Pentest Lab Setup

Install Metasploitable Pentest Lab Setup with VirtualBox

Setup Hacking Lab with Metasploitable 2 [7 Easy Steps]


Setup hacking lab – Introduction

With the increase in cybercrime, there has been a need for more cybersecurity professionals which will increase in the coming days. In this tutorial, I will help you set up a hacking lab. A hacker lab is a place where you can conduct your penetration experiments without the fear of having to go against established cybersecurity laws and policies. We will install Kali Linux (an operating system for penetration testing) and Metasploitable (a vulnerable Linux image for practicing penetration testing).

The penetration hacking lab consists of an operating system for orchestrating the attacks, which in our case is the Kali Linux operating system, and a vulnerable operating system, which in our case is Metasploitable 2. Kali Linux will be used to perform attacks against the vulnerable Metasploitable. These attacks are simulations of real attacks that the penetration tester is familiar with but are performed in a secure and controlled environment



Overview of Penetration testing :

Penetration testing also known as pen testing is the art of attempting to evaluate the security of an IT system by simulating attacks on known system vulnerabilities. A Pentester is a hacker authorized by the system owner to perform attacks on the system to help the IT team harden their systems before going live to avoid attacks that can cost a fortune.


Overview of Mesploitable 2 :

Metasploitable is a Linux operating system that has commonly known vulnerabilities. It was developed by the Rapid 7 organization to train aspiring penetration testers in a secure environment. In the tutorial below, we will download and install it in our virtual box to finish building our hack lab.

❌ System Requirements :

  • A PC running Windows operating system 7/8/10.
  • OS capable of running all of the required applications.
  • VT-x/AMD-V Supported Processor recommended.
  • A minimum of 20GB hard disk space.
  • A minimum of 4GB RAM.


Pre-requisites :



Steps to Setup a Hacking Lab for penetration testing


Step_1: Download Metasploitable Image

In this tutorial, we will use Oracle VirtualBox to deploy Metasploitable. However, you can also use the same image to install through VMware Workstation Player.

Download metasploitable using official

Download Fast Download

After the download is complete, extract it into a folder of your choice as shown below.



Step_2: Create a new VM

Now we can start our Oracle virtual box and install metasploitable 2. Open Oracle Virtual Box → Machine → New and create a new VM.

We are going to create a VM in the expert mode so we can adjust the disk space and other settings as needed. Therefore, on this screen, we will choose to install it in expert mode.



Step_3: Configure VM (Disk, RAM)

First we need to create a virtual hard disk so that later we can add a virtual machine metasploible disk as shown below and click create.

We also need to specify the amount of RAM we want our metasploitable machine to use. Metasploitable doesn’t have a GUI, we can only access it through the terminal, so it doesn’t require a lot of RAM. In our case, we will use 2 GB of RAM. This will be enough to perform our penetration testing.

The main purpose of metasploitable is only to perform penetration tests on it, so the virtual disk does not require a lot of space, so we will only have one additional disk of 8 GB. To add another disk, select the VM -> Click the Settings icon -> Select storage -> Click the + icon in the corner on Controller: IDE to add a hard disk -> Click Create to create a new disk -> Select VDI -> Select Dynamically allocated -> Enter the disk path and size (we chose the default 8 GB) and click create to create a new virtual disk.

Next, select your disk and connect it to the virtual machine. Click OK to save.



Step_4: Configure Network

It is recommended to use the default network settings for the virtual machine. But I have some use case to use in my private network so I will choose Bridged Network.


Step_5: Power on the VM

Next, we start the virtual machine.

Once the VM is up and running, we can see that our metasploible VM is ready for penetration testing.


Default username and password for Metasploitable is msfadmin

Now we are done with the hack lab setup and ready to start penetration testing.


Step_6: Get Network details of Metasploitable VM

Next, check the IP details of your Metasploitable VM. We will use this IP address to access the metasploitable dashboard in the browser. Here, as you can see, my IP address is

Step_7: Access Metasploitable dashboard

Now we can use the same IP address to access our metasploutable dashboard using any browser:

Setting Up Hacking Lab with Metasploitable [8 Easy Steps] Now we can click on any of the options to access the respective tool as mentioned above.



Summary :

In the guide above, we have a hacking lab set up where we can do our penetration testing without worrying about going against the law. We have full control over the lab as we can adjust the space required by the operating system on the virtual box and other important factors such as RAM and network configuration. We can now perform penetration testing of commonly known vulnerabilities for machines running the Linux operating system. There can be no damage or loss while using the penetration testing lab.


Hello, I'm SUMAN from India. I’m currently working on Cyber Ethical Hacking Penetration Testing & Bug Bounty. I’m currently learning more about Web Design, Android ROM
Notify of
Inline Feedbacks
View all comments
Back to top button
Would love your thoughts, please comment.x