IHA089 Labs: Master Hacking with Bold Cybersecurity Challenges
Hey there, fellow cybersecurity enthusiasts! I’m thrilled to share a project I’ve poured my heart into: IHA089 Labs. This is a platform I built to help people like you—whether you’re a beginner or a pro—practice ethical hacking and vulnerability testing in a totally offline, private setup. Let me walk you through what IHA089 Labs is, why it’s awesome, and how it can level up your skills.
What’s IHA089 Labs All About?
IHA089 Labs is my creation for anyone who wants to get hands-on with cybersecurity. It’s a set of labs that mimic real-world systems, letting you hunt for and exploit vulnerabilities like SQL injection, cross-site scripting (XSS), account takeovers, and brute force attacks. I designed it to feel like you’re hacking into actual apps, but it’s all safe and controlled.
The coolest part? It runs completely on your own computer, using localhost with the hostname iha089-labs.in. No internet needed, no external servers, just you and your machine. I broke the labs into modules, so you can pick and choose what to focus on—perfect for learning at your own pace.
You can grab the labs from my GitHub:
https://github.com/IHA089/IHA089-LABS.git
To start, run setup.py to get everything ready, then kick things off with python3 iha089-labs.py. Boom—you’re in!
Why I Made IHA089 Labs
I wanted a training tool that was private, realistic, and didn’t depend on sketchy internet connections. Here’s why I think IHA089 Labs hits the mark:
It’s 100% Offline
Everything happens on your computer. No Wi-Fi? No problem. Plus, keeping it local means your practice stays private—no one’s peeking over your shoulder(only need internet for download labs).
Real-Deal Challenges
I built the labs to mirror the bugs you’d find in actual websites or apps. Weak passwords, sloppy code, misconfigured databases—it’s all there. Practicing on these feels like the real thing, so you’re ready for whatever you face out there.
Pick Your Path
The labs are split into modules, each covering a different type of vulnerability. Want to crush SQL injection? There’s a module for it. Feeling like XSS today? Got that too. You decide what to tackle.
Free and Open
IHA089 Labs is open-source and free for everyone. It’s on GitHub, so you can download it, tweak it, or even add your own challenges if you’re feeling creative.
No Hassles
No sign-ups, no subscriptions, no nonsense. Just download, set up, and start hacking. It’s all about making learning as smooth as possible.
What You’ll Get Out of It
I’ve spent years messing around with cybersecurity, and I know nothing beats hands-on practice. Here’s how IHA089 Labs can help you grow:
Learn by Doing
Books and videos are great, but actually exploiting a vulnerability teaches you way more. With IHA089 Labs, you’re not just reading about XSS—you’re pulling it off yourself.
Sharpen Your Brain
Hacking is like a puzzle. You’ve got to think hard, test ideas, and find the weak spots. Every lab you crack makes you better at spotting patterns and solving problems.
Boost Your Career
If you want a job in cybersecurity, you need skills you can show off. IHA089 Labs lets you practice techniques that impress employers, whether you’re aiming to be a penetration tester or a security analyst.
Get Ready for Bug Bounties
Bug bounties are a sweet way to make cash by finding bugs in real systems. IHA089 Labs is like a gym for bounty hunters—you can train on the exact skills you’ll need to score those rewards.
Practice Anywhere
Since it’s offline, you can use IHA089 Labs on a plane, in a coffee shop, or in the middle of nowhere. You’re in control of when and where you learn.
Setting Up IHA089 Labs
Prerequisites
Before you begin, ensure that the following tools are installed on your system:
- Python: Download and install Python from python.org.
- Git: Download and install Git from git-scm.com.
Step-by-Step Setup Guide
Clone the Repository
Open your terminal or command prompt and run the following command to clone the IHA089 Labs repository:
git clone https://github.com/IHA089/IHA089-LABS.git
This command will download the lab files to your system.
Navigate to the Directory
After cloning the repository, navigate to the project folder:
cd IHA089-LABS
Setup the script
Inside the directory, you will find a file named setup.py. Run this script using Python:
python3 setup.py
Run the Script
Now, Run iha089-labs.py using python:
python3 iha089-labs.py
Now you can choose category and start that vulnerable lab.
Running a Specific Lab
Follow these steps to run a specific lab module. For example, let’s explore how to run the Brute Force Lab:
Choose a Lab Category
When you launch the labs, you’ll be presented with a list of categories. Use the terminal to select the desired category. For example, to access the Account Takeover category, type:
Select a Lab
Inside the chosen category, you’ll see a list of available labs. For the Brute Force Lab, type:
Access the Lab
The system will provide a URL where the lab is hosted.
Using the Mail System and Vulnerable Lab
IHA089 Labs comes with a slick mail system and a dedicated vulnerable lab to supercharge your practice. Here’s how they work:
Mail System URL: https://127.0.0.1:7089
This local URL lets you access a mail service where you can create email addresses with the @iha089.org domain (like test@iha089.org)`. Use these emails in the labs for testing things like:
- Signing up for accounts
- Trying brute force attacks
- Practicing account takeovers
Just open the URL in your browser, make an email, and start experimenting.
Vulnerable Lab URL: https://iha089-labs.in
This URL takes you to the Vulnerable lab. It’s a realistic setup where you can test your skills by:
- Find weak logic or bugs
- Exploiting bugs
Open the URL in your browser to jump into the challenge.
How to Tackle the Labs
- Understand the Challenge: Each lab comes with a description. For the Brute Force Lab, you’ll get a hint URL to guide you. Read it carefully to know what you’re up against.
- Exploit the Bug: Use your hacking tools and skills to find and exploit the vulnerability. This is where you learn by doing, getting real experience with ethical hacking.
Troubleshooting Common Issues
Sometimes, things don’t go smoothly. Here’s a fix for a common problem:
Certificate Errors
If you see a “certificate not valid” error when accessing HTTPS URLs (like https://127.0.0.1:7089 or https://iha089-labs.in), it’s because your browser doesn’t trust the lab’s certificate. Here’s how to fix it:
- Find the rootCA.pem file in the IHA089 Labs repository.
- Open your browser’s settings and go to the certificate management section.
- Import rootCA.pem and set it as trusted for all purposes.
This should clear up the error and let you access the labs securely.
IHA089 Labs is my way of giving back to the cybersecurity community. I wanted to create something that’s practical, accessible, and fun for anyone who loves hacking. With its offline setup, real-world challenges, and flexible modules, it’s a place where you can grow your skills, prep for bounties, or just geek out over vulnerabilities.
So, what’s next? Download the labs, fire them up, and start hacking. I can’t wait to hear about the bugs you crush!
Stay curious and keep hacking (the ethical way)!