GitHub - anggrdwjy/cehv12-training: Certified Ethical Hacking Methodology and Lab Training v12

Overview

Module 1. Methodology Certified Ethical Hacker

A. Explain Information Security Concepts
- Elements of Information Security
- Motives, Goals, And Objectives of Information Security Attacks
- Classification of Attacks
- Information Warfare
B. Explain Hacking Methodologies and Frameworks
- Hacking Methodologies and Frameworks
- CEH Hacking Methodology (CHM)
- Cyber Kill Chain Methodology
- Tactics, Techniques, and Procedures (TTPs)
- Adversary Behavioral Identification
- Indicators of Compromise (IoCs)
- Categories of Indicators of Compromise
- MITRE ATT&CK Framework
- Diamond Model of Intrusion Analysis
- Additional Event Meta-Features
- Extended Diamond Model
C. Explain Hacking Concepts and Diiferent Hacker Classes
- Hacking Concepts
- What is Hacking?
- Who is a Hacking?
- Hacker Classes
D. Explain Ethical Hacking Concepts and Scope
- Ethical Hacking Concepts
- What is Ethical Hacking?
- Why Ethical Hacking is Necessary
- Reasons Why Organizations Recruit Ethical Hackers
- Scope and Limitiations of Ethical Hacking
- Skills of an Ethical Hacker
E. Summarize the Techniques used in Information Security Controls
- Information Security Controls
- Information Assurance (IA)
- Continual/Adaptive Security Strategy
- Defense-in-Depth
- What is Risk?
- Risk Matrix
- Risk Management
- Cyber Threat Intelligence
- Types of Threat Intelligence
- Threat Intelligence Lifecycle
- Threat Modelling
- Incident Managment
- Incident Handling and Response
- Role of AI and ML in Cybersecurity
- How Do AI and ML Prevent Cyber Attacks?
F. Explain the Importance of Applicable Security Laws and Standards
- Information Security Laws and Standards

Module 2. Footprinting and Reconnaissance

A. Footprinting Search Engine
- Task 1. Gather Information using Advanced Google Hacking
- Task 2. Gather Information from Video Search Engines
- Task 3. Gather Information from FTP Search Engines
- Task 4. Gather Information from IoT Search Engines
- Online Tools
  - Google Search Engines
  - Mattw : https://mattw.io/youtube-metadata
  - Search FTPs : https://searchftps.net
  - Shodan : https://shodan.io
B. Footprinting Web Services
- Task 1. Find Company Domain and Subdomain using Netcraft
- Task 2. Gather Personal Information using PeekYou Online People Search Services
- Task 3. Gather an Email List using theHarvester
- Task 4. Gather Information using Deep and Dark Web Searching (TOR Browser)
- Task 5. Determine Target OS Passive Footprinting (Censys)
- Online Tools
  - Netcraft : https://sitereport.netcraft.com
  - Peekyou : https://peekyou.com
  - Censys : https://search.censys.io
- Package Tools
  - theHarvester : https://github.com/laramies/theHarvester
  - TOR Browser : https://torproject.org/download
C. Footprinting Social Engineering Sites
- Task 1. Gather Employe Information from Linkedin using theHarvester
- Task 2. Gather Personal Information from Social Engineering Sites using sherlock
- Task 3. Gather Information using Followerwonk
- Online Tools
  - FollowerWonk : https://www.followerwonk.com/analyze
- Package Tools
  - theHarvester : https://github.com/laramies/theHarvester
  - sherlock : https://github.com/sherlock-project/sherlock
D. Website Footprinting
- Task 1. Gather Information About Target using PING CMD
- Task 2. Gather Information About Target Website using Photon
- Task 3. Gather Information About Target Website using Central Ops
- Task 4. Extract Company Data using Web Data Extractor
- Task 5. Mirror Target Website using HTTrack Website Copier (Clone Website)
- Task 6. Gather Information About Target Website using GRecon
- Task 7. Gather Wordlist from Target Website using CeWL
- Online Tools
  - CentralOps : https://www.centralops.net
- Package Tools
  - Ping
  - Photon : https://github.com/s0md3v/Photon.git
  - theHarvester : https://github.com/laramies/theHarvester
  - sherlock : https://github.com/sherlock-project/sherlock
  - Web Data Extractor : https://web-data-extractor.apponic.com/
  - HTTrack Website Copier : https://www.httrack.com
  - GRecon : https://github.com/Moh-Gebril/grecon.git
  - CeWL : https://github.com/digininja/CeWL
E. Email Footprinting
- Task 1. Perform Email Footprinting
- Package Tools
  - eMailTrackerPro : https://emailtracker.website/pro
F. Whois Footprinting
- Task 1. Perform Whois Lookup using DomainTools
- Online Tools
  - DomainTools : https://whois.domaintools.com
G. DNS Footprinting
- Task 1. Gather DNS Information using NSLOOKUP
- Task 2. Gather DNS Information using Online Tools
- Online Tools
  - Kloth : https://kloth.net
- Package Tools
  - Nslookup
H. Perform Network Footprinting
- Task 1. Traceroute from Online Tools
- Task 2. Traceroute from CMD
- Task 3. Traceroute from Linux
- Online Tools
  - American Registry for Internet Numbers : https://www.arin.net
- Package Tools
  - Nslookup
  - Traceroute
I. Perform Footprinting using Footprinting Tools
- Task 1. Footprinting Target using Recon-ng
- Task 2. Footprinting Target using Maltego
- Task 3. Footprinting Target using OSRFramework
- Task 4. Footprinting Target using FOCA
- Task 5. Footprinting Target using BillCiper
- Task 6. Footprinting Target using OSINT Framework
- Online Tools
  - OSINT Framework : https://www.osintframework.com
- Package Tools
  - Recon-ng : https://github.com/lanmaster53/recon-ng
  - Maltego : https://www.maltego.com/
  - OSRFramework : https://www.kali.org/tools/osrframework/
  - FOCA : https://github.com/ElevenPaths/FOCA.git
  - BillCiper : https://github.com/bahatiphill/BillCipher.git
  - Recon-dog : https://github.com/s0md3v/ReconDog
  - GRecon : https://github.com/Moh-Gebril/grecon.git
  - Th3Inspector : https://github.com/moham3driahi/th3inspector
  - Raccon : https://github.com/nettitude/raccoon
  - Orb : https://github.com/epsylon/orb

Module 3. Scanning Networks

A. Perform Host Discovery
- Task 1. Perform Host Discovery using NMAP
- Task 2. Perform Host Disvovery using Angry IP Scanner
- Package Tools
  - NMAP : https://nmap.org/download
  - Angry IP Scanner : https://angryip.org/download/#windows
B. Perform Port and Services Discovery
- Task 1. Perform Port and Service Discovery using MegaPing
- Task 2. Perform Port and Service Discovery using NetScanTools Pro
- Task 3. Perform Port Scanning using sx Tools
- Task 4. Explore Various Network Scanning Techniques using NMAP
- Task 5. Explore Various Network Scanning Techniques using Hping3
- Package Tools
  - MegaPing : https://magnetsoft.com/producs-download
  - NetScanTools Pro : https://netscantools.com/ntbasicrequestform.html
  - SX : https://github.com/v-byte-cpu/sx
  - Zenmap : https://nmap.org/zenmap
  - Hping3 : https://github.com/antirez/hping
C. Perform OS Discovery
- Task 1. Identify Target System OS with Time-to-Live (TTL) and TCP Window Sizes using Wireshark
- Task 2. Perform OS Discovery using NMAP Script Engine (NSE)
- Task 3. Perform OS Discovery using Unicornscan
- Package Tools
  - Wireshark : https://www.wireshark.org/download.html
  - NMAP : https://nmap.org/download
  - Unicornscan : https://www.kali.org/tools/unicornscan/
D. Scan Beyond IDS and Firewall (Techniques to Evade IDS/Firewall)
- Task 1. Scan Beyond IDS/Firewall using Various Evasion Techniques
- Task 2. Create Custom Packets using Colasoft Packet Builder to Scan Beyond IDS/Firewall
- Task 3. Create Custom UDP and TCP Packets using Hping3 to Scan Beyond IDS/Firewall
- Package Tools
  - NMAP : https://nmap.org/download
  - Colasoft Packet Builder : https://www.colasoft.com/download/products/download_packet_builder.php
  - Hping3 : https://github.com/antirez/hping
  - NetScanTools Pro : https://netscantools.com/ntbasicrequestform.html
E. Perform Network Scanning using Various Scanning Tools
- Task 1. Scan Target Network using Metasploit
- Package Tools
  - Metasploit : https://www.metasploit.com/

Module 4. Enumeration

A. Perform NetBIOS Enumeration
- Task 1. Perform NetBIOS Enumeration using CMD
- Task 2. Perform NetBIOS Enumeration using NetBIOS Enumeration
- Task 3. Perform NetBIOS Enumeration using NMAP NSE Script
- Package Tools
  - Nbtstat
  - NetBIOSEnumerator : https://nbtenum.sourceforge.net/
  - NMAP : https://nmap.org/download
  - Global Network Inventory : https://magnetosoft.com/product-global-network-inventory/
  - Advanced IP Scanner : https://angryip.org/download/#windows
  - Hyena : https://www.systemtools.com/hyena/download.htm
  - Nsauditor Network Security Auditor : https://www.nsauditor.com/
B. Perform SNMP Enumeration
- Task 1. Perform SNMP Enumeration using snmp-check
- Task 2. Perform SNMP Enumeration using SoftPerfect Network Scanner
- Task 3. Perform SNMP Enumeration using SnmpWalk
- Task 4. Perform SNMP Enumeration using NMAP
- Package Tools
  - NMAP : https://nmap.org/download
  - Snmp-check : https://www.kali.org/tools/snmpcheck/
  - SoftPerfect Network Scanner : https://www.softperfect.com/products/networkscanner/
  - SnmpWalk : https://www.kali.org/tools/net-snmp/
C. Perform LDAP Enumeration
- Task 1. Perform LDAP Enumeration using AD Explorer
- Task 2. Perform LDAP Enumeration using Python and NMAP
- Task 3. Perform LDAP Enumeration using ldapsearch
- Package Tools
  - ADExplorer : https://live.sysinternals.com/ADExplorer.exe
  - NMAP : https://nmap.org/download
  - Python : https://www.python.org/
  - ldapsearch : https://github.com/dinigalab/ldapsearch
D. Perform NFS Enumeration
- Task 1. Perform NFS Enumeration using RPCScan and SuperEnum
- Package Tools
  - NMAP : https://nmap.org/download
  - Superenum : https://github.com/p4pentest/SuperEnum.git
  - RPCScan : https://github.com/hegusung/RPCScan.git
E. Perform DNS Enumeration
- Task 1. Perform DNS Enumeration using Zone Transfer
- Task 2. Perform DNS Enumeration using DNSSEC Zone Walking
- Task 3. Perform DNS Enumeration using NMAP
- Package Tools
  - Dig
  - Nslookup
  - dnsrecon : https://www.kali.org/tools/dnsrecon/
  - NMAP : https://nmap.org/download
  - LDNS : https://github.com/NLnetLabs/ldns
  - nsec3map : https://github.com/anonion0/nsec3map
  - nsec3walker : https://github.com/unsecured-company/nsec3walker
  - DNSwalk : https://www.kali.org/tools/dnswalk/
F. Perform SMTP Enumeration
- Task 1. Perform SMTP Enumeration using NMAP
- Package Tools
  - NMAP : https://nmap.org/download
G. Perform RPC, SMB and FTP Enumeration
- Task 1. Perform SMB and RPC Enumeration using NetScanTools Pro
- Task 2. Perform RPC, SMB and FTP Enumeration using NMAP
- Package Tools
  - NetScanTools : https://www.netscantools.com/nstprodemorequestform.html
  - NMAP : https://nmap.org/download
H. Perform Enumeration using Various Enumeration Tools
- Task 1. Enumerate Information using Global Network Inventory
- Task 2. Enumerate Network Resources using Advanced IP Scanner
- Task 3. Enumerate Information using Enum4linux
- Package Tools
  - Global Network Inventory : https://magnetosoft.com/product-global-network-inventory/
  - Angry IP Scanner : https://angryip.org/download/#windows
  - Enum4linux : https://www.kali.org/tools/enum4linux/

Module 5. Vulnerability Analysis

A. Perform Vulnerability Research with Vulnerability Scoring Systems and Databases
- Task 1. Perform Vulnerability Research in Common Weakness Enumeration (CWE)
- Task 2. Perform Vulnerability Research in Common Vulnerability and Exposures (CVE)
- Task 3. Perform Vulnerability Research in National Vulnerability Database (NVD)
- Online Databases
  - Common Weakness Enumeration (CWE) : https://cwe.mitre.org/find/index.html
  - Common Vulnerability and Exposures (CVE) : https://cve.mitre.org
  - National Vulnerability Database (NVD) : https://nvd.nist.gov
B. Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
- Task 1. Perform Vulnerability Analysis using OpenVAS
- Task 2. Perform Vulnerability Scanning using Nessus
- Task 3. Perform Vulnerability Scanning using GFI LanGuard
- Package Tools
  - OpenVAS : https://www.greenbone.net/en/openvas-free/
  - Nessus : https://www.tenable.com/downloads/nessus?loginAttempted=true
  - GFI LanGuard : https://gfi.ai/products-and-solutions/network-security-solutions/gfi-languard/download/
C. Perform Web Servers and Application Vulnerability Scanning using CGI Scanner Nikto
- Package Tools
  - Nikto : https://github.com/sullo/nikto

Module 6. System Hacking

Module 7. Malware Threats

A. Gain Access to Target System using Trojans
- Task 1. Gain Control Victim Machine using njRAT Trojans
- Task 2. Hide Trojan using SwayzCryptor and Make Undetectable Various Anti-Virus Program
- Task 3. Create a Trojan Server using TheefRAT
- Malware Tools
  - njRAT (Build Malware) : https://github.com/alyaparan/NjRat-0.7D
  - SwayzCryptor (Encrypt Malware) :
  - TheefRAT Trojan v2.10 (Server Trojan) :
B. Infect Target System using Virus
- Task 1. Create Virus using JPS Virus Maker Tool and Infect Target System
- Malware Tools
  - JPS Virus Maker : https://github.com/Hackalyze-Tools/jps-virus-make
C. Perform Static Malware Analysis
- Task 1. Perform Malware Scanning using Hybrid Analysis
- Task 2. Perform Strings Search using BinText
- Task 3. Identify Packaging and Obfuscation Methods using PEid
- Task 4. Analyze ELF Executable File using Detect It Easy (DIE)
- Task 5. Find Portable Executable (PE) Information of Malware Executable File using PE Explorer
- Task 6. Identify File Dependencies using Dependency Walker
- Task 7. Perform Malware Disassembly using IDA and OllyDbg
- Task 8. Perform Malware Disassembly using Ghidra
- Online Tools
  - Hybrid Analysis : https://hybrid-analysis.com
  - Virus Total : https://virustotal.com
  - Valkyrie : https://valkryrie.comodo.com
  - Cuckoo Sandbox : https://cuckoosandbox.org
  - Jotti : https://virusscan.jotti.org
  - IObit Cloud : https://cloud.iobit.com
- Package Tools
  - BinText 3.0.3 : https://www.oldergeeks.com/downloads/file.php?id=2441
  - FLOSS : https://fireeye.com
  - Strings : https://learn.microsoft.com/en-us/sysinternals/downloads/strings
  - Free EXE DLL Resource Extract : https://resourceextract.com
  - FileSeek : https://fileseek.ca
  - PEid : https://github.com/wolfram77web/app-peid
  - DIE : https://github.com/horsicq/DIE-engine/releases
  - PE explorer : https://www.pe-explorer.com/
  - Portable Executable Scanner (Pescan) : https://tzworks.net
  - Resource Hacker : https://angusj.com
  - PEView : https://aldeid.com
  - Dependency Walker : https://www.dependencywalker.com/
  - Dependency-check : https://jeremylong.github.io
  - Snyk : https://synk.io
  - RetrireJS : https://retirejs.github.io
  - IDA Freeware : https://hex-rays.com/ida-free
  - OllyDbg : https://www.ollydbg.de/download.htm
  - Ghidra : https://github.com/NationalSecurityAgency/ghidra/releases
  - Radare2 : https://rada.re
  - WinDbg : https://windbg.org
  - ProcDump : https://learn.microsoft.com/en-us/sysinternals/downloads/procdump
D. Perform Dynamic Malware Analysis
- Task 1. Perform Port Monitoring using TCPView and Currports
- Task 2. Perform Process Monitoring using Process Monitor
- Task 3. Perform Registry Monitoring using Reg Organizer
- Task 4. Perform Windows Services Monitoring (SrvMan)
- Task 5. Perform Startup Program Monitoring using Autoruns for Windows and WinPatrol
- Task 6. Perform Installation Monitoring using Mirekusoft Install Monitor
- Task 7. Perform Files and Folder Monitoring using PA File Sight
- Task 8. Perform Device Driver Monitoring using DriverView and Driver Reviver
- Task 9. Perform DNS Monitoring using DNSQuerySniffer
- Package Tools
  - TCPView : https://www.sysinternals.com
  - CurrPorts : https://www.nirsoft.net/utils/cports.html#DownloadLinks
  - ProcessMonitor : https://learn.microsoft.com/en-us/sysinternals/downloads/procmon
  - Reg Organizer : https://www.chemtable.com/organizer.htm
  - Regshot : https://sourceforge.net/projects/regshot/
  - Registry Viewer : https://accessdata.com
  - RegScanner : https://nirsoft.com
  - Registrar Registry Manager : https://resplendence.com
  - Windows Service Manager : https://sysprogs.com/legacy/tools/srvman/
  - Autoruns : https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
  - WinPatrol : https://www.winpatrol.online/
  - Autorun Organizer : https://chemtable.com
  - Quick Startup : https://glarysoft.com
  - Chameleon Startup Manager : https://chameleon-managers.com
  - Mirekusoft Install Monitor : https://www.mirekusoft.com/
  - Tripwire File Integrity and Change Manager : https://tripwire.com
  - Netwrix Auditor : https://netwrix.com
  - Verisys : https://ionx.co.uk
  - CSP Checker : https://cspsecurity.com
  - Driver View : https://www.nirsoft.net/utils/driverview.html
  - Driver Reviver : https://www.reviversoft.com/driver-reviver/
  - Driver Bosster : https://iobit.com
  - Driver Easy : https://drivereasy.com
  - Driver Fusion : https://treexy.com
  - Driver Genius 22 : https://driver-soft.com
  - ProcessMonitor : https://learn.microsoft.com/en-us/sysinternals/downloads/procmon
  - DNSQuery Sniffer : https://www.nirsoft.net/utils/dns_query_sniffer.html
  - DNSstuff : https://dnsstuff.com/freetools
  - SonarLite : https://constellix.com

Name		Name	Last commit message	Last commit date
Latest commit History 75 Commits
img		img
Module 1. Methodology Certified Ethical Hacker.md		Module 1. Methodology Certified Ethical Hacker.md
Module 2. Footprinting and Reconnaissance.md		Module 2. Footprinting and Reconnaissance.md
Module 3. Network Scannings.md		Module 3. Network Scannings.md
Module 4. Enumeration.md		Module 4. Enumeration.md
Module 5. Vulnerability Analysis.md		Module 5. Vulnerability Analysis.md
Module 7. Malware Threats.md		Module 7. Malware Threats.md
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Overview

Module 1. Methodology Certified Ethical Hacker

Module 2. Footprinting and Reconnaissance

Module 3. Scanning Networks

Module 4. Enumeration

Module 5. Vulnerability Analysis

Module 6. System Hacking

Module 7. Malware Threats

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Folders and files

Latest commit

History

Repository files navigation

Overview

Module 1. Methodology Certified Ethical Hacker

Module 2. Footprinting and Reconnaissance

Module 3. Scanning Networks

Module 4. Enumeration

Module 5. Vulnerability Analysis

Module 6. System Hacking

Module 7. Malware Threats

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Packages