Metasploitable 3 Penetration Testing Lab for Beginners (Step-by-Step)

TL;DR: Learn how to scan a vulnerable machine using Nmap and identify security weaknesses in a safe lab environment.

Introduction

This hands-on lab shows you how to set up Metasploitable 3 and scan it for vulnerabilities using Nmap. You’ll learn how attackers identify weaknesses in a safe, controlled environment.

What is Metasploitable 3?

Metasploitable 3 is a deliberately vulnerable virtual machine used for practicing penetration testing. It contains known security flaws for safe testing and training.

Get new hands-on cybersecurity labs every week.

Join the newsletter →

Lab Setup

To complete this lab, you need:

• Kali Linux as the attacker machine
• Metasploitable 3 as the target machine
• VirtualBox or VMware
• Both machines on the same network

Step 1: Find the Target IP

On Kali Linux, run:

ip a

Identify your network range and locate the Metasploitable 3 target system.

Step 2: Scan with Nmap

Run a service detection scan:

nmap -sV <target-ip>

This scan shows open ports, running services, and service versions.

Step 3: Analyze the Results

Look for:

• Open ports
• Service versions
• Outdated software
• Unusual services

Common Mistakes

• Scanning the wrong IP address
• Using the wrong network setting in VirtualBox or VMware
• Ignoring service version details
• Trying exploitation before understanding the scan results

Conclusion

You’ve completed a basic vulnerability scanning lab using Metasploitable 3. This is one of the first skills every penetration tester should learn.

Want more hands-on cybersecurity labs? Start your training here: View cybersecurity courses

FAQ

Is Metasploitable 3 safe to use?
Yes. Metasploitable 3 is intentionally vulnerable and designed for safe testing in a controlled lab environment.

Do I need Kali Linux for this lab?
Kali Linux is recommended because it includes tools like Nmap and Metasploit, but other Linux distributions can also be used.

What does Nmap do in penetration testing?
Nmap is used to scan systems, discover open ports, and identify running services. It helps attackers and defenders understand potential entry points.

Can I run Metasploitable 3 on VirtualBox?
Yes. Metasploitable 3 can run on VirtualBox or VMware. Just ensure your network settings allow communication between machines.

What should I do after scanning the target?
After identifying open ports and services, the next step is to research vulnerabilities and attempt controlled exploitation in your lab.

Next Steps

Next Steps

Follow the full beginner penetration testing path:

• 1. Set up your lab (Metasploitable 3)
• 2. Scan the target with Nmap
• 3. Exploit vulnerabilities with Metasploit

Want more hands-on labs? Explore all training →

Want more labs like this? Subscribe and get them weekly →