/CEH-in-bullet-points

💻 Certified ethical hacker summary in bullet points

Creative Commons Attribution 4.0 InternationalCC-BY-4.0

Certified ethical hacker in bullet points

Quality checks status GitHub sponsors

  • This repo contains study notes for Certified Ethical Hacker exam.
  • The notes are comprehensive and written with goal of covering all exam areas.
  • It includes many real-life tips and tricks to keep practical value in the content.
  • Combines and summarizes a lot of education materials from many different sources.
    • I passed the exam with 119/125 score with these notes.
  • 💡 A good way is using material is using the search function extensively, there are many cross references throughout the material to help you navigate, feel free to ignore them if you're reading for the first time.
  • Good luck & enjoy studying! ☕
  • ✨ Contributions of any kind are welcome!

Symbols

  • There are some symbols used throughout the documentation:

    Symbol Description
    💡 Best practice or practical tips
    An important limitation, challenge or an exception
    📝 Common exam area
    🤗 Fact / trivia (most likely unrelated to the exam)

Content

  1. Introduction
    1. Information security
      1. Information security overview
      2. Security threats and attacks
      3. Information security controls
        1. Information security controls overview
        2. Risk management
        3. Incident management
        4. Network security
        5. Security policies
        6. Physical security
        7. Data leakage backup and recovery
        8. Identity access management (IAM)
      4. Threat intelligence and forensics
      5. Laws, standards and regulations
    2. Hacking
      1. Hacker types
      2. Hacking stages
    3. Penetration testing
      1. Penetration testing overview
      2. Penetration testing phases
  2. Footprinting
    1. Footprinting overview
    2. Search engines and online resources
    3. WHOIS, GeoIpLocation and DNS interrogation
    4. Email footprinting
    5. Website footprinting
    6. Network footprinting
  3. Scanning networks
    1. Scanning networks overview
    2. TCP/IP basics
    3. Scanning tools
    4. Scanning techniques
    5. Bypassing IDS and firewall
    6. Banner grabbing
  4. Enumeration
    1. Enumeration Overview
    2. DNS enumeration
  5. Vulnerabilities
    1. Vulnerability analysis
    2. Common vulnerabilities
    3. Automated penetration testing tools
  6. System hacking
    1. Cracking passwords
      1. Cracking passwords overview
      2. Microsoft authentication
      3. Password cracking tools
    2. Linux basics
    3. Escalating privileges
    4. Executing applications
    5. Hiding files
    6. Covering tracks
  7. Malware overview
    1. Malware overview
    2. Trojans
    3. Viruses
    4. Malware analysis
  8. Sniffing
    1. Sniffing overview
    2. Sniffing tools
    3. Sniffing attacks
      1. Sniffing attacks overview
      2. Spoofing attacks
      3. ARP poisoning
  9. Wireless networks
    1. Wireless networks overview
    2. AAA protocols
    3. Wireless threats and attacks
    4. Wireless security tools
    5. Bluetooth
  10. Social engineering
    1. Social engineering overview
    2. Social engineering types
  11. Firewalls IDS and Honeypots
    1. Intrusion detection system (IDS)
      1. Intrusion detection system (IDS) overview
      2. Evading IDS
    2. Firewall
      1. Firewall overview
      2. Evading firewalls
    3. Honeypot
  12. Web servers
    1. Hacking web servers
    2. Web server threats and attacks
  13. Web applications
    1. Hacking web applications
    2. OWASP top 10 threats
    3. Denial of service
    4. Session hijacking
  14. SQL injection
    1. SQL injection overview
    2. SQL injection types
  15. Cryptography
    1. Cryptography overview
    2. Encryption algorithms
    3. Hashing algorithms
    4. Communication
      1. Encrypting communication
      2. Tunneling protocols
    5. Encrypting disk
    6. Cryptanalysis
  16. Cloud
    1. Cloud computing
    2. Cloud security
    3. Container security
  17. Mobile platforms
    1. Mobile hacking
    2. Mobile attack vectors
    3. Mobile attacks
  18. IoT and OT
    1. IoT overview
    2. IoT security
  19. Exam readiness

Support