Scribd
Upload
123 views29 pages

CEH V13

The document outlines a comprehensive curriculum for Ethical Hacking, covering various modules including information gathering, scanning networks, vulnerability analysis, and hacking methodologies. It lists numerous tools and techniques used in ethical hacking, along with countermeasures for different types of attacks. The curriculum also includes resources and links to official sites for further learning and tool access.

Uploaded by

kadali4816
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
123 views29 pages

CEH V13

The document outlines a comprehensive curriculum for Ethical Hacking, covering various modules including information gathering, scanning networks, vulnerability analysis, and hacking methodologies. It lists numerous tools and techniques used in ethical hacking, along with countermeasures for different types of attacks. The curriculum also includes resources and links to official sites for further learning and tool access.

Uploaded by

kadali4816
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 29

S.

NO
1
1.1
1.2
1.3
1.4
1.5
1.6
2
2.1
2.2
2.3
2.4
2.5
2.6
2.7
2.8
2.9
3
3.1
3.2
3.3
3.4
3.5
3.6
4
4.1
4.2
4.3
4.4
4.5
4.6
4.7
5
5.1
5.2
5.3
6
6.1
6.2
6.3
6.4
7
7.1
7.2
7.3
7.4
7.5
8
8.1
8.2
8.3
8.4
9
9.1
9.2
9.3
9.4
9.5
10
10.1
10.2
10.3
11
11.1
11.2
11.3
11.4
12
12.1
12.2
12.3
12.4
12.5
12.6
13
13.1
13.2
13.3
13.4
14
14.1
14.2
14.3
14.4
14.5
15
15.1
15.2
15.3
15.4
15.5
16
16.1
16.2
16.3
16.4
16.5
17
17.1
17.2
17.3
17.4
17.5
18
18.1
18.2
18.3
18.4
18.5
19
19.1
19.2
19.3
19.4
19.5
19.6
19.7
19.8
20
20.1
20.2
20.3
20.4
MODULES
Introduction to Ethical Hacking
Information Gathering Overview
Hacking Concepts and Hacker Classes
Ethical Hacking Concepts
Hacking Methodologies and Frameworks
Information Security Controls
Information Security Laws & Standards
Footprinting & Reconnaissance
Footprinting Concepts
Footprinting through Search Engines
Footprinting through Internet Research Services
FootPrinting through Social Networking Sites
Whois Footprinting
DNS Footprinting
Networking and Email Footprinting
Footprinting through Social Engineering
Footprinting Tasks using Advanced Tools & AI & Footprinting Countermeasures
Scanning Networks
Network Scanning Concepts
Host Discovery
Port and Service Discovery
OS Discovery
Scanning Beyond IDS & Firewalls
Network Scanning Countermeasures
Enumeration
Enumeration Concepts
NETBIOS Enumeration
SNMP and LDAP Enumeration
NTP and NFS Enumeration
SMTP and DNS Enumeration
Other Enumeration Techniques
Enumeration Countermeasures
Vulnerability Analysis
Vulnerability Assessment Concepts
Vulnerability Assessment Tools
Vulnerability Assessment Reports
System Hacking
Gaining Access
Escalating Privileges
Maintaining Access
Clearing Logs
Malware Threats
Malware and APT Concepts
Fileless Malware Concepts
AI - Based Malware Concepts
Malware Analysis
Malware Countermeasures
Sniffing
Sniffing Concepts
Sniffing Techniques
Sniffing Tools
Sniffing Countermeasures
Social Engineering
Social Engineering Concepts
Human-Based Social Engineering Techniques
Computer-Based Social Engineering Techniques
Mobile-Based Social Engineering Techniques
Social Engineering Countermeasures
Denial - of - Service
DoS/DDoS Concepts
DoS/DDoS Attack Techniques
DoS/DDoS Attack Countermeasures
Session -Hijacking
Session -Hijacking Concepts
Application - Level Session -Hijacking
Network-Level Session-Hijacking
Session -Hijacking Countermeasures
Evading IDS , Firewalls & Honeypots
IDS, IPS and Firewall Concepts
IDS, IPS and Firewall Solutions
Evading IDS /Firewalls
Evading NAC and Endpoint Security
Honeypot Concepts and Detecting Honeypots
IDS/Firewall Countermeasures
Hacking Web Servers
Web Servers Concepts
Web Servers Attacks
Web Servers Attack Methodology
Web Servers Attack Countermeasures
Hacking Web Applications
Web Applications Concepts
Web Applications Threats
Web Applications Hacking Methodology
Web API & Webhooks
Web Application Security
SQL Injection
SQL Injection Concepts
Types SQL Injection
SQL Injection Methodology
Evasion techniques
SQL Injection Countermeasures
Hacking Wireless Networks
Wireless Concepts
Wireless Encryption
Wireless Threats
Wireless Hacking Methodology
Wireless Attack Countermeasures
Hacking Mobile Platforms
Mobile Platform Attakc Vectors
Hacking Android OS
Hacking IOS
Mobile Device Management
Mobile Security Guidelines and Tools
IoT and OT Hacking
IoT Hacking Methodology
IoT Attack Countermeasures
OT Concepts and Attacks
OT Hacking Methodology
OT Attack Countermeasures
Cloud Computing
Cloud Computing Concepts
Cloud Computing threats
Cloud Hacking
AWS Hacking
Micorsoft Azure Hacking
Google Cloud Hacking
Container Hacking
Cloud Security
Cryptography
Cryptography Concepts and Encryption Algorithms
Applications of Cryptography
Cryptanaylsis Methods and Cryptogrraphy Attacks
Cryptography Attack Countermeasures
COMPLETED NOT COMPLETED Tools
Kali Linux, BackBox
Nmap,Maltego
Metasploit Framework
OWASP ZAP
ExploitDB
Lynis, DenyHosts
OpenSCAP

measures
CEH VERSION 13
Links
Official Site: https://www.kali.org/, Official Site: https://www.backbox.org/
https://github.com/nmap/nmap, https://github.com/paterva/maltego
https://github.com/rapid7/metasploit-framework
https://github.com/zaproxy/zaproxy
Official Site: https://www.exploit-db.com/
https://github.com/CISOfy/lynis, https://github.com/denyhosts/denyhosts
https://github.com/OpenSCAP/openscap, GitHub: https://github.com/cyberguideme/Tools
Other Tools
Zmap, Trivy, Tracee,Kube-bench, Kube-hunter, tfsec,OneFuzz, BloodHound, RITA ,. Infec
Ghidra
Semgrep
MISP Threat Sharing
Dshell
OpenEDR

Google Dorking, Shodan, Censys, theHarvester, Hunter.io, PublicWWW, FOCA, Wayback Ma

Nmap, Masscan, Angry IP Scanner, Netdiscover, Fping, Hping3, ARP-scan, Ping, ZMap, Uni

Nmap, enum4linux, enum4linux-ng, SMBMap, nbtscan, Metasploit, SNMPWalk, SNMPCheck

Nmap, Nessus, OpenVAS, Nikto, Burp Suite, ZAP (Zed Attack Proxy), Metasploit, Nexpose,

Metasploit, Mimikatz, Empire, CrackMapExec, Hydra, John the Ripper, Hashcat, Medusa, Pw

YARA, ClamAV, Cuckoo Sandbox, PEStudio, Ghidra, Radare2, REMnux, Volatility, Procmon,
Wireshark, Tcpdump, Ettercap, Tshark, MITMf, Bettercap, Dsniff, URLsnarf, Driftnet, ARPsp

Social-Engineer Toolkit (SET), Evilginx2, GoPhish, Zphisher, BlackEye, HiddenEye, King Phi

Hping3, LOIC, HOIC, Slowloris, R-U-Dead-Yet (RUDY), GoldenEye, Xerxes, Torshammer, Hul

Ettercap, Bettercap, Burp Suite, Wireshark, Tcpdump, MITMf, SSLStrip, Hamster & Ferret,

Nmap (IDS Evasion), Hping3, Scapy, Firewalk, Netcat, Socat, ProxyChains, Tor, Slowloris, M

Nmap, Nikto, Wapiti, OpenVAS, Metasploit, Burp Suite, OWASP ZAP, Dirb, Dirbuster, Gobu

Burp Suite, OWASP ZAP, Sqlmap, Commix, Xsser, Metasploit, Nmap, Nikto, Wapiti, Arachn

Sqlmap, NoSQLMap, BBQSQL, SQLNinja, jSQL Injection, Mole, Havij, Leviathan, Whitewidow

Aircrack-ng, Reaver, Bully, Wifite, Fern Wifi Cracker, Kismet, Wash, Hcxdumptool, Hcxpcap
Metasploit, Msfvenom, Evil-Droid, AndroRAT, AhMyth, Drozer, APKTool, JADX, MobSF (Mob

Shodan, Censys, Thingful, Nmap, Metasploit, Firmwalker, Binwalk, Firmware-Mod-Kit, IoT I

Pacu, AWS CLI, GCP CLI, Azure CLI, CloudBrute, Cloud_enum, S3Scanner, S3BucketList, Sky

John the Ripper, Hashcat, Hydra, Medusa, Ophcrack, RSMangler, CeWL, Crunch, RainbowCr
Osquery,Gophish, Prowler,ScoutSuite,TruffleHog,. DumpsterFire, Artillery,Sysmon,Atomic Red Team

raft, OSINT Framework, ThreatCrowd, GreyNoise, IntelX, CheckUsernames, Sherlock, Maltego, Soci

RustScan, PortQry, Scanless, SNMPCheck, Xprobe2, p0f, SinFP, OS-Detect, Scapy, Firewalk, ProxyC

um, NTPQ, NFS-Common, Showmount, Rpcclient, Dig, Host, Fierce, DNSRecon, DNSEnum, SMTP-Us

etix, Arachni, OpenSCAP, Lynis, Retina, Qualys, SAINT, IBM AppScan, Snyk, Dependency-Check, An

gne, Responder, Evil-WinRM, WinPEAS, LinPEAS, BeRoot, PowerSploit, Linux Exploit Suggester, Win

gshot, Wireshark, Suricata, Zeek (Bro), Hybrid Analysis, Any.Run, VirusTotal, Intezer Analyze, Falco
t, Zeek (Bro), Suricata, NetworkMiner, Chaosreader, Ngrep, PcapXray, EtherApe, Haka, Justniffer, P

X, SpearPhisher, Maltego, Sherlock, WhatsMyName, Holehe, Recon-ng, theHarvester, Metasploit, B

DOSIM, DAVOSET, SynFlood, Nemesy, MHDDoS, Botnet Tools (Mirai, Kaiten), OWASP HTTP-DoS Tool

DroidSheep, Cookie Cadger, Scapy, ARPspoof, NetSniff-ng, Aircrack-ng, Responder, Sniffpass, Cain &

dules), Fragrouter, Fragroute, Tcpdump, Wireshark, Ettercap, Bettercap, Polymorphic Shellcodes, S

pscan, WhatWeb, Arachni, WebSploit, Commix, Xsser, Sublist3r, CloudFail, Recon-ng, Skipfish, Paro

Droopescan, FFUF, Gobuster, Dirb, Dirbuster, Sublist3r, CloudFail, Recon-ng, WebSploit, Skipfish, Pa

te, OWASP ZAP, Nmap (with NSE scripts), Sqliv, NoSQLBooster, SQLiteBrowser, GraphQLmap, Postm

ion, Bettercap, EvilTwin, Wirespy, Eaphammer, Wireshark, Tshark, MdK3, Airgeddon, CoWPAtty, Pix
k), Frida, Objection, Xposed Framework, Magisk, Termux, ADB (Android Debug Bridge), SSLSplit, Bu

uterSploit, IoT-Pentest-Toolkit, Ghidra, Radare2, JTAGulator, Baudline, ChipWhisperer, HackRF, GQ

te, CloudSploit, Rhino Security Labs Tools, TruffleHog, GitLeaks, Kube-Hunter, Kube-Bench, Docker

ashcat-utils, CyberChef, Gpg (GnuPG), OpenSSL, Steghide, OutGuess, Binwalk, AES Crypt, TrueCryp
n,Atomic Red Team, Caldera,Chain-bench,Kismet,Aircrack-ng,YARA,VolatilityCuckoo Sandbox,TheH

lock, Maltego, Social Mapper, Twint, SpiderFoot, PeopleDataLabs API, whois, RDAP Lookup, ICANN

y, Firewalk, ProxyChains, Tor, FOCA, Snort, Suricata, Zeek (Bro), OSSEC, Fail2Ban, PortSentry, IP Ta

DNSEnum, SMTP-User-Enum, VRFY, EXPN, theHarvester, Netcat, Nikto, Wappalyzer, WhatWeb, Ama

endency-Check, Anchore, Trivy, Chkrootkit, Rkhunter, MBSA (Microsoft Baseline Security Analyzer)

loit Suggester, Windows Exploit Suggester, Chisel, Ligolo, Netcat, Socat, Nishang, Procdump, PsEx

ezer Analyze, Falcon Sandbox, Malwoverview, Malfind, DeepBlueCLI, Snort, OSSEC, CrowdStrike, C
, Haka, Justniffer, PacketFence.

ester, Metasploit, BeeLogger, Weeman, Fierce, OSINT-Toolkit, Hunchly, OpenAI ChatGPT (AI for OSI

ASP HTTP-DoS Tool, FastNetMon, Snort, Suricata, Zeek (Bro), Fail2Ban, ModSecurity, Cloudflare, Ak

er, Sniffpass, Cain & Abel, Driftnet, Snort, Suricata, Zeek (Bro), HTTPS Everywhere, Multi-factor Aut

orphic Shellcodes, Shellter, Veil-Evasion, Unicorn, Hyperion, Snort, Suricata, Zeek (Bro), T-Pot, Cuck

n-ng, Skipfish, Paros Proxy, Httrack, Netcat, Socat, Hydra, Patator, THC-Hydra, Slowloris, Torshamm

bSploit, Skipfish, Paros Proxy, Httrack, Postman, API-Security-Scanner, JWT_Tool, NoSQLMap, Graph

GraphQLmap, Postman (for API SQLi), Tamper Data, WAFW00F, ModSecurity, Cloudflare WAF, Snor

ddon, CoWPAtty, PixieWPS, NetHunter, Rogue AP, Hostapd-WPE, Snort, Suricata, Zeek (Bro), WPA_S
ridge), SSLSplit, Burp Suite, OWASP ZAP, Wireshark, Bettercap, NetHunter, iRET (iOS Reverse Engi

sperer, HackRF, GQRX, SDR#, RFcat, Bettercap, Wireshark, Tshark, Modbus-cli, SCADA Strangelove

Kube-Bench, Dockerscan, Clair, Anchore, Falco, Kubescape, KubiScan, Aqua Trivy, Sysdig, Metasploi

AES Crypt, TrueCrypt, VeraCrypt, Ccrypt, Chntpw, Bcrypt, Fcrackzip, RarCrack, PDFCrack, Cryptsetu
ckoo Sandbox,TheHive,Cortex,MISP ,

DAP Lookup, ICANN Lookup, ViewDNS.info, CentralOps, DomainTools, dnsenum, Fierce, Nslookup, M

n, PortSentry, IP Tables, Wireshark, TCPWrappers.

zer, WhatWeb, Amap, Xprobe2, p0f, Recon-ng, SpiderFoot, Wireshark, Snort, Suricata, OSSEC, Fail2

Security Analyzer), CloudSploit, ScoutSuite.

ng, Procdump, PsExec, Winlogbeat, Wevtutil, Klogconsole.

EC, CrowdStrike, Cylance, AI-Hunter, ReversingLabs, Cape Sandbox, ThreatGrid, FireEye FLARE.
ChatGPT (AI for OSINT & phishing awareness).

urity, Cloudflare, Akamai, IP Tables, TCP Wrappers.

re, Multi-factor Authentication (MFA), Secure Cookies, VPN, TLS/SSL Encryption.

ek (Bro), T-Pot, Cuckoo Sandbox, Honeyd, Kippo, Cowrie, Dionaea, Conpot, Canarytokens, WAFW00F

Slowloris, Torshammer, ModSecurity, Fail2Ban, Snort, Suricata, OSSEC, Cloudflare WAF.

l, NoSQLMap, GraphQLmap, Patator, Hydra, THC-Hydra, Slowloris, Torshammer, ModSecurity, Fail2

oudflare WAF, Snort, Suricata, OSSEC.

, Zeek (Bro), WPA_Supplicant, MAC Filtering, Enterprise WPA, VPN, Radius Server.
T (iOS Reverse Engineering Toolkit), Cycript, Hopper Disassembler, Checkra1n, Snort, Suricata, OSS

SCADA Strangelove, PLCScan, Modscan, Snap7, Conpot, GasPot, GridPot, Snort, Suricata, Zeek (Bro

y, Sysdig, Metasploit, Nmap, Burp Suite, OWASP ZAP, Wireshark, Snort, Suricata, Zeek (Bro), Cloud

DFCrack, Cryptsetup, Scrypt, Wfuzz, Burp Suite, CyberChef, Snort, Suricata, Zeek (Bro), Quantum C
Fierce, Nslookup, MXToolbox, dnstracer, Sublist3r, CRT.sh, DNSDumpster, Amass, Traceroute, Nma

ricata, OSSEC, Fail2Ban, TCPWrappers, IP Tables.

FireEye FLARE.
rytokens, WAFW00F, ModSecurity, Fail2Ban, IP Tables, TCP Wrappers.

ModSecurity, Fail2Ban, Snort, Suricata, OSSEC, Cloudflare WAF.


Snort, Suricata, OSSEC, MobileIron, AirWatch, Intune, VPN, App Sandboxing.

Suricata, Zeek (Bro), Security Onion, Fail2Ban, FirewallD, NAC (Network Access Control), VPN, Devi

, Zeek (Bro), CloudTrail, GuardDuty, Azure Security Center, Google Security Command Center, IAM

k (Bro), Quantum Cryptography, Multi-Factor Authentication (MFA), PKI (Public Key Infrastructure)
s, Traceroute, Nmap, EmailRep.io, Have I Been Pwned, SNOV.io, Holehe, SET (Social Engineering To
Control), VPN, Device Hardening.

mmand Center, IAM Policies, Cloud WAF, CSPM (Cloud Security Posture Management).

Key Infrastructure).
cial Engineering Toolkit), Evilginx2, GoPhish, PhishTank, EvilURL, Zphisher, BlackEye, HiddenEye, R
kEye, HiddenEye, Recon-ng, Metasploit, SpiderFoot HX, OSINT-Toolkit, OpenAI ChatGPT, Hunchly, G
ChatGPT, Hunchly, GHunt, ReconAI, Tor Browser, Tails OS, CyberChef, OSINT-SANITIZER, Privacy Ba
NITIZER, Privacy Badger.

You might also like