Recently ihacklabs have developed new virtual labs with scenarios where you could practice hacking and improve attack techniques in controlled environments. Ihacklabs started a couple of years ago to develop these environments, and we believe that now is a good time to explain all the content that they have and that you could find inside of them.
We would like to say that in addition to the unique accesses to the virtual labs, it is also possible to access them through our certifications or courses.
Ihacklabs currently has six virtual labs and the seventh it´s on the way. Also, we have dedicated servers for the courses. Also, we have several dedicated servers with more than 250 servers on the ESXI 6.0 managed by a Virtual Center of VMware.
Also, we can not forget that to improve the competitiveness we have developed a system of flags that allow users to see their ranking positions. Also it is possible to achieve different levels of hacking, all collated with the option to can create teams and compete against other.
What do we offer?
Our environments are unique, and you will not find anything similar, the reason is that they were created by us, each server, each configuration has been developed by technicians and senior security consultant of Ihacklabs with extensive experience in the security assessment. Based on the fact that the environments have a wide range of servers, we have developed network environments with up to four different networks, where several attack and experience techniques must be developed to achieve access and be root.
Figure 1 – Ihacklabs Offer
It was the first lab that we developed. Currently, it has 50 servers approximately distributed by four sites with different networks. This large corporation simulates the network of a real company, where you can practice the following attacks.
- Brute force
- Exploit development
- Elevate Privileges
- SQLI, XSS, RFI, LFI, etc.
- CMS with different vulnerabilities
- Antivirus Evasion
Our users prefer this environment; its great variety allows us to practice and use all the tools at our fingertips in a controlled and legal environment. Below we leave an image with all the systems that you could find in this unique environment of pentest.
Figure 2 – Hacking Lab Servers
We wanted to go a little further and create a specialized environment for different situations, and we believe that students should have an isolated environment where they practice the exercises of the courses. That is why we have also created Learning Lab.
Private and Shared Learning Lab
This laboratory aims to be the perfect complement for those who are starting in the area of security. In a set of 4 servers, we have developed a system of more than 100 exercises in the case of ICPP + where you can practice with ease and with a guide step by step different techniques of penetration, studying each case through the material or written or video Of the instructor.
- Enumeration of more standard protocols
- Dedicated environment for practicing web application attacks based on OWASP
- Isolated and dedicated environment
- Windows 7, Windows XP and Linux servers
- Script development environment for C and Python
- Exploits were learning development environment.
Continuing with the development of our laboratories, we have continued to work and expand our offer, and of course, we could not miss a lab where we practice a broad range of attacks based on the OWASP methodology. That’s why Ihacklabs want to create WebApps Lab.
Our pentest environment for web applications is based on the OWASP model, and for this, we have put together several frameworks in an environment where we can practice all the top 10 vulnerabilities of OWASP.
Figure 3 – Desktop of one of the servers where to practice OWASP
During the development of the ICPWAP course, Ihacklabs knew the software developed itsecgames and thanks to their kindness have allowed us to integrate into their formations their bWAPP software. This framework not only allows you to practice a wide range of web attacks but also makes it possible to select your level of difficulty.
Somewhere you should develop possible exploits of vulnerable software that are detected in the hacking lab, so we have created an exploit development environment, which also contains some basic exploit exercises. The purpose of these servers is to be the basis for the user to be able to develop exploits.
Ihacklabs is currently developing an advanced exploit course, and we will develop new content.
Windows Domains Lab
It is the last pearl to be added to the range of laboratories. Ihacklabs thought about creating different situations that could simulate a bank, a hospital or an insurance company. For this, we have designed four labs with two network jumps that allow the attacker to practice all their delights in a fully updated environment.
Ihacklabs has deployed Windows 2016, 2012 servers with clients such as Windows 7 or Windows 10. These conditions are perfect for Red Teams who are conducting an internal audit and need to elevate privileges or gain access to the domain controller to extract all the hashes. In this environment, you can.
- Develop exploit
- Exploit vulnerable software
- Take advantage of weak configurations.
- Evade antivirus
- Explode services
- Perform PTH attacks
If you go through all our drivers: Neptune, Jupiter, Cibeles, and Artemisa are waiting for you. These servers also have Flagged and therefore count as points in the overall ranking.
This lab wants to put the crown and be based on the Metasploit tool. For this, we have configured Metasploitable 2 and 3 and have set these servers available to users.
Management of servers and portal
To achieve controlled management of the environment and the user can revert servers to their initial state, change their configuration or download their VPN profile. We have developed a portal that allows us to manage all this content visually.
Figure 4 – Server Control
This panel not only allows you to manage the servers but also you can see your classification, create teams, check the difficulty level of the challenge and enjoy continuous improvement that we implemented in this panel.
Do you want to know more about our laboratories?
We have a test access, which provides access to all labs for seven days without any cost or commitment of permanence. For this, you just have to contact ihacklabs through your email account firstname.lastname@example.org, and one of the team members will be happy to help you. Join our community and access our private Telegram channel.
Of course, you can also use our web chat system if you wish, to make queries or to solve any doubts you may have.
The Ihacklabs team