π₯ Install Metasploitable 2 on Mac (Apple Silicon) with UTM
A step-by-step guide to install and run Metasploitable 2 on Mac with Apple Silicon (M1, M2, M3, etc.) using UTM. Ideal for ethical hacking, penetration testing, and cybersecurity students.
π Note: As of now, only UTM reliably supports running Metasploitable 2 on Macs with Apple Silicon (M1, M2, M3, etc.). VirtualBox and VMware do not support x86 virtual machines on Apple Silicon natively.
π Updated: July 24, 2025
π Table of Contents
- What is Metasploitable 2?
- Why UTM for Apple Silicon?
- Requirements
- Download Metasploitable 2
- Installation Steps
- Author
π§ What is Metasploitable 2?
Metasploitable 2 is a deliberately vulnerable Linux-based virtual machine created by Rapid7 for penetration testing practice. It’s widely used in cybersecurity labs.
π₯οΈ Why UTM for Apple Silicon Macs?
Apple Silicon (M1, M2, M3) doesnβt natively support x86 VMs in VirtualBox or VMware. UTM is the best free and open-source virtualization tool for running x86 operating systems on Apple Silicon.
π¦ Requirements
- β Mac with Apple Silicon (M1, M2, M3β¦)
- β UTM
- β
Metasploitable 2
.isoor.vmdkfile (download below)
π½ Download Metasploitable 2
- Go to official source
- Download the Metasploitable2.vmdk.zip
- Extract the
metasploitable-linux-2.0.0.zipfile
βοΈ Step-by-Step Installation (Using UTM)
1. Open UTM and Create a New VM
- Click Create a New Virtual Machine
- Select Emulate
- Select Other
- Select Boot Device: None
2. System Configuration
- Architecture: x86_64
- System: Leave default (or choose x86-compatible)
- Memory: 1024 MiB or more
- Select Continue
- Storage: 2 GiB
- Select Continue
- Select Continue
- Type Name: Metasploitable 2
- Check Open VM Settings
- Click Save
3. QEMU Settings
- Go to QEMU
- Uncheck UEFI Boot
4. Network Settings
- Go to Network
- Set Network Mode: Bridged (Advanced)
π Important: Make sure your Kali Linux or other VM is also set to Bridged mode so it can communicate with Metasploitable 2 over the network.
5. Drives Settings
- Right Click and Delete IDE Drive
- Click New -> Import
- Choose file Metasploitable.vmdk (in the folder you unzip when download Metasploitable)
- Click Open
- Click Save and then you have successfully created your Metasploitable VM.
6. Finalize
- Start your Metasploitable 2 machine
- Default credentials:
- Login: msfadmin
- Password: msfadmin
- To verify networking, run:
ifconfig
In order to see the IP address of your Metasploitable 2 VM.
π Author
Made by James Cao β cybersecurity & ethical hacking student.
Feel free to β the repo if it helped you!