I recently created a Pen Testing lab on an ESXI host at home. Currently I have the Metasploitable and the OWASP Broken Web Application images. Are there any others I should be aware of? I guess for that matter, what do you experienced pen testers do to lab at home?
I guess it all depends on your interests and level of knowledge. Are you more interested in Web App / Network pentesting, or maybe exploit dev etc. ?
Besides the mentioned resources also try to include some windows targets in your environment ( win xp, win server 2000 etc.). One great book that walks you through building a lab and teaches you the fundamentals of pentesting is Penetration Testing: A Hands-On Introduction to Hacking, which was reviewed on EH-Net.