Metasploitable 2

Metasploitable2 is the second incarnation of an intentionally vulnerable, Linux-based virtual machine used for practicing penetration testing and security research. The tool is lightly documented at Rapid7's website, which contains links to download the VM. To get the tool, you first need to register at the source site, then download an 800 MB file. Once downloaded, extract with 7-zip, NanaZip, or a similar tool and import in VMWare or VirtualBox. To get started with breaking into the Metasploitable2 machine, check out the Exploitability guide from Rapid7. For help setting up Metasploitable2 in VirtualBox, check out this blog post from Geeks for Geeks. If you'd rather use the tool from VMWare, take a look at Exploit-DB's Easiest Metasploit guide ever.