btw. here is a blog with random tutorials you can explore on your path:
adaywithtape.blogspot.com
Cracking various things like rar or pdf files or wi-fi networks etc. is not very much a thing because it's very expensive, un-economical and boring.
Depending on what interests you and how serious you are my suggestion is to get familiar with static analysis, tools like flawfinder, rats, splint etc; there are many awesome tools like this out there that are not included in Kali, so don't limit yourself to just Kali.
metasploit which you mentioned is a solid tool, but if you look into available modules you'll notice they're several years old (some even over a decade).
Exploits that you get along with the tool have been patched long time ago, it's highly unlikely to find a machine online with those ancient bugs to compromise.
Pay attention to use most recent modules and search for servers that are somewhere on the edge.
This doesn't make the tool useless though, it only means you'll need to learn how to write your own modules and more importantly how to find bugs in software before that, that what static analysis does, or more precisely source auditing.
This is just one area that may interest you, another promising area that a lot of hackers use with success is learning about PE's and crypters.
It's useful if you want to collect a bunch of windows machines to establish a botnet.
While not ethical hacking it's worthwhile knowing how it works.
You will also want to master nmap for info gathering, having the tools is 1 thing but finding targets preceeds that.
But since you'll talking about ethical hacking this means you'll always want permission from the other side.
You can also research various repos and sign up as researcher when you feel confident, many established repos welcome researchers.
Some companies also pay if you find anything.
It's suggested to explore various areas not just one before diving deeper into something, some stuff is more interesting that other and not everything is easy as it may appear.
