No newline at end of file
diff --git a/modules/vulnerabilities/unix/webapp/commando/manifests/install.pp b/modules/vulnerabilities/unix/webapp/commando/manifests/install.pp
index 02b2da883..bb6c57011 100644
--- a/modules/vulnerabilities/unix/webapp/commando/manifests/install.pp
+++ b/modules/vulnerabilities/unix/webapp/commando/manifests/install.pp
@@ -108,6 +108,12 @@ class commando::install {
 			content => template('commando/profile.php.erb')
 		}
 
+		# update profile page
+		file{ "$docroot/update_profile.php":
+			ensure => file,
+			content => template('commando/update_profile.php.erb')
+		}
+
 		# connection file
 		file{ "$docroot/connect.php":
 			ensure => file,
diff --git a/modules/vulnerabilities/unix/webapp/commando/templates/profile.php.erb b/modules/vulnerabilities/unix/webapp/commando/templates/profile.php.erb
index 7b5523c2c..5eed94275 100644
--- a/modules/vulnerabilities/unix/webapp/commando/templates/profile.php.erb
+++ b/modules/vulnerabilities/unix/webapp/commando/templates/profile.php.erb
@@ -63,14 +63,18 @@ if(!isset($_SESSION['username'])){
       if ($user == $admin_uname) {
         ?>
       <div id="sucess">
+        <?php echo $_SESSION['updated']?>
         Well Done, you have logged into an admin account!<br />
         This account had default Log-in Credentials! Keep hunting!<br />
-        Heres a flag: <div id="flag"><%= @default_login_flag %></div>
+        Here is a flag: <div id="flag"><%= @default_login_flag %></div>
       </div>
         <?php
       }
       ?>
-      <a href="login.php">Logout</a>
+      <nav class="nav">
+        <a href="login.php" class="btn btn-secondary-outline">Logout</a>
+        <a href="update_profile.php" class="btn btn-secondary-outline">Update Profile</a>
+      </nav>
   </div>
 
   <%# This is taken from: https://getbootstrap.com/docs/4.0/getting-started/introduction/%>
@@ -79,6 +83,6 @@ if(!isset($_SESSION['username'])){
   <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
   <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
   <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
-
+  </div>
   </body>
   </html>
diff --git a/modules/vulnerabilities/unix/webapp/commando/templates/update_profile.php.erb b/modules/vulnerabilities/unix/webapp/commando/templates/update_profile.php.erb
new file mode 100644
index 000000000..f72d49faf
--- /dev/null
+++ b/modules/vulnerabilities/unix/webapp/commando/templates/update_profile.php.erb
@@ -0,0 +1,94 @@
+<?php
+include('connect.php');
+if(!isset($_SESSION['username'])){
+ header("Location:login.php");
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<% $page_title = "Update-Profile" %>
+<%= scope.function_template(['commando/subtemplates/header.html.erb']) %>
+
+<body>
+<%= scope.function_template(['commando/subtemplates/nav.html.erb']) %>
+<div class="container">
+  <div class="row">
+    <div id="pp-holder">
+      <img src="images/icon.png" alt="avi" id="pp">
+    </div>
+  </div>
+
+  <div id="details">
+    <h3>Update User Details:</h3>
+    <?php
+      $user = $_SESSION['username'];
+      $info="SELECT  * FROM <%= @user_table_name %> WHERE Username='$user'";
+      $result=mysqli_query($conn2, $info);
+      $id = 0;
+      while ($row=mysqli_fetch_assoc($result)){
+        $id = $row['ID']; ?>
+    <form method="POST" action="<?php echo $_SERVER['SCRIPT_NAME'];?>">
+      <div class="form-group">
+        <label for="name">Name:</label>
+        <input type="text" id="name" class="form-control" name="name" maxlength="15" placeholder="<?php echo $row['name'];?>">
+      </div>
+      <div class="form-group">
+        <label for="address">Address:</label>
+        <input type="text" id="address" name="address" size="55" placeholder="<?php echo $row['address'];?>">
+      </div>
+      <div class="form-group">
+        <label for="mobile">Mobile:</label>
+        <input type="text" id="mobile" name="mobile" maxlength="30" placeholder="<?php echo $row['mobile'];?>">
+      </div>
+      <div class="form-group">
+        <label for="email">E-Mail:</label>
+        <input type="text" id="email" name="email" size="55" placeholder="<?php echo $row['email'];?>">
+      </div>
+      <input type="submit" name="submit" value="Save">
+    </form>
+    <?php
+      }
+      if (isset($_POST['submit']) && (!empty($_POST['name']) || !empty($_POST['address']) || !empty($_POST['mobile']) || !empty($_POST['email']))){
+          $statement="UPDATE <%= @user_table_name %> SET ";
+          $hasFirst= false;
+            if (!empty($_POST['name'])) {
+              $statement .= "name = '" . $_POST['name'] . "' ";
+              $hasFirst = true;
+            }
+            if (!empty($_POST['address'])) {
+              if ($hasFirst == true) {
+                $statement .= " , ";
+              }
+              $statement .= "address = '" . $_POST['address'] . "' ";
+              $hasFirst = true;
+            }
+            if (!empty($_POST['mobile'])) {
+              if ($hasFirst == true) {
+                $statement .= " , ";
+              }
+              $statement .= "mobile = '" . $_POST['mobile'] . "' ";
+              $hasFirst = true;
+            }
+            if (!empty($_POST['email'])) {
+              if ($hasFirst == true) {
+                $statement .= " , ";
+              }
+              $statement .= "email = '" . $_POST['email'] . "' ";
+            }
+          $statement .= " WHERE ID = $id";
+      }
+      $result=mysqli_query($conn2, $statement);
+      if($result) {
+        $_SESSION['updated'] = true;
+        header('Location: profile.php');
+      }
+  ?>
+    <nav class="nav">
+      <a href="login.php" class="btn btn-secondary-outline">Logout</a>
+      <a href="profile.php" class="btn btn-secondary-outline">Back</a>
+    </nav>
+  </div>
+</div>
+</body>
+</html>
diff --git a/scenarios/security_audit/rand_webapp.xml b/scenarios/security_audit/rand_webapp.xml
index 56dbd8f62..a81347a99 100644
--- a/scenarios/security_audit/rand_webapp.xml
+++ b/scenarios/security_audit/rand_webapp.xml
@@ -98,19 +98,19 @@
     </build>
   </system>
 
-  <system>
-    <system_name>kali</system_name>
-    <base distro="Kali" name="MSF"/>
+<!--  <system>-->
+<!--    <system_name>kali</system_name>-->
+<!--    <base distro="Kali" name="MSF"/>-->
 
-    <utility module_path=".*/kali_web"/>
-		<utility module_path=".*/metasploit_framework"/>
-		<utility module_path=".*/handy_cli_tools"/>
-		<utility module_path=".*/nmap"/>
+<!--    <utility module_path=".*/kali_web"/>-->
+<!--		<utility module_path=".*/metasploit_framework"/>-->
+<!--		<utility module_path=".*/handy_cli_tools"/>-->
+<!--		<utility module_path=".*/nmap"/>-->
 
-    <network type="private_network">
-        <input into="IP_address">
-          <datastore access="next">IP_addresses</datastore>
-        </input>
-    </network>
-  </system>
+<!--    <network type="private_network">-->
+<!--        <input into="IP_address">-->
+<!--          <datastore access="next">IP_addresses</datastore>-->
+<!--        </input>-->
+<!--    </network>-->
+<!--  </system>-->
 </scenario>