Home Cheat Sheets Certified Ethical Hacker (CEH) Cheatsheet

Certified Ethical Hacker (CEH) Cheatsheet

by Mic Johnson
Certified Ethical Hacker

What is Certified Ethical Hacker (CEH)

The Certified Ethical Hacker (CEH) is a prestigious professional certification provided by the EC-Council. It’s designed for cybersecurity practitioners who are primarily responsible for securing information systems. A CEH is skilled in understanding and knowing how to look for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.

The CEH certification verifies the candidate’s skills in ethical hacking (also known as penetration testing or white-hat hacking) and ensures they understand how to secure a system by assessing it for possible vulnerabilities. These vulnerabilities are usually exploited by attackers or malicious hackers to penetrate network systems and retrieve sensitive information.

A CEH-certified professional uses various hacking tools and techniques, but unlike a malicious hacker, they have legal permission to improve system security. The primary goal is to protect and secure the systems from attacks by fixing the vulnerabilities found during the testing.

What are the benefits of getting CEH certified?

Obtaining a CEH certification offers several advantages:

Enhanced Job Prospects:

CEH certification significantly enhances employment opportunities within information security. It validates your ability to execute ethical hacking and penetration testing, marking you as a valuable potential employee.

Elevated Compensation:

Professionals with CEH certification often receive a higher remuneration compared to those without it. According to a report from the Information Systems Security Association, professionals with CEH certification earn, on average, an additional $10,000 per annum than those without this credential.

Improved Job Stability:

With the escalating demand for information security professionals, possessing a CEH certification can solidify your job security. A study by the Bureau of Labor Statistics suggests that job growth for information security analysts will outpace average growth across occupations, increasing by 31% from 2020 to 2030.

Expanded Knowledge and Skill Set:

CEH certification enriches your understanding of diverse topics related to information security, such as ethical hacking, penetration testing, and vulnerability assessment. This expanded knowledge and practical skill set can prove beneficial in advancing your career.

What are the requirements for getting CEH certified?

The following prerequisites are needed for CEH certification:

  • Completion of high school education or its equivalent
  • Two years of professional experience in information security or a similar field
  • A successful pass in the CEH examination

What is the cost of getting CEH certified?

The fee for obtaining the CEH certification is approximately $950.

Where can I get CEH certified?

Numerous options exist for earning your CEH certification. The exam can be taken at a certified testing center, or you may opt for an online proctored exam.

What are the best resources for studying for the CEH exam?

Among the best study resources available for the CEH exam are:

  • The Official CEH Study Guide
  • The CEH Practice Exam
  • The CEH Training Course

What are some of the most common mistakes people make when studying for the CEH exam?

Common errors people often commit when preparing for the CEH exam include:

  • Inadequate study time
  • Insufficient practice
  • Lack of understanding of the examination’s objectives
  • Not utilizing effective study resources

How long does it take to get CEH certified?

The general timeline for obtaining CEH certification ranges from 3 to 6 months for most people.

What are the job prospects for CEH-certified professionals?

Job prospects for CEH-certified professionals are promising. With the increasing demand for information security professionals, holding a CEH certification can give you a competitive edge.

CEH Exam Tips

Here are some strategies to succeed in the certified ethical hacker examination:

  • Dedicate time to thoroughly reviewing the official CEH study guide.
  • Attempt the CEH practice examination to familiarize yourself with the question format.
  • Enroll in a CEH training course for a structured learning experience.
  • Hone your skills through hands-on hacking exercises on a virtual machine.
  • Keep yourself informed about the newest security threats and vulnerabilities.
  • Maintain your perseverance! The CEH exam can be rigorous, but with relentless effort and commitment, success is achievable.

What is the CEH Syllabus?

The CEH certification covers a wide array of topics, such as footprinting and reconnaissance, scanning networks, system hacking, social engineering, denial of service, session hijacking, hacking web servers, wireless networks, and web applications, and more. Candidates also gain practical, hands-on experience through labs that simulate a real-world environment. The syllabus includes the following:

1. Introduction to Ethical Hacking

Overview of different hacking methodologies, types of hackers, and various types of attacks.

2. Footprinting and Reconnaissance

This involves gathering information about a target. For instance:

whois domain.com // obtain domain registration information
nslookup domain.com // obtain domain IP information

3. Scanning Networks

Identify live hosts, ports, and services that are running on the host.

nmap -sS -p 22,80,443 target.com // perform SYN scan

4. Enumeration

Extract further information from the network like routing paths, users/groups, etc.

net view \\target.com // enumerate network resources

5. Vulnerability Analysis

Identify vulnerabilities in the system.

nmap --script vuln target.com // check for vulnerabilities

6. System Hacking

Gaining access and maintaining access to the system.

john --format=descrypt passwordfile // crack passwords with John The Ripper

7. Malware Threats

Understand various types of malware, their functioning, and how to use antivirus tools.

8. Sniffing

Intercepting and logging traffic.

tcpdump -i eth0 // start packet capture

9. Social Engineering

Manipulation techniques that prompt individuals to make security mistakes.

10. Denial-of-Service

Understanding methods and tools for DoS and DDoS attacks.

11. Session Hijacking

Exploiting the session control mechanism, which can be used to steal other people’s HTTP session cookies.

12. Evading IDS, Firewalls, and Honeypots

Methods to evade Intrusion Detection systems, Firewalls and detection via Honeypots.

13. Hacking Web Servers

Hacks specific to web servers.

14. Hacking Web Applications

Hacks specific to web apps like Cross-Site Scripting (XSS), SQL Injection, etc.

15. SQL Injection

Methods and tools to perform SQL injection attacks.

16. Hacking Wireless Networks

Understand the various types of wireless encryption and how to break them.

17. Hacking Mobile Platforms

Techniques and tools to exploit vulnerabilities found in mobile platforms.

18. IoT Hacking

Understanding IoT networks, protocols, and devices, and how to perform IoT device hacking.

19. Cloud Computing

Understanding security challenges in cloud computing and learning how to use various tools to audit and secure cloud services.

20. Cryptography

Principles of cryptography and how they can be used in cyber security.

Helpful Tools

Here are some common tools used by ethical hackers:

  • Nmap: Network scanner.
  • Wireshark: Network protocol analyzer.
  • Metasploit: Penetration testing framework.
  • John the Ripper: Password cracker.
  • Burp Suite: Web vulnerability scanner.
  • OWASP ZAP: Open-source web application security scanner.
  • Nessus: Vulnerability, configuration, and compliance assessment tool.
  • OpenVAS: Open-source vulnerability scanner and manager.
  • SQLmap: Automatic SQL injection tool.
  • Aircrack-ng: Network software suite for wireless network security.

Basic Commands for the Tools

Nmap

nmap -sS target.com // SYN scan
nmap -sV target.com // Service/version detection
nmap -O target.com // OS detection

Wireshark

(tip: use filters like ip.addr == 10.0.0.1 to focus on a specific IP address)

Metasploit

msfconsole // open metasploit console
search exploit_name // search for an exploit
use exploit_name // use an exploit
show payloads // show available payloads for the selected exploit
set payload payload_name // set a payload

John the Ripper

john --format=descrypt passwordfile // use John to crack password hashes

SQLmap

sqlmap -u "http://www.target.com/vuln.php?id=1" // SQL injection testing

Aircrack-ng

airmon-ng start wlan0 // start monitor mode
airodump-ng wlan0mon // start capturing packets
aireplay-ng --deauth 100 -a [router bssid] -c [client bssid] wlan0mon // deauthenticate a client
aircrack-ng -b [bssid] [filename] // crack WEP/WPA key

Linux/Unix Commands

ls // list files and directories
cd // change directory
pwd // print working directory
cat // read file
chmod // change file permissions
chown // change file ownership
grep // pattern matching
ps // process status
netstat // network statistics
ssh // secure shell into a machine

Scripting Basics

# Bash Scripting
#!/bin/bash // bash shebang
echo "Hello World!" // print statement
read varname // read user input
# Python Scripting
#!/usr/bin/python3 // python shebang
print("Hello World!") // print statement
input_string = input() // read user input

Conclusion

In today’s world, the cybersecurity landscape is constantly evolving, and so too are the threats that organisations face. This makes the role of an ethical hacker not only incredibly important, but also highly valued. The Certified Ethical Hacker (CEH) certification is a crucial credential for professionals aiming to make a difference in this challenging field.

The CEH provides a comprehensive ethical hacking and network security-training program to meet the standards of highly skilled security professionals. The knowledge, skills, and tools that you learn in this process are critical in preserving the integrity of network infrastructure and sensitive data.

While the certification provides a good foundation, remember that cybersecurity is a vast field. Continuous learning and staying updated with the latest vulnerabilities, attack vectors, and mitigation techniques is key to being successful in this field. Furthermore, gaining hands-on experience, whether in a controlled lab environment or on the job, is equally important in understanding the practical applications of the concepts learned during the CEH course.

You may also like

2 comments

Tomson May 20, 2023 - 5:09 pm

Thank you so much for this helpful information.
As a beginner in Cyber security world, I have got the course content and hope to learn deeper on them to be an effective Ethical hacker.

Mic Johnson May 20, 2023 - 5:20 pm

You are very welcome, good luck in your journey

Comments are closed.