Metasploitable

This is Metasploitable2 (Linux)

Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques.

The default login and password is msfadmin:msfadmin.

Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means).

To contact the developers, please send email to msfdev@metasploit.com

Project Activity

See All Activity >

License

BSD License, GNU General Public License version 2.0 (GPLv2)

Follow Metasploitable

Metasploitable Web Site

Other Useful Business Software

Full-stack observability with actually useful AI | Grafana Cloud

Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.

Create free account

Rate This Project

User Ratings

4.7 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 2 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5

User Reviews

Filter Reviews:

All

isshiki Posted 2025-08-20

Que c'est un bon outil pour les pentester
urangkang8819 Posted 2025-06-20

Mantappp
secbayo Posted 2024-10-13

How did you extract it to vmdk - Virtual Machine Disk Format. My experience after downloading and extracting all i can see here is vmdk - Progold_VirtualBox.Shell.vmdk. Can anyone please help?
ocelot Posted 2023-07-26

For those that are having issues getting this going, it can also be the way in which you extracted the files. Personally I had no issues when extracting with 7zip. As for unusual traffic and missing files please keep in mind this is a vulnerable machine; dont expose to the outside world. Make sure you have the proper network adapter settings. You can link directly to another vm instance such as kali for instance, be safe!
aqual1te Posted 2023-05-08

Nice, but no support for KVM/Qemu hypervisors. Virtualbox doesn't have signed kernel drivers for Linux. KVM is kernel native. Please make an image available for KVM/Qemu.

Additional Project Details

Intended Audience

Education, Security Professionals, Testers

Registered

2012-05-20

Similar Business Software

Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Proton VPN

Protect your business against damaging data breaches and easily comply with security frameworks like ISO 27001, GDPR, and HIPAA. Our software-only virtual private network easily integrates with your existing infrastructure to provide a flexible and scalable way to protect your...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Keeper Security

Keeper Security is transforming the way people and organizations around the world secure their passwords and passkeys, secrets and confidential information. Keeper’s easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on...

See Software