Learn the fundamentals and key issues in information

security, including the basics of ethical hacking, information

security controls, relevant laws, and standard procedures.

Learn how to use the latest techniques and tools

for footprinting and reconnaissance, a critical

pre-attack phase of ethical hacking

Learn different network scanning techniques

and countermeasures.

Learn various enumeration techniques, including Border

Gateway Protocol (BGP) and Network File Sharing

(NFS) exploits and associated countermeasures.

Learn how to identify security loopholes in a target

organization’s network, communication infrastructure,

and end systems. Different types of vulnerability assessment

and vulnerability assessment tools are also included.

Learn about the various system hacking methodologies used

to discover system and network vulnerabilities, including

steganography, steganalysis attacks, and how to cover tracks.

Learn about different types of malware (Trojan, viruses,

worms, etc.), APT and fileless malware, malware analysis

procedures, and malware countermeasures.

Learn about packet sniffing techniques and their

uses for discovering network vulnerabilities, plus

countermeasures to defend against sniffing attacks.

Learn about different Denial of Service (DoS) and Distributed DoS

(DDoS) attack techniques, plus the tools used to audit a target

and devise DoS and DDoS countermeasures and protections.

Learn the various session-hijacking techniques used to discover

network-level session management, authentication, authorization,

and cryptographic weaknesses and associated countermeasures.

Learn about firewalls, intrusion detection systems (IDS),

and honeypot evasion techniques; the tools used to audit a

network perimeter for weaknesses; and countermeasures.

Learn about web server attacks, including a comprehensive

attack methodology used to audit vulnerabilities in

web server infrastructures and countermeasures

Learn about web application attacks, including a

comprehensive hacking methodology for auditing

vulnerabilities in web applications and countermeasures.

Learn about SQL injection attack techniques, evasion

techniques, and SQL injection countermeasures.

Learn about different types of encryption, threats,

hacking methodologies, hacking tools, security tools,

and countermeasures for wireless networks.

Learn mobile platform attack vectors, Android and

iOS hacking, mobile device management, mobile

security guidelines, and security tools.

Learn different types of Internet of Things (IoT)

and operational technology (OT) attacks, hacking

methodologies, hacking tools, and countermeasures.

Learn different cloud computing concepts, such as

container technologies and serverless computing,

various cloud computing threats, attacks, hacking

methodologies, and cloud security techniques and tools.

Learn about encryption algorithms, cryptography tools,

Public Key Infrastructure (PKI), email encryption, disk

encryption, cryptography attacks, and cryptanalysis tools.

1. Footprinting and Reconnaissance

1. Nmap – Network discovery and scanning
2. Maltego – OSINT and link analysis
3. Recon-ng – Web reconnaissance
4. theHarvester – Email, domain, and metadata harvesting
5. Google Dorks – Search engine hacking
6. Shodan – Search for internet-connected devices

2. Scanning and Enumeration

1. Nmap/Zenmap – Port scanning, version detection
2. Nessus – Vulnerability scanning
3. OpenVAS – Open-source vulnerability scanning
4. Netcat – Banner grabbing and basic enumeration
5. Enum4linux – SMB enumeration
6. Nikto – Web server scanning

3. Gaining Access / Exploitation

1. Metasploit Framework – Exploit development and delivery
2. MSFvenom – Payload generation
3. Hydra – Brute-force attacks (SSH, FTP, etc.)
4. John the Ripper – Password cracking
5. Hashcat – GPU-based password cracking
6. SQLmap – SQL injection and database access
7. Burp Suite – Web application attack and proxying

4. Maintaining Access

1. Netcat – Reverse shells
2. Meterpreter – Persistent backdoors via Metasploit
3. Weevely – PHP web shells
4. Empire – PowerShell-based post-exploitation framework (optional learning)

5. Covering Tracks

1. Timestomp – Modify file timestamps (Windows)
2. Clearev / Clearlogs – Clear event logs (Meterpreter)
3. Auditpol – Disable Windows auditing
4. Metasploit Anti-Forensics Plugins

6. Malware and Trojan Tools

1. SpyNote / AhMyth – Android RATs (for learning, not malicious use!)
2. Veil Framework – AV evasion
3. TheFatRat – Payload generation and obfuscation
4. Pupy – Remote access tool

7. Sniffing and Packet Analysis

1. Wireshark – Network protocol analysis
2. Tcpdump – CLI packet capture
3. Ettercap – Man-in-the-middle (MITM) attacks
4. Cain & Abel – Sniffing, ARP poisoning, password cracking

8. Social Engineering Tools

1. SET (Social-Engineer Toolkit) – Phishing and attack simulation
2. BeEF – Browser exploitation
3. PhishTool – Phishing analysis

9. Cryptography and Steganography

1. Steghide – Hide data in images
2. QuickStego – Simple steganography
3. OpenSSL – Certificate creation and encryption
4. GPG – File and email encryption
5. Cryptool – Educational cryptography demonstrations

10. Cloud & IoT Tools (New in CEH v13)

1. ScoutSuite – Multi-cloud security auditing
2. CloudSploit – AWS security scanning
3. AWS CLI / Azure CLI – Manual cloud enumeration
4. Shodan – For cloud & IoT discovery
5. IoT Inspector – Analyze IoT device traffic