It runs on a local server hence there is no need for an internet connection to use this web application. This could be achieved by using DVWA that is got a lot of vulnerabilities, helps the beginners to learn and practice ethical hacking. It is the best platform for beginners to come and practice security tools because it is damn vulnerable as mentioned in its name.Īs hacking is an illegal practice there is a requirement for security professionals to test their skills and tools in a legal environment and help web developers better understand the processes of securing web applications.
The default username and password are “msfadmin”Īfter logging in successfully you will get the MetaSploitable promptĭamn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that provides a platform to practice hacking.
Type name of the VM, set the destination where you want to install this VM, set the Type as Linux and version as Ubuntu(64-bit)Īttach the vmdk file that you already downloadedĪfter rebooting it will ask for login credentials. Open up VirtualBox and create a new VM by selecting ‘Machine’ and choosing the option ‘New’ To install MetaSploitable in VirtualBox download the MetaSploitable file from This project is created and maintained by rapid7 Community, Originally design for Metasploit Framework testing. MetaSploitable is a virtual machine that is an intentionally vulnerable version of Ubuntu Linux specifically designed for penetration testing learners to test security tools and exploit common vulnerabilities. ( Wireshark, Aircrack-ng, BeEF, Burp Suite, Metasploit Framework, Hydra, Nikto, Maltego, Nmap) aid the pen-testers to gather information, perform scanning and find some vulnerabilities. In this setup it will be our attacking machine because it has some pre-installed penetration testing tools i.e. Kali Linux is a Debian based Linux distribution designed for penetration testing. In our setup, we will configure one attacking machine (Kali Linux) and three target machines (DVWA, MetaSploitable and Windows10) on which the attacking machine will generate some exploits Atleast 8GB RAM of the host machine is required.
In this article, I will demonstrate how to create your own virtual penetration testing lab at home.