Metasploitable - Virtual Machine to Test Metasploit

Download Metasploitable, the intentionally vulnerable target machine for evaluating Metasploit

Taking your first steps with Metasploit can be difficult – especially if you don’t want to conduct your first penetration test on your production network. Metasploitable is virtual machine based on Linux that contains several intentional vulnerabilities for you to exploit. Metasploitable is essentially a penetration testing lab in a box, available as a VMware virtual machine (VMX). (The Metasploitable login is “msfadmin”; the password is also “msfadmin”.)

Metasploitable is created by the Rapid7 Metasploit team. By downloading Metasploitable from, you’ll be sure to get the latest, clean version of the vulnerable machine, plus you’ll get it from our lightning fast download servers.

Download free version now – yours to keep, no expiration! 

Fill out the form below to download Metasploitable!

Download Metasploitable

What is Metasploitable? How does it work?