Requirements To Build Metasploit Lab Environment

Before working out use the Metasploit Framework, we first have to be sure that our setup will get together or exceed the device requirements outlined from the following sections. Taking the time to prepare your Metasploit Lab Environment will assist eliminate many troubles before they arise later inside course. We suggest using a system that's capable of running multiple virtual machines to host your labs.

Hardware Requirements for Metasploit Lab

All of the values the following are estimated or recommended. You can get away with less now and again but know that performance will be affected, making for a under ideal learning experience.

Hard Drive Space

You will really need, at minimum, 10 GB of obtainable storage space in your host. Since we're using virtual machines with large file sizes, this means that were unable to employ a FAT32 partition since large files usually are not supported as filesystem, so make sure to choose NTFS, ext3, or some other filesystem format. The recommended level of space needed is 30 GB.

If you thought we would create clones or snapshots of your respective virtual machine(s) when you progress over the course, these will even take up valuable space with your system. Be vigilant , nor be afraid to reclaim space as required.

Available Memory

Failing to provide enough memory for your host and guest os will eventually result in system failure and/or end in being struggling to launch your virtual machine(s). You are going to require RAM for the host OS as well as the level of RAM you are dedicating per virtual machine. Use the guide below to assist in deciding the quantity of RAM required on your situation.

Linux “HOST” Minimal Memory Requirements: 1 GB of system memory (RAM). Realistically 2 GB or higher

Kali “GUEST” Minimal Memory Requirements: At least 1 GB of RAM. Realistically 2 GB or even more with a SWAP file of equal value

Metasploitable “GUEST” Minimal Memory Requirements: At least 256 MB of RAM (512 MB is mandatory)

Windows “GUEST” Minimal Memory Requirements: 1 GB is usually recommended. Realistically 1 GB if not more

Processor: To ensure the best experience, we recommend a 64-bit quad-core CPU or better. The bare-minimum dependence on VMware Player can be a 400MHz or faster processor (500MHz recommended) however, these speeds are inadequate for that purposes of this program. The more horsepower you'll be able to throw in your lab, the greater.

Internet Accessibility: Getting your lab create will require downloading some large virtual machines so that you will want to have a very good high-speed link with do so. If you choose to use “Bridged” networking for the virtual machines and there is no DHCP server on your own network, you'll have to assign static IP addresses for your guest VMs.

Software Requirements for Metasploit Lab

Before jumping in the Metasploit Framework, we'll need to have both an attacking machine (Kali Linux) along with a victim machine (metasploitable 2) in addition to a hypervisor running both in a secure and secluded network environment.

You can install Metasploit Framework with command: sudo apt install metasploit-framework

You also can use VMware Workstation or VMware Fusion but neither is likely to free.

Hypervisor for Metasploit Lab

Our recommended hypervisor for that best out-of-the-box compatibility with Kali Linux and metasploitable is VMware Player. While VMware Player is “free”, you'll need to register so that you can download it, plus the virtualization applications and appliances are very worth the registration if you don't already have a free account. You also can use VMware Workstation or VMware Fusion but neither more likely to be free.

There are also additional options available on the subject of which hypervisor you want to use. In addition to VMware, two other popular hypervisors are VirtualBox and KVM but they aren't covered here. Instructions for installing Kali Linux is found on the Kali Training site.

Latest Kali Linux

Kali Linux is undoubtedly an advanced Penetration Testing and Security Auditing Linux distribution that'll be used throughout this series. Kali Linux includes Metasploit pre-installed as well as numerous other security tools that you'll be able to try out against your victim machine. You can download the modern version of Kali Linux at Kali Linux Downloads.

Once you've downloaded Kali Linux, you'll be able to update Metasploit to the most recent version within the repos by running apt update && apt upgrade in Terminal.

Windows (Of course)

Microsoft has created a number of virtual machines available for download to test Microsoft Edge and different versions of Internet Explorer. We are going to be able to use these VMs whenever using some of the exploits and tools for sale in Metasploit. You can download the VMs from this level.

Once you've met the above mentined system requirements, you have to have no trouble running any tutorials in the Metasploit Unleashed course.

Metasploitable

One of the problems you encounter when learning to use an exploitation framework is intending to find and configure targets to scan and attack. Luckily, the Metasploit team appreciates this and released a vulnerable VMware virtual machine called ‘Metasploitable’.

Metasploitable is definitely an intentionally vulnerable Linux virtual machine which can be used to conduct security training, test security tools, and exercise common penetration testing techniques. The VM will are powered by any recent VMware products and also other visualization technologies for example VirtualBox. You can download the picture file of Metasploitable 2 came from here.

Never expose Metasploitable in an untrusted network, use NAT or Host-only mode!

Once you could have downloaded the Metasploitable VM, extract the zip file, open the .vmx file making use of your VMware product of preference, and power it on. After a brief time, the computer will be booted and ready for doing things. The default login and password is msfadmin:msfadmin.