CEH - Certified Ethical Hacker (CEH)

Chapter 1: Intro to Ethical Hacking

• Current trends and security threats
• Scope and limitations of ethical hacking
• Information security management, policies, and incident management
• Vulnerability research, pen test process, and security acts/laws

Chapter 2: Footprinting and Reconnaissance

• Foot printing terminology
• Foot printing methodology
• Foot printing tools
• Foot printing countermeasures / pen test steps

Chapter 3: Scanning Networks

• Check for live systems and ports / identifying services
• Banner grabbing / OS fingerprinting
• Scanning for vulnerabilities
• Draw network diagrams
• Prepare proxies
• Pen test steps for scanning networks

Chapter 4: Enumeration

• Extracting user names, machine names, and network resources from a system
• Enumerate NetBIOS, SNMP, LDAP, NTP, SMTP, and DNS
• Using various tools extract information
• Pen test steps for enumeration

Chapter 5: System Hacking

• Gaining access, maintaining access, and clearing logs
• Hacking tools (keyloggers, spyware, and root kits)
• Steganography techniques
• System attack countermeasures
• Pen test steps for system hacking

Chapter 6: Malware Threats

• Malware propagation techniques
• Trojans, viruses, and worms
• Malware analysis
• Detect virus’, worms, and trojans
• Pen test steps for malware threats

Chapter 7: Sniffing

• Basic concepts of sniffing on the network
• MAC flooding, DHCP attacks, ARP spoofing, and ARP/DNS poisoning
• Sniffing tools
• Pen test steps for sniffing

Chapter 8: Social Engineering

• Social engineering attack phases
• Types of social engineering
• Impersonation based social engineering
• Social engineering countermeasures
• Pen test steps in social engineering

Chapter 9: Denial of Service

• Classify DoS and DDoS attacks and techniques
• Botnets and how they infect a system
• Tools used to perform DoS/DDoS
• Pen test steps for DoS/DDoS

Chapter 10: Session Hijacking

• Concepts
• Techniques and tools
• Countermeasures
• Pen test steps for session hijacking

Chapter 11: Hacking Webservers

• Reasons for webserver compromise
• Open source and IIS architecture
• Attack tools and techniques
• Countermeasures
• Pen test steps for hacking webservers

Chapter 12: Hacking Web Applications

• Intro to web applications
• Web application architecture
• Threats and attacks
• Web application hacking and security tools
• Pen test steps for web applications

Chapter 13: SQL Injection

• Threats from SQL injection attacks
• Types of attacks
• Methodology, injection tools, and detection tools
• Pen test steps for SQL injection

Chapter 14: Hacking Wireless Networks

• Types of wireless networks and standards
• Terminology and encryption
• Threats and hacking wireless network methodology
• Pen test steps in hacking wireless networks

Chapter 15: Hacking Mobile Platforms

• Mobile attack vectors
• Android OS architecture
• Jailbreaking IOS
• Windows phone 8 architecture
• Pen test steps in hacking wireless networks

Chapter 16: Evading IDS, Firewalls, and Honeypots

• IDS, firewall, and honeypot solutions
• IDS, firewall, and honeypot placement
• Evasion techniques
• Tools and countermeasures
• Pen test steps in evading IDS, Firewalls, and Honeypots

Chapter 17: Cloud Computing

• Basics of cloud computing and services
• Security considerations
• Threats, tools, and attacks
• Pen test steps in cloud computing

Chapter 18: Cryptography

• Intro to cryptography concepts
• Tools
• Public Key Infrastructure (PKI)
• Cyphers, AES, DES
• RSA
• Pen test steps for cryptography