Labs Comparison : CEH v12 vs CEH v13 AI
Share
Welcome to CEH.Academy's overview of the lab changes in CEH v13!
The Certified Ethical Hacker (CEH) v13 has introduced significant updates to its practical labs, reflecting the ever-evolving landscape of cybersecurity. Let's explore the key changes:
1. AI Integration:
- New AI-focused labs across multiple modules, such as "Perform Footprinting using ShellGPT" and "Perform Web Application Hacking using ShellGPT".
- A new lab on crafting phishing emails with ChatGPT in the Social Engineering module.
2. Cloud Security Updates:
- Additional labs covering Azure and Google Cloud Platform.
- New lab on vulnerability assessment of Docker images.
3. Enhanced Mobile Hacking:
- Updated Android hacking lab using PhoneSploit-Pro.
4. IoT and OT Security:
- New labs on VoIP device attacks and CAN protocol exploitation.
5. Web Application Security:
- Fresh labs on JWT token attacks and Remote Code Execution (RCE).
6. Network Security Advancements:
- Updated tools and techniques in scanning and enumeration labs.
- New lab on evading firewalls through Windows BITSAdmin.
7. Malware Analysis:
- Enhanced labs for static and dynamic malware analysis.
- New lab using capa for analyzing executable files.
8. Wireless Security:
- Updated labs for WPA2/WPA3 cracking.
- New lab on finding hidden SSIDs using MDK.
9. Cryptography:
- New lab on multi-layer hashing using CyberChef.
- AI-assisted cryptography lab.
10. Restructured Self-Study Labs:
- Many labs from v12 have been converted to self-study modules, allowing for more flexible learning.
It's worth noting that while new labs have been added, some labs from v12 have been removed or updated. This ensures that the curriculum remains current and relevant to today's cybersecurity challenges.
The new labs in CEH v13 emphasize hands-on experience with cutting-edge tools and techniques, preparing ethical hackers for real-world scenarios. The integration of AI across various modules is particularly noteworthy, reflecting the growing importance of AI in both offensive and defensive cybersecurity strategies.
By completing these updated labs, CEH v13 certified professionals will be well-equipped to handle the latest cybersecurity threats and protect organizations in an increasingly complex digital landscape.
Thank you for choosing CEH.Academy for your advanced ethical hacking training!
CEH v12 vs CEH v13 AI
1. Bold points are new labs in CEHv13
2. Italic points are substantially modified labs in CEHv13
3. Underground labs are removed from CEHv12
4. Labs marked as (Self-study) will be available separately as the CEH Self Study Upgrade Lab Pack
| CEHv12 | CEHv13 |
|---|---|
| Module 01: Introduction to Ethical Hacking | Module 01: Introduction to Ethical Hacking |
| Module 02: Footprinting and Reconnaissance | Module 02: Footprinting and Reconnaissance |
| 1. Perform Footprinting Through Search Engines | 1. Perform Footprinting Through Search Engines |
| 1.1 Gather Information using Advanced Google Hacking Techniques | 1.1 Gather Information using Advanced Google Hacking Techniques |
| 1.2 Gather Information from Video Search Engines | 1.2 Gather Information from Video Search Engines (Self-study) |
| 1.3 Gather Information from FTP Search Engines | 1.3 Gather Information from FTP Search Engines (Self-study) |
| 1.4 Gather Information from IoT Search Engines | 1.4 Gather Information from IoT Search Engines (Self-study) |
| 2. Perform Footprinting Through Web Services | 2. Perform Footprinting Through Internet Research Services |
| 2.1 Find the Company's Domains and Sub-domains using Netcraft | 2.1 Find the Company's Domains, Sub-domains and Hosts using Netcraft and DNSDumpster |
| 2.2 Gather Personal Information using PeekYou Online People Search Service | 2.2 Gather Personal Information using PeekYou Online People Search Service (Self-study) |
| 2.3 Gather an Email List using theHarvester | 2.3 Gather Information using Deep and Dark Web Searching (Self-study) |
| 2.4 Gather Information using Deep and Dark Web Searching | 2.4 Determine Target OS Through Passive Footprinting (Self-study) |
| 2.5 Determine Target OS Through Passive Footprinting |
| CEHv12 | CEHv13 |
|---|---|
| 3. Perform Footprinting Through Social Networking Sites | 3. Perform Footprinting Through Social Networking Sites |
| 3.1 Gather Personal Information from Various Social Networking Sites using Sherlock | 3.1 Gather Employees' Information from LinkedIn using theHarvester |
| 3.2 Gather Information using Followerwonk | 3.2 Gather Personal Information from Various Social Networking Sites using Sherlock (Self-study) |
| 4. Perform Website Footprinting | 4. Perform Whois Footprinting |
| 4.1 Gather Information About a Target Website using Ping Command Line Utility | 4.1 Perform Whois Lookup using DomainTools |
| 4.2 Gather Information of a Target Website using Photon | 5. Perform DNS Footprinting |
| 4.3 Gather information about a target website using Central Ops | 5.1 Gather DNS Information using nslookup Command Line Utility and Online Tool |
| 4.4 Extract a Company's Data using Web Data Extractor | 5.2 Gather Information of Subdomain and DNS Records using SecurityTrails (Self-study) |
| 4.5 Mirror a Target Website using HTTrack Web Site Copier | 5.3 Perform Reverse DNS Lookup using Reverse IP Domain Check and DNSRecon (Self-study) |
| 4.6 Gather Information About a Target Website using GRecon | 6. Perform Network Footprinting |
| 4.7 Gather a Wordlist from the Target Website using CeWL | 6.1 Locate the Network Range (Self-study) |
| 5. Perform Email Footprinting | 6.2 Perform Network Tracerouting in Windows and Linux Machines |
| 5.6 Gather Information About a Target by Tracing Emails using eMailTrackerPro | 7. Perform Email Footprinting |
| 6. Perform Whois Footprinting | 7.1 Gather Information About a Target by Tracing Emails using eMailTrackerPro |
| 6.3 Perform Whois Lookup using DomainTools | 7.2 Gather information About a Target Email using Holehe (Self-study) |
| 7. Perform DNS Footprinting | 8. Perform Footprinting using Various Footprinting Tools |
| 7.3 Gather DNS Information using nslookup Command Line Utility and Online Tool | 8.1 Footprinting a Target using Recon-ng |
| 7.4 Perform Reverse DNS Lookup using Reverse IP Domain Check and DNSRecon | 8.2 Footprinting a Target using Maltego (Self-study) |
| 7.5 Gather Information of Subdomain and DNS Records using SecurityTrails | 8.3 Footprinting a Target using FOCA (Self-study) |
| 8. Perform Network Footprinting | 8.4 Footprinting a Target using OSINT Framework (Self-study) |
| 8.1 Locate the Network Range | 8.5 Footprinting a Target using OSINT.SH (Self-study) |
| 8.2 Perform Network Tracerouting in Windows and Linux Machines | 8.6 Footprinting a Target using Web Check (Self-study) |
| 8.3 Perform Advanced Network Route Tracing using Path Analyzer Pro | 9. Perform Footprinting using AI |
| 9. Perform Footprinting using Various Footprinting Tools | 9.1 Footprinting a Target using Shellgpt |
| 9.2 Footprinting a Target using Recon-ng | |
| 9.3 Footprinting a Target using Maltego | |
| 9.4 Footprinting a Target using OSRFramework |
| CEHv12 | CEHv13 |
|---|---|
| 9.5 Footprinting a Target using FOCA | |
| 9.6 Footprinting a Target using BillCipher | |
| 9.7 Footprinting a Target using OSINT Framework | |
| Module 03: Scanning Networks | Module 03: Scanning Networks |
| 1. Perform Host Discovery | 1. Perform Host Discovery |
| 1.1 Perform Host Discovery using Nmap | 1.1 Perform Host Discovery using Nmap |
| 1.2 Perform Host Discovery using Angry IP Scanner | 1.2 Perform Host Discovery using Angry IP Scanner (Self-study) |
| 2. Perform Port and Service Discovery | 2. Perform Port and Service Discovery |
| 2.1 Perform Port and Service Discovery using MegaPing | 2.1 Perform Port and Service Discovery using MegaPing (Self-study) |
| 2.2 Perform Port and Service Discovery using NetScanTools Pro | 2.2 Perform Port and Service Discovery using NetScanTools Pro (Self-study) |
| 2.3 Perform Port Scanning using sx Tool | 2.3 Perform Port Scanning using sx Tool (Self-study) |
| 2.4 Explore Various Network Scanning Techniques using Nmap | 2.4 Explore Various Network Scanning Techniques using Nmap |
| 2.5 Explore Various Network Scanning Techniques using Hping3 | 2.5 Explore Various Network Scanning Techniques using Hping3 (Self-study) |
| 3. Perform OS Discovery | 2.6 Scan a Target Network using Rustscan (Self-study) |
| 3.1 Identify the Target System's OS with Time-to-Live (TTL) and TCP Window Sizes using Wireshark | 3. Perform OS Discovery |
| 3.2 Perform OS Discovery using Nmap Script Engine (NSE) | 3.1 Identify the Target System's OS with Time-to-Live (TTL) and TCP Window Sizes using Wireshark (Self-study) |
| 3.3 Perform OS Discovery using Unicornscan | 3.2 Perform OS Discovery using Nmap Script Engine (NSE) |
| 4. Scan beyond IDS and Firewall | 4. Scan beyond IDS and Firewall |
| 4.1 Scan beyond IDS/Firewall using various Evasion Techniques | 4.1 Scan beyond IDS/Firewall using various Evasion Techniques |
| 4.2 Create Custom Packets using Colasoft Packet Builder to Scan beyond IDS/Firewall | 4.2 Create Custom Packets using Colasoft Packet Builder to Scan beyond the IDS/Firewall (Self-study) |
| 4.3 Create Custom UDP and TCP Packets using Hping3 to Scan beyond IDS/Firewall | 4.3 Create Custom UDP and TCP Packets using Hping3 to Scan beyond the IDS/Firewall (Self-study) |
| 4.4 Browse Anonymously using Proxy Switcher | 5. Perform Network Scanning using Various Scanning Tools |
| 4.5 Browse Anonymously using CyberGhost VPN | 5.1 Scan a Target Network using Metasploit |
| 5. Perform Network Scanning using Various Scanning Tools | 6. Perform Network Scanning using AI |
| 5.1 Scan a Target Network using Metasploit |
| CEHv12 | CEHv13 |
|---|---|
| Module 04: Enumeration | Module 04: Enumeration |
| 1. Perform NetBIOS Enumeration | 1. Perform NetBIOS Enumeration |
| 1.1 Perform NetBIOS Enumeration using Windows Command-Line Utilities | 1.1 Perform NetBIOS Enumeration using Windows Command-Line Utilities |
| 1.2 Perform NetBIOS Enumeration using NetBIOS Enumerator | 1.2 Perform NetBIOS Enumeration using NetBIOS Enumerator (Self-study) |
| 1.3 Perform NetBIOS Enumeration using an NSE Script | 1.3 Perform NetBIOS Enumeration using an NSE Script (Self-study) |
| 2. Perform SNMP Enumeration | 2. Perform SNMP Enumeration |
| 2.1 Perform SNMP Enumeration using snmp-check | 2.1 Perform SNMP Enumeration using snmp-check (Self-study) |
| 2.2 Perform SNMP Enumeration using SoftPerfect Network Scanner | 2.2 Perform SNMP Enumeration using SoftPerfect Network Scanner (Self-study) |
| 2.3 Perform SNMP Enumeration using SnmpWalk | 2.3 Perform SNMP Enumeration using SnmpWalk |
| 2.4 Perform SNMP Enumeration using Nmap | 2.4 Perform SNMP Enumeration using Nmap (Self-study) |
| 3. Perform LDAP Enumeration | 3. Perform LDAP Enumeration |
| 3.1 Perform LDAP Enumeration using Active Directory Explorer (AD Explorer) | 3.1 Perform LDAP Enumeration using Active Directory Explorer (AD Explorer) |
| 3.2 Perform LDAP Enumeration using Python and Nmap | 3.2 Perform LDAP Enumeration using Python and Nmap (Self-study) |
| 3.3 Perform LDAP Enumeration using ldapsearch | 4. Perform NFS Enumeration |
| 4. Perform NFS Enumeration | 4.1 Perform NFS Enumeration using RPCScan and SuperEnum |
| 4.1 Perform NFS Enumeration using RPCScan and SuperEnum | 5. Perform DNS Enumeration |
| 5. Perform DNS Enumeration | 5.1 Perform DNS Enumeration using Zone Transfer |
| 5.1 Perform DNS Enumeration using Zone Transfer | 5.2 Perform DNS Enumeration using DNSSEC Zone Walking (Self-study) |
| 5.2 Perform DNS Enumeration using DNSSEC Zone Walking | 5.3 Perform DNS Enumeration using Nmap (Self-study) |
| 5.3 Perform DNS Enumeration using Nmap | 6. Perform SMTP Enumeration |
| 6. Perform SMTP Enumeration | 6.1 Perform SMTP Enumeration using Nmap |
| 6.1 Perform SMTP Enumeration using Nmap | 7. Perform RPC, SMB, and FTP Enumeration |
| 7. Perform RPC, SMB, and FTP Enumeration | 7.1 Perform SMB and RPC Enumeration using NetScanTools Pro (Self-study) |
| 7.1 Perform RPC and SMB Enumeration using NetScanTools Pro | 7.2 Perform SMB Enumeration using SMBeagle (Self-study) |
| 7.2 Perform RPC, SMB, and FTP Enumeration using Nmap | 7.3 Perform RPC, SMB, and FTP Enumeration using Nmap (Self-study) |
| 8. Perform Enumeration using Various Enumeration Tools | 8. Perform Enumeration using Various Enumeration Tools |
| 8.1 Enumerate Information using Global Network Inventory | 8.1 Enumerate Information using Global Network Inventory |
| 8.2 Enumerate Network Resources using Advanced IP Scanner | 8.2 Enumerate Information from Windows and Samba Hosts using Enum4linux (Self-study) |
| 8.3 Enumerate Information from Windows and Samba Hosts using Enum4linux | 9. Perform Enumeration using AI |
| 9.1 Perform Enumeratio |
Tiếp tục phần Labs Comparison:
| CEHv12 | CEHv13 | |
|---|---|---|
| Module 05: Vulnerability Analysis | Module 05: Vulnerability Analysis | |
| 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases | 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases | |
| 1.1 Perform Vulnerability Research in Common Weakness Enumeration (CWE) | 1.1 Perform Vulnerability Research in Common Weakness Enumeration (CWE) | |
| 1.2 Perform Vulnerability Research in Common Vulnerabilities and Exposures (CVE) | 1.2 Perform Vulnerability Research in Common Vulnerabilities and Exposures (CVE) (Self-study) | |
| 1.3 Perform Vulnerability Research in National Vulnerability Database (NVD) | 1.3 Perform Vulnerability Research in National Vulnerability Database (NVD) (Self-study) | |
| 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools | 1.4 Perform Vulnerability Research using Searchsploit (Self-study) | |
| 2.1 Perform Vulnerability Analysis using OpenVAS | 1.5 Perform Vulnerability Research using Vuldb (Self-study) | |
| 2.2 Perform Vulnerability Scanning using Nessus | 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools | |
| 2.3 Perform Vulnerability Scanning using GFI LanGuard | 2.1 Perform Vulnerability Analysis using OpenVAS | |
| 2.4 Perform Web Servers and Applications Vulnerability Scanning using CGI Scanner Nikto | 2.2 Perform Vulnerability Scanning using Sniper (Self-study) | |
| 3. Perform Vulnerability Analysis using AI | ||
| 3.1 Perform Vulnerability Analysis using ShellGPT | ||
| Module 06: System Hacking | Module 06: System Hacking | |
| 1. Gain Access to the System | 1. Gain Access to the System | |
| 1.1 Perform Active Online Attack to Crack the System's Password using Responder | 1.1 Perform Active Online Attack to Crack the System's Password using Responder | |
| 1.2 Audit System Passwords using L0phtCrack | 1.2 Perform Active Online Attack to Crack the System's Password using NTLM Theft (Self-study) | |
| 1.3 Find Vulnerabilities on Exploit Sites | 1.3 Audit System Passwords using L0phtCrack (Self-study) | |
| 1.4 Exploit Client-Side Vulnerabilities and Establish a VNC Session | 1.4 Find Vulnerabilities on Exploit Sites (Self-study) | |
| 1.5 Gain Access to a Remote System using Armitage | 1.5 Exploit Client-Side Vulnerabilities and Establish a VNC Session (Self-study) | |
| 1.6 Gain Access to a Remote System using Ninja Jonin | 1.6 Gain Access to a Remote System using Reverse Shell Generator | |
| 1.7 Perform Buffer Overflow Attack to Gain Access to a Remote System | 1.7 Gain Access to a Remote System using Image File Dropper (Self-study) | |
| 2. Perform Privilege Escalation to Gain Higher Privileges | 1.8 Perform Buffer Overflow Attack to Gain Access to a Remote System | |
| 2.1 Escalate Privileges using Privilege Escalation Tools and Exploit Client-Side Vulnerabilities | 2. Perform Privilege Escalation to Gain Higher Privileges | |
| 2.2 Hack a Windows Machine using Metasploit and Perform Post-Exploitation using Meterpreter | 2.1 Escalate Privileges using Privilege Escalation Tools and Exploit Client-Side Vulnerabilities (Self-study) | |
| 2.3 Escalate Privileges by Exploiting Vulnerability in pkexec | 2.2 Hack a Windows Machine using Metasploit and Perform Post-Exploitation using Meterpreter (Self-study) | |
| 2.4 Escalate Privileges in Linux Machine by Exploiting Misconfigured NFS | 2.3 Escalate Privileges by Bypassing UAC and Exploiting Sticky Keys | |
| 2.5 Escalate Privileges by Bypassing UAC and Exploiting Sticky Keys | 2.4 Perform SSH-bruteforce Attack and Escalate Privileges by Exploiting Client-Side Vulnerabilities (Self-study) | |
| 2.6 Escalate Privileges to Gather Hashdump using Mimikatz |
|
| CEHv12 | CEHv13 |
|---|---|
| 3. Perform Footprinting Through Social Networking Sites | 3. Perform Footprinting Through Social Networking Sites |
| 3.1 Gather Personal Information from Various Social Networking Sites using Sherlock | 3.1 Gather Employees' Information from LinkedIn using theHarvester |
| 3.2 Gather Information using Followerwonk | 3.2 Gather Personal Information from Various Social Networking Sites using Sherlock (Self-study) |
| 4. Perform Website Footprinting | 4. Perform Whois Footprinting |
| 4.1 Gather Information About a Target Website using Ping Command Line Utility | 4.1 Perform Whois Lookup using DomainTools |
| 4.2 Gather Information of a Target Website using Photon | 5. Perform DNS Footprinting |
| 4.3 Gather information about a target website using Central Ops | 5.1 Gather DNS Information using nslookup Command Line Utility and Online Tool |
| 4.4 Extract a Company's Data using Web Data Extractor | 5.2 Gather Information of Subdomain and DNS Records using SecurityTrails (Self-study) |
| 4.5 Mirror a Target Website using HTTrack Web Site Copier | 5.3 Perform Reverse DNS Lookup using Reverse IP Domain Check and DNSRecon (Self-study) |
| 4.6 Gather Information About a Target Website using GRecon | 6. Perform Network Footprinting |
| 4.7 Gather a Wordlist from the Target Website using CeWL | 6.1 Locate the Network Range (Self-study) |
| 5. Perform Email Footprinting | 6.2 Perform Network Tracerouting in Windows and Linux Machines |
| 5.6 Gather Information About a Target by Tracing Emails using eMailTrackerPro | 7. Perform Email Footprinting |
| 6. Perform Whois Footprinting | 7.1 Gather Information About a Target by Tracing Emails using eMailTrackerPro |
| 6.3 Perform Whois Lookup using DomainTools | 7.2 Gather information About a Target Email using Holehe (Self-study) |
| 7. Perform DNS Footprinting | 8. Perform Footprinting using Various Footprinting Tools |
| 7.3 Gather DNS Information using nslookup Command Line Utility and Online Tool | 8.1 Footprinting a Target using Recon-ng |
| 7.4 Perform Reverse DNS Lookup using Reverse IP Domain Check and DNSRecon | 8.2 Footprinting a Target using Maltego (Self-study) |
| 7.5 Gather Information of Subdomain and DNS Records using SecurityTrails | 8.3 Footprinting a Target using FOCA (Self-study) |
| 8. Perform Network Footprinting | 8.4 Footprinting a Target using OSINT Framework (Self-study) |
| 8.1 Locate the Network Range | 8.5 Footprinting a Target using OSINT.SH (Self-study) |
| 8.2 Perform Network Tracerouting in Windows and Linux Machines | 8.6 Footprinting a Target using Web Check (Self-study) |
| 8.3 Perform Advanced Network Route Tracing using Path Analyzer Pro | 9. Perform Footprinting using AI |
| 9. Perform Footprinting using Various Footprinting Tools | 9.1 Footprinting a Target using Shellgpt |
| 9.2 Footprinting a Target using Recon-ng | |
| 9.3 Footprinting a Target using Maltego | |
| 9.4 Footprinting a Target using OSRFramework |
| CEHv12 | CEHv13 |
|---|---|
| 9.5 Footprinting a Target using FOCA | |
| 9.6 Footprinting a Target using BillCipher | |
| 9.7 Footprinting a Target using OSINT Framework | |
| Module 03: Scanning Networks | Module 03: Scanning Networks |
| 1. Perform Host Discovery | 1. Perform Host Discovery |
| 1.1 Perform Host Discovery using Nmap | 1.1 Perform Host Discovery using Nmap |
| 1.2 Perform Host Discovery using Angry IP Scanner | 1.2 Perform Host Discovery using Angry IP Scanner (Self-study) |
| 2. Perform Port and Service Discovery | 2. Perform Port and Service Discovery |
| 2.1 Perform Port and Service Discovery using MegaPing | 2.1 Perform Port and Service Discovery using MegaPing (Self-study) |
| 2.2 Perform Port and Service Discovery using NetScanTools Pro | 2.2 Perform Port and Service Discovery using NetScanTools Pro (Self-study) |
| 2.3 Perform Port Scanning using sx Tool | 2.3 Perform Port Scanning using sx Tool (Self-study) |
| 2.4 Explore Various Network Scanning Techniques using Nmap | 2.4 Explore Various Network Scanning Techniques using Nmap |
| 2.5 Explore Various Network Scanning Techniques using Hping3 | 2.5 Explore Various Network Scanning Techniques using Hping3 (Self-study) |
| 3. Perform OS Discovery | 2.6 Scan a Target Network using Rustscan (Self-study) |
| 3.1 Identify the Target System's OS with Time-to-Live (TTL) and TCP Window Sizes using Wireshark | 3. Perform OS Discovery |
| 3.2 Perform OS Discovery using Nmap Script Engine (NSE) | 3.1 Identify the Target System's OS with Time-to-Live (TTL) and TCP Window Sizes using Wireshark (Self-study) |
| 3.3 Perform OS Discovery using Unicornscan | 3.2 Perform OS Discovery using Nmap Script Engine (NSE) |
| 4. Scan beyond IDS and Firewall | 4. Scan beyond IDS and Firewall |
| 4.1 Scan beyond IDS/Firewall using various Evasion Techniques | 4.1 Scan beyond IDS/Firewall using various Evasion Techniques |
| 4.2 Create Custom Packets using Colasoft Packet Builder to Scan beyond IDS/Firewall | 4.2 Create Custom Packets using Colasoft Packet Builder to Scan beyond the IDS/Firewall (Self-study) |
| 4.3 Create Custom UDP and TCP Packets using Hping3 to Scan beyond IDS/Firewall | 4.3 Create Custom UDP and TCP Packets using Hping3 to Scan beyond the IDS/Firewall (Self-study) |
| 4.4 Browse Anonymously using Proxy Switcher | 5. Perform Network Scanning using Various Scanning Tools |
| 4.5 Browse Anonymously using CyberGhost VPN | 5.1 Scan a Target Network using Metasploit |
| 5. Perform Network Scanning using Various Scanning Tools | 6. Perform Network Scanning using AI |
| 5.1 Scan a Target Network using Metasploit | 6.1 Scan a Target using ShellGPT |
| CEHv12 | CEHv13 |
|---|---|
| Module 04: Enumeration | Module 04: Enumeration |
| 1. Perform NetBIOS Enumeration | 1. Perform NetBIOS Enumeration |
| 1.1 Perform NetBIOS Enumeration using Windows Command-Line Utilities | 1.1 Perform NetBIOS Enumeration using Windows Command-Line Utilities |
| 1.2 Perform NetBIOS Enumeration using NetBIOS Enumerator | 1.2 Perform NetBIOS Enumeration using NetBIOS Enumerator (Self-study) |
| 1.3 Perform NetBIOS Enumeration using an NSE Script | 1.3 Perform NetBIOS Enumeration using an NSE Script (Self-study) |
| 2. Perform SNMP Enumeration | 2. Perform SNMP Enumeration |
| 2.1 Perform SNMP Enumeration using snmp-check | 2.1 Perform SNMP Enumeration using snmp-check (Self-study) |
| 2.2 Perform SNMP Enumeration using SoftPerfect Network Scanner | 2.2 Perform SNMP Enumeration using SoftPerfect Network Scanner (Self-study) |
| 2.3 Perform SNMP Enumeration using SnmpWalk | 2.3 Perform SNMP Enumeration using SnmpWalk |
| 2.4 Perform SNMP Enumeration using Nmap | 2.4 Perform SNMP Enumeration using Nmap (Self-study) |
| 3. Perform LDAP Enumeration | 3. Perform LDAP Enumeration |
| 3.1 Perform LDAP Enumeration using Active Directory Explorer (AD Explorer) | 3.1 Perform LDAP Enumeration using Active Directory Explorer (AD Explorer) |
| 3.2 Perform LDAP Enumeration using Python and Nmap | 3.2 Perform LDAP Enumeration using Python and Nmap (Self-study) |
| 3.3 Perform LDAP Enumeration using ldapsearch | 4. Perform NFS Enumeration |
| 4. Perform NFS Enumeration | 4.1 Perform NFS Enumeration using RPCScan and SuperEnum |
| 4.1 Perform NFS Enumeration using RPCScan and SuperEnum | 5. Perform DNS Enumeration |
| 5. Perform DNS Enumeration | 5.1 Perform DNS Enumeration using Zone Transfer |
| 5.1 Perform DNS Enumeration using Zone Transfer | 5.2 Perform DNS Enumeration using DNSSEC Zone Walking (Self-study) |
| 5.2 Perform DNS Enumeration using DNSSEC Zone Walking | 5.3 Perform DNS Enumeration using Nmap (Self-study) |
| 5.3 Perform DNS Enumeration using Nmap | 6. Perform SMTP Enumeration |
| 6. Perform SMTP Enumeration | 6.1 Perform SMTP Enumeration using Nmap |
| 6.1 Perform SMTP Enumeration using Nmap | 7. Perform RPC, SMB, and FTP Enumeration |
| 7. Perform RPC, SMB, and FTP Enumeration | 7.1 Perform SMB and RPC Enumeration using NetScanTools Pro (Self-study) |
| 7.1 Perform RPC and SMB Enumeration using NetScanTools Pro | 7.2 Perform SMB Enumeration using SMBeagle (Self-study) |
| 7.2 Perform RPC, SMB, and FTP Enumeration using Nmap | 7.3 Perform RPC, SMB, and FTP Enumeration using Nmap (Self-study) |
| 8. Perform Enumeration using Various Enumeration Tools | 8. Perform Enumeration using Various Enumeration Tools |
| 8.1 Enumerate Information using Global Network Inventory | 8.1 Enumerate Information using Global Network Inventory |
| 8.2 Enumerate Network Resources using Advanced IP Scanner | 8.2 Enumerate Information from Windows and Samba Hosts using Enum4linux (Self-study) |
| 8.3 Enumerate Information from Windows and Samba Hosts using Enum4linux | 9. Perform Enumeration using AI |
| 9.1 Perform Enumeration using ShellGPT |
| CEHv12 | CEHv13 |
|---|---|
| Module 05: Vulnerability Analysis | Module 05: Vulnerability Analysis |
| 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases | 1. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases |
| 1.1 Perform Vulnerability Research in Common Weakness Enumeration (CWE) | 1.1 Perform Vulnerability Research in Common Weakness Enumeration (CWE) |
| 1.2 Perform Vulnerability Research in Common Vulnerabilities and Exposures (CVE) | 1.2 Perform Vulnerability Research in Common Vulnerabilities and Exposures (CVE) (Self-study) |
| 1.3 Perform Vulnerability Research in National Vulnerability Database (NVD) | 1.3 Perform Vulnerability Research in National Vulnerability Database (NVD) (Self-study) |
| 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools | 1.4 Perform Vulnerability Research using Searchsploit (Self-study) |
| 2.1 Perform Vulnerability Analysis using OpenVAS | 1.5 Perform Vulnerability Research using Vuldb (Self-study) |
| 2.2 Perform Vulnerability Scanning using Nessus | 2. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools |
| 2.3 Perform Vulnerability Scanning using GFI LanGuard | 2.1 Perform Vulnerability Analysis using OpenVAS |
| 2.4 Perform Web Servers and Applications Vulnerability Scanning using CGI Scanner Nikto | 2.2 Perform Vulnerability Scanning using Sniper (Self-study) |
| 3. Perform Vulnerability Analysis using AI | |
| 3.1 Perform Vulnerability Analysis using ShellGPT | |
| Module 06: System Hacking | Module 06: System Hacking |
| 1. Gain Access to the System | 1. Gain Access to the System |
| 1.1 Perform Active Online Attack to Crack the System's Password using Responder | 1.1 Perform Active Online Attack to Crack the System's Password using Responder |
| 1.2 Audit System Passwords using L0phtCrack | 1.2 Perform Active Online Attack to Crack the System's Password using NTLM Theft (Self-study) |
| 1.3 Find Vulnerabilities on Exploit Sites | 1.3 Audit System Passwords using L0phtCrack (Self-study) |
| 1.4 Exploit Client-Side Vulnerabilities and Establish a VNC Session | 1.4 Find Vulnerabilities on Exploit Sites (Self-study) |
| 1.5 Gain Access to a Remote System using Armitage | 1.5 Exploit Client-Side Vulnerabilities and Establish a VNC Session (Self-study) |
| 1.6 Gain Access to a Remote System using Ninja Jonin | 1.6 Gain Access to a Remote System using Reverse Shell Generator |
| 1.7 Perform Buffer Overflow Attack to Gain Access to a Remote System | 1.7 Gain Access to a Remote System using Image File Dropper (Self-study) |
| 2. Perform Privilege Escalation to Gain Higher Privileges | 1.8 Perform Buffer Overflow Attack to Gain Access to a Remote System |
| 2.1 Escalate Privileges using Privilege Escalation Tools and Exploit Client-Side Vulnerabilities | 2. Perform Privilege Escalation to Gain Higher Privileges |
| 2.2 Hack a Windows Machine using Metasploit and Perform Post-Exploitation using Meterpreter | 2.1 Escalate Privileges using Privilege Escalation Tools and Exploit Client-Side Vulnerabilities (Self-study) |
| 2.3 Escalate Privileges by Exploiting Vulnerability in pkexec | 2.2 Hack a Windows Machine using Metasploit and Perform Post-Exploitation using Meterpreter (Self-study) |
| 2.4 Escalate Privileges in Linux Machine by Exploiting Misconfigured NFS | 2.3 Escalate Privileges by Bypassing UAC and Exploiting Sticky Keys |
| 2.5 Escalate Privileges by Bypassing UAC and Exploiting Sticky Keys | 2.4 Perform SSH-bruteforce Attack and Escalate Privileges by Exploiting Client-Side Vulnerabilities (Self-study) |
| 2.6 Escalate Privileges to Gather Hashdump using Mimikatz | 2.5 Escalate Privileges to Gather Hashdump using Mimikatz (Self-study) |
| CEHv12 | CEHv13 |
|---|---|
| 3. Maintain Remote Access and Hide Malicious Activities | 3. Maintain Remote Access and Hide Malicious Activities |
| 3.1 User System Monitoring and Surveillance using Power Spy | 3.1 User System Monitoring and Surveillance using Spyrix |
| 3.2 User System Monitoring and Surveillance using Spytech SpyAgent | 3.2 Hide Files using NTFS Streams (Self-study) |
| 3.3 Hide Files using NTFS Streams | 3.3 Image Steganography using OpenStego and StegOnline (Self-study) |
| 3.4 Hide Data using White Space Steganography | 3.4 Maintain Persistence by Abusing Boot or Logon Autostart Execution (Self-study) |
| 3.5 Image Steganography using OpenStego and StegOnline | 3.5 Maintain Persistence by Modifying Registry Run Keys |
| 3.6 Maintain Persistence by Abusing Boot or Logon Autostart Execution | 3.6 Gain Access using Havoc and Maintain Persistence using SharPersist (Self-study) |
| 3.7 Maintain Domain Persistence by Exploiting Active Directory Objects | 3.7 Maintain Domain Persistence by Exploiting Active Directory Objects (Self-study) |
| 3.8 Privilege Escalation and Maintain Persistence using WMI | 3.8 Privilege Escalation and Maintain Persistence using WMI (Self-study) |
| 3.9 Covert Channels using Covert_TCP | 4. Clear Logs to Hide the Evidence of Compromise |
| 4. Clear Logs to Hide the Evidence of Compromise | 4.1 View, Enable, and Clear Audit Policies using Auditpol (Self-study) |
| 4.1 View, Enable, and Clear Audit Policies using Auditpol | 4.2 Clear Windows Machine Logs using Various Utilities |
| 4.2 Clear Windows Machine Logs using Various Utilities | 4.3 Clear Linux Machine Logs using the BASH Shell |
| 4.3 Clear Linux Machine Logs using the BASH Shell | 4.4 Hiding Artifacts in Windows and Linux Machines (Self-study) |
| 4.4 Hiding Artifacts in Windows and Linux Machines | 5. Perform Various Attacks on AD Range |
| 4.5 Clear Windows Machine Logs using CCleaner | 5.1 Perform AD Attacks using various tools |
| 6. System Hacking using AI | |
| 6.1 Perform System Hacking using ShellGPT | |
| Module 07: Malware Threats | Module 07: Malware Threats |
| 1. Gain Access to the Target System using Trojans | 1. Gain Access to the Target System using Trojans |
| 1.1 Gain Control over a Victim Machine using the njRAT RAT Trojan | 1.1 Gain Control over a Victim Machine using the njRAT RAT Trojan |
| 1.2 Hide a Trojan using SwayzCryptor and Make it Undetectable to Various Anti-Virus Programs | 1.2 Hide a Trojan using SwayzCryptor and Make it Undetectable to Various Anti-Virus Programs (Self-study) |
| 1.3 Create a Trojan Server using Theef RAT Trojan | 1.3 Create a Trojan Server using Theef RAT Trojan (Self-study) |
| 2. Infect the Target System using a Virus | 2. Infect the Target System using Malware |
| 2.1 Create a Virus using the JPS Virus Maker Tool and Infect the Target System | 2.1 Create a Virus using the JPS Virus Maker Tool and Infect the Target System |
| 2.2 Create a Ransomware using Chaos Ransomware Builder and Infect the Target System (Self-study) | |
| 3. Perform Static Malware Analysis | 3. Perform Static Malware Analysis |
| 3.1 Perform Malware Scanning using Hybrid Analysis | 3.1 Perform Malware Scanning using Hybrid Analysis |
| 3.2 Perform a Strings Search using BinText | 3.2 Perform a Strings Search using BinText (Self-study) |
| 3.3 Identify Packaging and Obfuscation Methods using PEid | 3.3 Identify Packaging and Obfuscation Methods using PEid (Self-study) |
| CEHv12 | CEHv13 |
|---|---|
| 3.4 Analyze ELF Executable File using Detect It Easy (DIE) | 3.4 Analyze ELF Executable File using Detect It Easy (DIE) |
| 3.5 Find the Portable Executable (PE) Information of a Malware Executable File using PE Explorer | 3.5 Find the Portable Executable (PE) Information of a Malware Executable File using PE Explorer (Self-study) |
| 3.6 Identify File Dependencies using Dependency Walker | 3.6 Extract and Analyze PE Headers using Pestudio (Self-study) |
| 3.7 Perform Malware Disassembly using IDA and OllyDbg | 3.7 Perform Malware Disassembly using IDA and OllyDbg |
| 3.8 Perform Malware Disassembly using Ghidra | 3.8 Analyze Executable Files using capa (Self-study) |
| 4. Perform Dynamic Malware Analysis | 3.9 Perform Malware Disassembly using Ghidra (Self-study) |
| 4.1 Perform Port Monitoring using TCPView and CurrPorts | 4. Perform Dynamic Malware Analysis |
| 4.2 Perform Process Monitoring using Process Monitor | 4.1 Perform Port Monitoring using TCPView and CurrPorts |
| 4.3 Perform Registry Monitoring using Reg Organizer | 4.2 Perform Process Monitoring using Process Monitor |
| 4.4 Perform Windows Services Monitoring using Windows Service Manager (SrvMan) | 4.3 Perform Registry Monitoring using Reg Organizer (Self-study) |
| 4.5 Perform Startup Programs Monitoring using Autoruns for Windows and WinPatrol | 4.4 Perform Startup Program Monitoring using Autoruns for Windows and WinPatrol (Self-study) |
| 4.6 Perform Installation Monitoring using Mirekusoft Install Monitor | 4.5 Perform Files and Folder Monitoring using PA File Sight (Self-study) |
| 4.7 Perform Files and Folder Monitoring using PA File Sight | 4.6 Perform Device Driver Monitoring using DriverView and Driver Reviver (Self-study) |
| 4.8 Perform Device Driver Monitoring using DriverView and Driver Reviver | 4.7 Perform DNS Monitoring using DNSQuerySniffer (Self-study) |
| 4.9 Perform DNS Monitoring using DNSQuerySniffer | |
| Module 08: Sniffing | Module 08: Sniffing |
| 1. Perform Active Sniffing | 1. Perform Active Sniffing |
| 1.1 Perform MAC Flooding using macof | 1.1 Perform MAC Flooding using macof |
| 1.2 Perform a DHCP Starvation Attack using Yersinia | 1.2 Perform a DHCP Starvation Attack using Yersinia |
| 1.3 Perform ARP Poisoning using arpspoof | 1.3 Perform ARP Poisoning using arpspoof (Self-study) |
| 1.4 Perform an Man-in-the-Middle (MITM) Attack using Cain & Abel | 1.4 Perform an Man-in-the-Middle (MITM) Attack using Cain & Abel (Self-study) |
| 1.5 Spoof a MAC Address using TMAC and SMAC | 1.5 Spoof a MAC Address using TMAC and SMAC (Self-study) |
| 1.6 Spoof a MAC Address of Linux Machine using macchanger | 1.6 Spoof a MAC Address of Linux Machine using macchanger (Self-study) |
| 2. Perform Network Sniffing using Various Sniffing Tools | 2. Perform Network Sniffing using Various Sniffing Tools |
| 2.1 Perform Password Sniffing using Wireshark | 2.1 Perform Password Sniffing using Wireshark |
| 2.2 Analyze a Network using the Omnipeek Network Protocol Analyzer | 2.2 Analyze a Network using the Omnipeek Network Protocol Analyzer (Self-study) |
| 2.3 Analyze a Network using the SteelCentral Packet Analyzer | 3. Detect Network Sniffing |
| 3. Detect Network Sniffing | 3.1 Detect ARP Poisoning and Promiscuous Mode in a Switch-Based Network |
| 3.1 Detect ARP Poisoning and Promiscuous Mode in a Switch-Based Network | 3.2 Detect ARP Poisoning using the Capsa Network Analyzer (Self-study) |
| 3.2 Detect ARP Poisoning using the Capsa Network Analyzer |
| CEHv12 | CEHv13 |
|---|---|
| Module 09: Social Engineering | Module 09: Social Engineering |
| 1. Perform Social Engineering using Various Techniques | 1. Perform Social Engineering using Various Techniques |
| 1.1 Sniff Credentials using the Social-Engineer Toolkit (SET) | 1.1 Sniff Credentials using the Social-Engineer Toolkit (SET) |
| 2. Detect a Phishing Attack | 1.2 Sniff Credentials using Dark-Phish (Self-study) |
| 2.1 Detect Phishing using Netcraft | 2. Detect a Phishing Attack |
| 2.2 Detect Phishing using PhishTank | 2.1 Detect Phishing using Netcraft |
| 3. Audit Organization's Security for Phishing Attacks | 2.2 Detect Phishing using PhishTank (Self-study) |
| 3.1 Audit Organization's Security for Phishing Attacks using OhPhish | 3. Social Engineering using AI |
| 3.1 Craft Phishing Emails with ChatGPT | |
| Module 10: Denial-of-Service | Module 10: Denial-of-Service |
| 1. Perform DoS and DDoS Attacks using Various Techniques | 1. Perform DoS and DDoS Attacks using Various Techniques |
| 1.1 Perform a DoS Attack (SYN Flooding) on a Target Host using Metasploit | 1.1 Perform a DoS Attack (SYN Flooding) on a Target Host using Metasploit (Self-study) |
| 1.2 Perform a DoS Attack on a Target Host using hping3 | 1.2 Perform a DoS Attack on a Target Host using hping3 (Self-study) |
| 1.3 Perform a DoS Attack using Raven-storm | 1.3 Perform a DDoS Attack using HOIC (Self-study) |
| 1.4 Perform a DDoS Attack using HOIC | 1.4 Perform a DDoS Attack using LOIC (Self-study) |
| 1.5 Perform a DDoS Attack using LOIC | 1.5 Perform a DDoS Attack using PyDDos and PyFloodder (Self-study) |
| 2. Detect and Protect Against DoS and DDoS Attacks | 1.6 Perform a DDoS attack using ISB and UltraDDOS-v2 tools |
| 2.1 Detect and Protect against DDoS Attack using Anti DDoS Guardian | 1.7 Perform a DDoS Attack using Botnet |
| 2. Detect and Protect Against DoS and DDoS Attacks | |
| 2.1 Detect and Protect against DDoS Attacks using Anti DDoS Guardian | |
| Module 11: Session Hijacking | Module 11: Session Hijacking |
| 1. Perform Session Hijacking | 1. Perform Session Hijacking |
| 1.1 Hijack a Session using Zed Attack Proxy (ZAP) | 1.1 Hijack a Session using Caido |
| 1.2 Intercept HTTP Traffic using bettercap | 1.2 Intercept HTTP Traffic using bettercap (Self-study) |
| 1.3 Intercept HTTP Traffic using Hetty | 1.3 Intercept HTTP Traffic using Hetty |
| 2. Detect Session Hijacking | 2. Detect Session Hijacking |
| 2.1 Detect Session Hijacking using Wireshark | 2.1 Detect Session Hijacking using Wireshark |
| CEHv12 | CEHv13 |
|---|---|
| Module 12: Evading IDS, Firewalls, and Honeypots | Module 12: Evading IDS, Firewalls, and Honeypots |
| 1. Perform Intrusion Detection using Various Tools | 1. Perform Intrusion Detection using Various Tools |
| 1.1 Detect Intrusions using Snort | 1.1 Detect Intrusions using Snort |
| 1.2 Detect Malicious Network Traffic using ZoneAlarm FREE FIREWALL | 1.2 Detect Malicious Network Traffic using ZoneAlarm FREE FIREWALL (Self-study) |
| 1.3 Detect Malicious Network Traffic using HoneyBOT | 1.3 Detect Malicious Network Traffic using HoneyBOT (Self-study) |
| 2. Evade Firewalls using Various Evasion Techniques | 1.4 Deploy Cowrie Honeypot to Detect Malicious Network Traffic |
| 2.1 Bypass Windows Firewall using Nmap Evasion Techniques | 2. Evade IDS/Firewalls using Various Evasion Techniques |
| 2.2 Bypass Firewall Rules using HTTP/FTP Tunneling | 2.1 Bypass Firewall Rules using HTTP/FTP Tunneling (Self-study) |
| 2.3 Bypass Antivirus using Metasploit Templates | 2.2 Bypass Antivirus using Metasploit Templates (Self-study) |
| 2.3 Evade Firewall through Windows BITSAdmin | |
| Module 13: Hacking Web Servers | Module 13: Hacking Web Servers |
| 1. Footprint the Web Server | 1. Footprint the Web Server |
| 1.1 Information Gathering using Ghost Eye | 1.1 Information Gathering using Ghost Eye (Self-study) |
| 1.2 Perform Web Server Reconnaissance using Skipfish | 1.2 Perform Web Server Reconnaissance using Skipfish (Self-study) |
| 1.3 Footprint a Web Server using the httprecon Tool | 1.3 Footprint a Web Server using Netcat and Telnet |
| 1.4 Footprint a Web Server using ID Serve | 1.4 Enumerate Web Server Information using Nmap Scripting Engine (NSE) |
| 1.5 Footprint a Web Server using Netcat and Telnet | 1.5 Uniscan Web Server Fingerprinting in Parrot Security (Self-study) |
| 1.6 Enumerate Web Server Information using Nmap Scripting Engine (NSE) | 2. Perform a Web Server Attack |
| 1.7 Uniscan Web Server Fingerprinting in Parrot Security | 2.1 Crack FTP Credentials using a Dictionary Attack |
| 2. Perform a Web Server Attack | 2.2 Exploit the MSSQL Service using xp_cmdshell Function (Self-study) |
| 2.1 Crack FTP Credentials using a Dictionary Attack | 2.3 Gain Access to Target Web Server by Exploiting Log4j Vulnerability |
| 3. Perform a Web Server Hacking using AI | |
| 3.1 Perform webserver footprinting and attacks using ShellGPT |
| CEHv12 | CEHv13 |
|---|---|
| Module 14: Hacking Web Applications | Module 14: Hacking Web Applications |
| 1. Footprint the Web Infrastructure | 1. Footprint the Web Infrastructure |
| 1.1 Perform Web Application Reconnaissance using Nmap and Telnet | 1.1 Perform Web Application Reconnaissance using Nmap and Telnet |
| 1.2 Perform Web Application Reconnaissance using WhatWeb | 1.2 Perform Web Application Reconnaissance using WhatWeb (Self-study) |
| 1.3 Perform Web Spidering using OWASP ZAP | 1.3 Perform Web Spidering using OWASP ZAP |
| 1.4 Detect Load Balancers using Various Tools | 1.4 Detect Load Balancers using Various Tools (Self-study) |
| 1.5 Identify Web Server Directories using Various Tools | 1.5 Identify Web Server Directories using Various Tools (Self-study) |
| 1.6 Perform Web Application Vulnerability Scanning using Vega | 1.6 Perform Web Application Vulnerability Scanning using SmartScanner |
| 1.7 Identify Clickjacking Vulnerability using ClickjackPoc | 1.7 Identify Clickjacking Vulnerability using ClickjackPoc (Self-study) |
| 2. Perform Web Application Attacks | 2. Perform Web Application Attacks |
| 2.1 Perform a Brute-force Attack using Burp Suite | 2.1 Perform a Brute-force Attack using Burp Suite |
| 2.2 Perform Parameter Tampering using Burp Suite | 2.2 Perform Parameter Tampering using Burp Suite (Self-study) |
| 2.3 Identifying XSS Vulnerabilities in Web Applications using PwnXSS | 2.3 Identify XSS Vulnerabilities in Web Applications using PwnXSS (Self-study) |
| 2.4 Exploit Parameter Tampering and XSS Vulnerabilities in Web Applications | 2.4 Exploit Parameter Tampering and XSS Vulnerabilities in Web Applications (Self-study) |
| 2.5 Perform Cross-Site Request Forgery (CSRF) Attack | 2.5 Perform Cross-site Request Forgery (CSRF) Attack (Self-study) |
| 2.6 Enumerate and Hack a Web Application using WPScan and Metasploit | 2.6 Perform Remote Code Execution (RCE) Attack |
| 2.7 Exploit a Remote Command Execution Vulnerability to Compromise a Target Web Server | 2.7 Enumerate and Hack a Web Application using WPScan and Metasploit (Self-study) |
| 2.8 Exploit a File Upload Vulnerability at Different Security Levels | 2.8 Exploit a Remote Command Execution Vulnerability to Compromise a Target Web Server (Self-study) |
| 2.9 Gain Access by exploiting Log4j Vulnerability | 2.9 Exploit a File Upload Vulnerability at Different Security Levels (Self-study) |
| 3. Detect Web Application Vulnerabilities using Various Web Application Security Tools | 2.10 Perform JWT Token Attack (Self-study) |
| 3.1 Detect Web Application Vulnerabilities using N-Stalker Web Application Security Scanner | 3. Detect Web Application Vulnerabilities using Various Web Application Security Tools |
| 3.1 Detect Web Application Vulnerabilities using Wapiti Web Application Security Scanner | |
| 4. Perform Web Application Hacking using AI | |
| 4.1 Perform Web Application Hacking using ShellGPT |
| CEHv12 | CEHv13 |
|---|---|
| Module 15: SQL Injection | Module 15: SQL Injection |
| 1. Perform SQL Injection Attacks | 1. Perform SQL Injection Attacks |
| 1.1 Perform an SQL Injection Attack on an MSSQL Database | 1.1 Perform an SQL Injection Attack on an MSSQL Database (Self-study) |
| 1.2 Perform an SQL Injection Attack Against MSSQL to Extract Databases using sqlmap | 1.2 Perform an SQL Injection Attack Against MSSQL to Extract Databases using sqlmap |
| 2. Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools | 1.3 Perform an SQL Injection to Launch File Inclusion Attack on bWAPP (Self-study) |
| 2.1 Detect SQL Injection Vulnerabilities using DSSS | 2. Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools |
| 2.2 Detect SQL Injection Vulnerabilities using OWASP ZAP | 2.1 Detect SQL Injection Vulnerabilities using OWASP ZAP |
| 2.2 Detect SQL Injection Vulnerabilities using Ghauri (Self-study) | |
| 3. Perform SQL Injection using AI | |
| 3.1 Perform SQL Injection using ShellGPT | |
| Module 16: Hacking Wireless Networks | Module 16: Hacking Wireless Networks |
| 1. Footprint a Wireless Network | 1. Footprint a Wireless Network |
| 1.1 Find Wi-Fi Networks in Range using NetSurveyor | 1.1 Find Wi-Fi Networks in Range using Sparrow-wifi (Self-study) |
| 2. Perform Wireless Traffic Analysis | 2. Perform Wireless Traffic Analysis |
| 2.1 Find Wi-Fi Networks and Sniff Wi-Fi Packets using Wash and Wireshark | 2.1 Find Wi-Fi Networks and Sniff Wi-Fi Packets using Wash and Wireshark |
| 3. Perform Wireless Attacks | 3. Perform Wireless Attacks |
| 3.1 Find Hidden SSIDs using Aircrack-ng | 3.1 Find Hidden SSID using MDK (Self-study) |
| 3.2 Crack a WEP Network using Wifiphisher | 3.2 Crack a WPA2 Network using Aircrack-ng |
| 3.3 Crack a WEP Network using Aircrack-ng | 3.3 Create a Rogue Access Point to Capture Data Packets (Self-study) |
| 3.4 Crack a WPA Network using Fern Wifi Cracker | |
| 3.5 Crack a WPA2 Network using Aircrack-ng | |
| 3.6 Create a Rogue Access Point to Capture Data Packets |
| CEHv12 | CEHv13 |
|---|---|
| Module 17: Hacking Mobile Platforms | Module 17: Hacking Mobile Platforms |
| 1. Hack Android Devices | 1. Hack Android Devices |
| 1.1 Hack an Android Device by Creating Binary Payloads using Parrot Security | 1.1 Hack an Android Device by Creating Binary Payloads using Parrot Security (Self-study) |
| 1.2 Harvest Users' Credentials using the Social-Engineer Toolkit | 1.2 Harvest Users' Credentials using the Social-Engineer Toolkit (Self-study) |
| 1.3 Launch a DoS Attack on a Target Machine using Low Orbit Ion Cannon (LOIC) on the Android Mobile Platform | 1.3 Launch a DoS Attack on a Target Machine using Low Orbit Ion Cannon (LOIC) on the Android Mobile Platform (Self-study) |
| 1.4 Exploit the Android Platform through ADB using PhoneSploit | 1.4 Exploit the Android Platform through ADB using PhoneSploit-Pro |
| 1.5 Hack an Android Device by Creating APK File using AndroRAT | 1.5 Hack an Android Device by Creating APK File using AndroRAT |
| 2. Secure Android Devices using Various Android Security Tools | 2. Secure Android Devices using Various Android Security Tools |
| 2.1 Analyze a Malicious App using Online Android Analyzers | 2.1 Secure Android Devices from Malicious Apps using AVG |
| 2.2 Secure Android Devices from Malicious Apps using Malwarebytes Security | |
| Module 18: IoT and OT Hacking | Module 18: IoT and OT Hacking |
| 1. Perform Footprinting using Various Footprinting Techniques | 1. Perform Footprinting using Various Footprinting Techniques |
| 1.1 Gather Information using Online Footprinting Tools | 1.1 Gather Information using Online Footprinting Tools |
| 2. Capture and Analyze IoT Device Traffic | 2. Capture and Analyze IoT Device Traffic |
| 2.1 Capture and Analyze IoT Traffic using Wireshark | 2.1 Capture and Analyze IoT Traffic using Wireshark |
| 3. Perform IoT Attacks | |
| 3.1 Hacking into VoIP based device (Self-study) | |
| 3.2 Perform Replay Attack on CAN Protocol |
| CEHv12 | CEHv13 |
|---|---|
| Module 19: Cloud Computing | Module 19: Cloud Computing |
| 1. Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools | 1. Perform Reconnaissance |
| 1.1 Enumerate S3 Buckets using lazys3 | 1.1 Azure Reconnaissance with AADInternals |
| 1.2 Enumerate S3 Buckets using S3Scanner | 2. Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools |
| 1.3 Enumerate S3 Buckets using Firefox Extension | 2.1 Enumerate S3 Buckets using lazys3 (Self-study) |
| 2. Exploit S3 Buckets | 2.2 Enumerate S3 Buckets using Grayhatwarfare (Self-study) |
| 2.1 Exploit Open S3 Buckets using AWS CLI | 2.3 Enumerate S3 Buckets using Cloudbrute (Self-study) |
| 3. Perform Privilege Escalation to Gain Higher Privileges | 3. Exploit S3 Buckets |
| 3.1 Escalate IAM User Privileges by Exploiting Misconfigured User Policy | 3.1 Exploit Open S3 Buckets using AWS CLI |
| 3.2 Exploit Open S3 Buckets using Bucket Flaws (Self-study) | |
| 4. Perform Privilege Escalation to Gain Higher Privileges | |
| 4.1 Enumeration for Privilege Escalation using Cloudfox (Self-study) | |
| 4.2 Escalate IAM User Privileges by Exploiting Misconfigured User Policy | |
| 5. Perform vulnerability assessment on docker images | |
| 5.1 Vulnerability Assessment on Docker Images using Trivy | |
| Module 20: Cryptography | Module 20: Cryptography |
| 1. Encrypt the Information using Various Cryptography Tools | 1. Encrypt the Information using Various Cryptography Tools |
| 1.1 Calculate One-way Hashes using HashCalc | 1.1 Perform Multi-layer Hashing using CyberChef |
| 1.2 Calculate MD5 Hashes using MD5 Calculator | 1.2 Calculate MD5 Hashes using MD5 Calculator (Self-study) |
| 1.3 Calculate MD5 Hashes using HashMyFiles | 1.3 Calculate MD5 Hashes using HashMyFiles (Self-study) |
| 1.4 Perform File and Text Message Encryption using CryptoForge | 1.4 Perform File and Text Message Encryption using CryptoForge |
| 1.5 Perform File Encryption using Advanced Encryption Package | 1.5 Encrypt and Decrypt Data using BCTextEncoder (Self-study) |
| 1.6 Encrypt and Decrypt Data using BCTextEncoder | 2. Create a Self-Signed Certificate |
| 2. Create a Self-Signed Certificate | 2.1 Create and Use Self-signed Certificates |
| 2.1 Create and Use Self-signed Certificates | 3. Perform Email Encryption |
| 3. Perform Email Encryption | 3.1 Perform Email Encryption using RMail (Self-study) |
| 3.1 Perform Email Encryption using Rmail | 3.2 Perform Email Encryption using Mailvelope (Self-study) |
| CEHv12 | CEHv13 |
|---|---|
| 3.2 Signing/Encrypting Email Messages on Mac | 4. Perform Disk Encryption |
| 3.3 Encrypting/Decrypting Email Messages Using OpenPGP | 4.1 Perform Disk Encryption using VeraCrypt |
| 3.4 Email Encryption Tools | 4.2 Perform Disk Encryption using BitLocker Drive Encryption (Self-study) |
| 4. Perform Disk Encryption | 4.3 Perform Disk Encryption using Rohos Disk Encryption (Self-study) |
| 4.1 Perform Disk Encryption using VeraCrypt | 5. Perform Cryptanalysis using Various Cryptanalysis Tools |
| 4.2 Perform Disk Encryption using BitLocker Drive Encryption | 5.1 Perform Cryptanalysis using CrypTool (Self-study) |
| 4.3 Perform Disk Encryption using Rohos Disk Encryption | 6. Perform Cryptography using AI |
| 5. Perform Cryptanalysis using Various Cryptanalysis Tools | 6.1 Perform Cryptographic Techniques using ShellGPT |
| 5.1 Perform Cryptanalysis using CrypTool | |
| 5.2 Perform Cryptanalysis using AlphaPeeler |
CEH MASTER # CEH ACADEMY