Setting Up a Penetration Testing Lab
sridhar MadhavanTable of contents
- Why Build Your Own Pentesting Lab?
- With this setup, you can safely practice penetration testing in your own isolated environment.
- Step 1: Install Virtualization Software
- Step 2: Download VM Images
- Step 3: Convert Metasploitable 2 for QEMU/KVM
- Step 4: Create Virtual Machines
- Step 5: Login Credentials
- 🛠️ Step 6: Test Your Lab
Why Build Your Own Pentesting Lab?
Setting up a home lab is the best way to learn ethical hacking safely. Here’s why it matters:
Get real, hands-on practice with the same tools used by professionals
Build confidence for interviews, certifications, and real-world scenarios
Break things, experiment, and learn—without risking your main system
Take control of your learning and progress at your own pace
My Lab Setup
Welcome! I’m running Fedora Linux as my daily OS, so I use QEMU/KVM for virtualization. It’s fast, stable, and works great on Linux.
If you’re on Windows or Mac, you’re covered too:
VMware Workstation Player (free for personal use)
VirtualBox (free and beginner-friendly)
For this guide, you’ll set up two virtual machines:
Kali Linux (the attacker)
Metasploitable 2 (the vulnerable target)
With this setup, you can safely practice penetration testing in your own isolated environment.
Step 1: Install Virtualization Software
Linux (Fedora) - QEMU/KVM
Since I’m using Fedora, I’ll show you how to get QEMU/KVM up and running with just a few commands. If you’re on a different Linux distro (like Ubuntu), check out the official QEMU docs for the right steps.
First, open your terminal and install the virtualization group:
sudo dnf install @virtualization
Once that’s done, let’s make sure the virtualization service is running and set to start automatically every time you boot:
sudo systemctl start --now libvirtd
sudo systemctl enable --now libvirtd
sudo systemctl status libvirtd
If everything went smoothly, you should see output showing that libvirtd is active. If it says “inactive (dead),” don’t worry—sometimes it only runs when needed.
Now, you’re ready to launch the Virtual Machine Manager (also called virt-manager). This is a handy graphical tool to create and manage your virtual machines.
The first time you open Virtual Machine Manager, it might ask for your password. If you want to avoid entering your password every time, just add your user to the right groups:
sudo usermod -aG libvirt $USER
sudo usermod -aG libvirt-qemu $USER
sudo usermod -aG kvm $USER
sudo usermod -aG input $USER
sudo usermod -aG disk $USER
After running these commands, log out and log back in for the changes to take effect.
Start Virtual Machine Manager GUI
Just search for “Virtual Machine Manager” in your applications menu and launch it. You’ll see a window like this:
Now you’re all set to start creating your virtual machines!
Windows - VMware/VirtualBox
If you’re using Windows, you’ll need to install virtualization software before setting up your lab. There are two popular (and free) options:
VMware Workstation Player (free for personal use)
Not sure how to install them? Just search YouTube for “How to install VirtualBox on Windows” or “How to install VMware Workstation Player on Windows.” You’ll find plenty of step-by-step video guides that walk you through the process.
Tip: Make sure virtualization is enabled in your BIOS/UEFI (look for VT-x or AMD-V settings) before installing.
Step 2: Download VM Images
Kali Linux (Attacker)
Visit the official Kali Linux downloads page: kali.org/get-kali
Download the Virtual Machine (OVA) file for quick setup, or the ISO if you prefer a custom installation.
Metasploitable 2 (Target)
Download Metasploitable 2 from SourceForge: Metasploitable 2 Download
The download provides a VMware VMDK disk image, which you’ll use for your target machine.
Step 3: Convert Metasploitable 2 for QEMU/KVM
Metasploitable 2 is provided as a VMDK file (for VMware), but QEMU/KVM works best with the QCOW2 format. To convert the VMDK to QCOW2, use the following command:
qemu-img convert -f vmdk -O qcow2 Metasploitable.vmdk metasploitable2.qcow2
This will create a metasploitable2.qcow2 file that you can use when setting up the VM in Virt-Manager.
Step 4: Create Virtual Machines
On Linux (QEMU/KVM with Virt-Manager)
Kali Linux (Attacker Machine)
- Open Virtual Machine Manager You can launch it from your application menu or type:
virt-manager
- Click “Create a new virtual machine” This will open a setup wizard.
Choose “Local install media (ISO)” This means we’re installing from a Kali Linux ISO file.
Click Browse and select your downloaded Kali ISO.
- Set the hardware:
🧠 RAM: Give it at least 2 GB (2048 MB)
💾 Disk space: Allocate 20 GB (create a new disk image if prompted)
- Networking:
Set to NAT (default) or Isolated Network (safer).
Tip: NAT lets the VM access the internet (good for updates).
- Click Finish and start the VM. Now install Kali Linux like you would on a normal PC. Use default settings unless you know what you’re doing.
Metasploitable 2 (Vulnerable Target)
Metasploitable is already a ready-to-use virtual disk, so no installation needed.
Open Virt-Manager → Click “Create a new virtual machine”
Choose “Import existing disk image” This lets us use the converted
metasploitable2.qcow2file.Browse and select
metasploitable2.qcow2Set the hardware:
🧠 RAM: 512 MB is enough (it’s very light)
💾 Disk: Use the existing QCOW2 file
- Networking:
Use the same network setting as Kali (NAT or Isolated).
✅ Tip: Both VMs must be on the same network to “see” each other.
- Click Finish and start the VM. It will boot directly into a login screen.
🪟 On Windows (VirtualBox or VMware)
Kali Linux
Download the Kali OVA file from kali.org
Open VirtualBox → File → Import Appliance → Select OVA
Follow the wizard and finish.
Metasploitable 2
Create a new VM in VirtualBox
When it asks for a hard disk, select “Use existing virtual hard disk file” and choose the downloaded VMDK.
Networking for Both
Set networking mode to “Host-Only” or “Internal Network”
Tip: This keeps your VMs safe and isolated from the real internet.
Step 5: Login Credentials
| Machine | Username | Password |
| Kali Linux | kali | kali |
| Metasploitable 2 | msfadmin | msfadmin |
🛠️ Step 6: Test Your Lab
Now let’s check if everything works!
Find Metasploitable’s IP Address
Login to Metasploitable 2:
msfadmin
msfadmin
Type:
ifconfig
(or ip a if ifconfig is not available)
Look for something like 192.168.x.x
✅ Ping Metasploitable from Kali
In Kali Linux terminal:
ping 192.168.122.209
You should see replies, which means both VMs are connected!
Subscribe to my newsletter
Read articles from sridhar Madhavan directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by