Installing Metasploitable2 is likely to be one of the easiest installations that you will perform in your security lab. This is because it is already prepared as a VMware virtual machine when it is downloaded from SourceForge.

1. Once the ZIP file has been downloaded, you can easily extract its contents on Windows or macOS by double-clicking on it in Explorer or Finder, respectively. Have a look at the following screenshot:

2. Once extracted, the ZIP file will return a directory with five additional files inside. Included among these files is the VMware VMX file. To use Metasploitable2 in VMware, just click on the File drop-down menu and click on Open. Then, browse to the directory created from the ZIP extraction process, and open Metasploitable.vmx, as shown in the following screenshot:

3. Once the VMX file has been opened, it should be included in your virtual machine library. Select it from the library and click on Run to start the VM and get the following screen:

4. After the VM loads, the splash screen will appear and request login credentials. The default credentials are msfadmin for both the username and password. This machine can also be accessed via SSH, as addressed in the Configuring and using SSH recipe later in this recipe.