diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml
index d36a1252ad620..fec65ab721485 100644
--- a/.github/workflows/verify.yml
+++ b/.github/workflows/verify.yml
@@ -64,10 +64,10 @@ jobs:
       fail-fast: true
       matrix:
         ruby:
-          - '2.7'
           - '3.0'
           - '3.1'
           - '3.2'
+          - '3.3.0-preview1'
         os:
           - ubuntu-20.04
           - ubuntu-latest
@@ -99,6 +99,8 @@ jobs:
       - name: Setup Ruby
         env:
           BUNDLE_WITHOUT: "coverage development pcap"
+          # Nokogiri doesn't release pre-compiled binaries for preview versions of Ruby; So force compilation with BUNDLE_FORCE_RUBY_PLATFORM
+          BUNDLE_FORCE_RUBY_PLATFORM: "${{ contains(matrix.ruby, 'preview') && 'true' || 'false' }}"
         uses: ruby/setup-ruby@v1
         with:
           ruby-version: '${{ matrix.ruby }}'
diff --git a/Gemfile.lock b/Gemfile.lock
index 8f80ebc89d96b..8ee9e239523f0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -298,8 +298,8 @@ GEM
     openssl-ccm (1.2.3)
     openssl-cmac (2.0.2)
     openvas-omp (0.0.4)
-    packetfu (1.1.13)
-      pcaprub
+    packetfu (2.0.0)
+      pcaprub (~> 0.13.1)
     parallel (1.23.0)
     parser (3.2.2.3)
       ast (~> 2.4.1)
diff --git a/lib/msf/util/windows_crypto_helpers.rb b/lib/msf/util/windows_crypto_helpers.rb
index 472b39a55ec0d..ca3d6ee6a2ac5 100644
--- a/lib/msf/util/windows_crypto_helpers.rb
+++ b/lib/msf/util/windows_crypto_helpers.rb
@@ -79,7 +79,7 @@ def decrypt_secret_data(secret, key)
         j = key[j..j+7].length
       end
     end
-    dec_data_len = decrypted_data[0,4].unpack('<L').first
+    dec_data_len = decrypted_data[0,4].unpack('L<').first
 
     return decrypted_data[8, dec_data_len]
 
diff --git a/lib/net/dns/rr.rb b/lib/net/dns/rr.rb
index c6cca85d14e3b..65ac96072d921 100644
--- a/lib/net/dns/rr.rb
+++ b/lib/net/dns/rr.rb
@@ -75,7 +75,7 @@ class RR
                                Net::DNS::RR::Classes.regexp +
                                "|CLASS\\d+)?\\s*(" +
                                Net::DNS::RR::Types.regexp +
-                               "|TYPE\\d+)?\\s*(.*)$", Regexp::IGNORECASE, 'n')
+                               "|TYPE\\d+)?\\s*(.*)$", Regexp::IGNORECASE | Regexp::NOENCODING)
 
       # Dimension of the sum of class, type, TTL and rdlength fields in a
       # RR portion of the packet, in bytes
diff --git a/lib/rex/proto/dcerpc/handle.rb b/lib/rex/proto/dcerpc/handle.rb
index ee03896408f3d..2875fa4d1ad64 100644
--- a/lib/rex/proto/dcerpc/handle.rb
+++ b/lib/rex/proto/dcerpc/handle.rb
@@ -24,7 +24,7 @@ def self.parse (handle)
     uuid_re = '[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}'
     rev_re = '\d+.\d+'
     proto_re = '(?:' + @@protocols.join('|') + ')'
-    re = Regexp.new("(#{uuid_re}):(#{rev_re})\@(#{proto_re}):(.*?)\\[(.*)\\]$", true, 'n')
+    re = Regexp.new("(#{uuid_re}):(#{rev_re})\@(#{proto_re}):(.*?)\\[(.*)\\]$", Regexp::IGNORECASE | Regexp::NOENCODING)
     match = re.match(handle)
     raise ArgumentError if !match
 
diff --git a/modules/auxiliary/scanner/http/soap_xml.rb b/modules/auxiliary/scanner/http/soap_xml.rb
index 5d6f78714c09d..b574847e453ae 100644
--- a/modules/auxiliary/scanner/http/soap_xml.rb
+++ b/modules/auxiliary/scanner/http/soap_xml.rb
@@ -119,9 +119,9 @@ def run_host(ip)
 
     # regular expressions for common rejection messages
     reject_regexen = []
-    reject_regexen << Regexp.new('method \\S+ is not valid', true)
-    reject_regexen << Regexp.new('Method \\S+ not implemented', true)
-    reject_regexen << Regexp.new('unable to resolve WSDL method name', true)
+    reject_regexen << Regexp.new('method \\S+ is not valid', Regexp::IGNORECASE)
+    reject_regexen << Regexp.new('Method \\S+ not implemented', Regexp::IGNORECASE)
+    reject_regexen << Regexp.new('unable to resolve WSDL method name', Regexp::IGNORECASE)
 
     print_status("Starting scan with #{datastore['SLEEP']}ms delay between requests")
     verbs.each do |v|
diff --git a/modules/auxiliary/scanner/sap/sap_mgmt_con_getprocessparameter.rb b/modules/auxiliary/scanner/sap/sap_mgmt_con_getprocessparameter.rb
index 402226d4ae069..674912df8faa4 100644
--- a/modules/auxiliary/scanner/sap/sap_mgmt_con_getprocessparameter.rb
+++ b/modules/auxiliary/scanner/sap/sap_mgmt_con_getprocessparameter.rb
@@ -113,7 +113,7 @@ def getprocparam(rhost)
         )
         print_good("#{rhost}:#{rport} [SAP] Process Parameters: Entries extracted to #{loot}")
       else
-        name_match = Regexp.new(datastore['MATCH'], [Regexp::EXTENDED, 'n'])
+        name_match = Regexp.new(datastore['MATCH'], Regexp::EXTENDED | Regexp::NOENCODING)
         print_status("[SAP] Regex match selected, skipping loot storage")
         print_status("#{rhost}:#{rport} [SAP] Attempting to display configuration matches for #{name_match}")
 
diff --git a/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb b/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
index 132ca27af9cc4..7d97ad957b51d 100644
--- a/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
+++ b/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb
@@ -106,7 +106,7 @@ def process_get(cli, request)
     webdav_loc = "\\\\#{@my_host}\\#{@random_dir}\\#{@payload}"
     @url_base  = "http://" + @my_host
 
-    if (Regexp.new(Regexp.escape(@payload)+'$', true).match(request.uri))
+    if (Regexp.new(Regexp.escape(@payload)+'$', Regexp::IGNORECASE).match(request.uri))
       print_status "Sending payload executable to target ..."
       return if ((p = regenerate_payload(cli)) == nil)
       data = generate_payload_exe({ :code => p.encoded })
@@ -252,7 +252,7 @@ def process_options(cli, request)
   end
 
   def convert_to_char_code(str)
-    return str.unpack('H*')[0].gsub(Regexp.new(".{#{2}}", nil, 'n')) { |s| s.hex.to_s + "," }.chop
+    return str.unpack('H*')[0].gsub(Regexp.new(".{#{2}}", Regexp::NOENCODING)) { |s| s.hex.to_s + "," }.chop
   end
   #
   # PROPFIND requests sent by the WebDav Mini-Redirector
@@ -262,7 +262,7 @@ def process_propfind(cli, request)
     print_status("Received WebDAV PROPFIND request")
     body = ''
 
-    if (Regexp.new(Regexp.escape(@payload)+'$', true).match(path))
+    if Regexp.new(Regexp.escape(@payload)+'$', Regexp::IGNORECASE).match(path)
       # Response for the EXE
       print_status("Sending EXE multistatus for #{path} ...")
 #<lp1:getcontentlength>45056</lp1:getcontentlength>
diff --git a/modules/exploits/windows/http/httpdx_tolog_format.rb b/modules/exploits/windows/http/httpdx_tolog_format.rb
index baf8e407697f8..7b2ae3f8cf775 100644
--- a/modules/exploits/windows/http/httpdx_tolog_format.rb
+++ b/modules/exploits/windows/http/httpdx_tolog_format.rb
@@ -161,7 +161,7 @@ def exploit
         fail_with(Failure::Unknown, "The server doesn't appear to be running a vulnerable version of HTTPDX")
       end
 
-      re = Regexp.new(Regexp.escape(version)+' - ', true)
+      re = Regexp.new(Regexp.escape(version)+' - ', Regexp::IGNORECASE)
       self.targets.each do |t|
         if (re.match(t.name))
           mytarget = t
diff --git a/spec/api/json_rpc_spec.rb b/spec/api/json_rpc_spec.rb
index c2f1c13740c47..26b5d66ae2935 100644
--- a/spec/api/json_rpc_spec.rb
+++ b/spec/api/json_rpc_spec.rb
@@ -294,8 +294,7 @@ def mock_rack_env(mock_rack_env_value)
 
       before(:each) do
         allow_any_instance_of(::Msf::Auxiliary::Scanner).to receive(:check) do
-          res = nil
-          res.body
+          raise 'Unexpected module error'
         end
       end
 
@@ -316,7 +315,7 @@ def mock_rack_env(mock_rack_env_value)
         expected_error_response = {
           result: {
             status: 'errored',
-            error: "undefined method `body' for nil:NilClass"
+            error: "Unexpected module error"
           }
         }
         expect(last_json_response).to include(expected_error_response)