Before you go...Download Metasploitable, the intentionally vulnerable target machine for evaluating Metasploit
Taking your first steps with Metasploit can be difficult – especially if you don’t want to conduct your first penetration test on your production network. Metasploitable is virtual machine based on Linux that contains several intentional vulnerabilities for you to exploit. Metasploitable is essentially a penetration testing lab in a box, available as a VMware virtual machine (VMX). (The Metasploitable login is “msfadmin”; the password is also “msfadmin”.)
What is Metasploitable? How does it work?