Certified Ethical Hacker (CEH), 2nd Edition

Certified Ethical Hacker (CEH), 2nd Edition

by Omar Santos / Nick Garner / William Bo Rothwell
Released July 2019
Publisher(s): Pearson
ISBN: 0135647452

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

An updated edition of this video title is available. Please go to Certified Ethical Hacker, Version 11 Complete Video Course: https://learning.oreilly.com/videos/certified-ethical-hacker/9780137446797/

18+ Hours of Video Instruction

Learn everything you need to know to pass the Certified Ethical Hacker exam.

Overview

Certified Ethical Hacker (CEH) Complete Video Course provides a complete overview of the topics contained in the EC-Council Blueprint for the CEH exam. With 5 modules containing more than 18 hours of training, this course covers all concepts in the objectives so you can master the knowledge you need to pass the exam.

Build your ethical hacking skills with the foundations of reconnaissance, footprinting, enumeration, and vulnerability analysis and dive into hacking web servers, applications, wireless networks, IoT devices, and mobile platforms. Veteran security experts Omar Santos, Nick Garner, and Bo Rothwell provide a thorough foundation through demos and best practices for security risk analysis, as well as hacking tools and methods. With this knowledge, you will be able to confidently mitigate and help guard your network from the multifaceted attacks that you will encounter while also preparing you to pass the CEH exam.

Regardless of your level of experience, this video course explores all sides of a multi-pronged cybersecurity attack to ensure that you are prepared to combat attack threats.

About the Instructors

Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives and standards bodies. He is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. He is the author of several cybersecurity books and video courses. You can obtain additional information about Omar’s projects at omarsantos.io and h4cker.org.

Nick Garner, CCIE No. 17871, is a solutions integration architect for Cisco Systems. He has been in Cisco Advanced Services supporting customers in both transactional and subscription engagements for 8 years. In his primary role, he has deployed and supported large-scale data center designs for prominent clients in the San Francisco Bay area. His primary technical focus outside of data center routing and switching designs is security and multicast.

William “Bo” Rothwell has a passion for understanding how computers work and sharing this knowledge with others has resulted in a rewarding career in IT training. His experience includes Linux, Unix, and programming languages such as Perl, Python, Tcl, and BASH. He is the founder and president of One Course Source, an IT training organization.

Skill Level

  • Intermediate

Learn How To

  • Perform footprinting and reconScan networks
  • Perform and take countermeasures against enumeration
  • Conduct a vulnerability analysis
  • Hack systems and cover your tracks
  • Use and prevent malware
  • Perform network sniffing
  • Conduct social engineering methodologies and learn how to prevent them from happening
  • Perform Denial-of-Service (DoS) and session hijacking attacks, as well as take measures to guard against them
  • Hack web servers and applications using multiple tools and techniques
  • Perform attacks using SQL injection
  • Use the best tools and techniques for hacking wireless networks
  • Deploy IDS, firewalls, and honeypots, as well as learn how to evade them
  • Understand and learn how to use cloud computing for penetration testing
  • Understand cryptography and cryptanalysis
  • Exploit the vulnerabilities of Internet of Things (IoT) devices
  • Understand the vulnerabilities of and methods to hack mobile devices

Who Should Take This Course

  • Anyone interested in passing the EC Council Certified Ethical Hacker (CEH) exam
  • Anyone interested in becoming a cybersecurity professional
  • Anyone interested in ethical hacking (penetration testing)

Course Requirements

Anyone interested in earning a Certified Ethical Hacker (CEH) certification must attend training through EC-Council or show that they have 2 years of information security experience in each of the 5 CCISO domains via the application form. Please go to the EC-Council website for more information.

Lesson descriptions

Lesson 1, “Course Overview,” provides a general overview of the CEH exam, as well as the areas of focus. In addition, this lesson discusses what this video course is and isn’t so that you know what to expect to study before you take the CEH exam.

Lesson 2, “Introduction to Ethical Hacking,” explores several general concepts with respect to ethical hacking, focusing on InfoSec; attack concepts, phases, and types; and the legal aspects and methodologies of penetration testing.

Lesson 3, “Footprinting and Recon,” dives into hacking with a focus on footprinting and reconnaissance, the most important steps when evaluating a target to discern vulnerable resources.

Lesson 4, “Scanning Networks,” naturally follows up with what you learned in Lesson 3, where you now have a focused target or targets. In this lesson, you will learn how to scan networks and hosts to find services available for possible exploit. In addition to basic TCP/UDP scanning, this lesson delves into diagramming, tunneling, banners, and other approaches.

Lesson 5, “Enumeration,” covers the fundamentals of enumeration‚Äîthat is, the gathering of user names, machine names, shares, and other important host information.

Lesson 6, “Vulnerability Analysis,” begins with an introduction to vulnerability research and classification before moving on to explore vulnerability assessment, the vulnerability management lifecycle, and the different approaches to vulnerability assessment solutions. This lesson concludes by delving into vulnerability scoring systems, assessment tools, and reports.

Lesson 7, “System Hacking,” covers password cracking, Microsoft authentication, privilege escalation, alternate data streams, root kits, and other key approaches in the hacker’s toolbox.

Lesson 8, “Malware Threats,” is devoted entirely to malware‚Äîwhat it is, where it comes from, detection, and eradication, as well as Trojans and countermeasures.

Lesson 9, “Sniffing,” covers what network sniffing is and the various techniques to get access to the traffic that you want to see to enable further exploits.

Lesson 10, “Social Engineering,” discusses social engineering techniques that you can use to influence people to perform actions or release information that opens up new avenues for network exploitation. As a corollary, this lesson also covers some countermeasures to protect you from becoming a victim of social engineering.

Lesson 11, “Denial-of-Service (DoS),” examines how botnets and DoS tools can be used to cripple a resource so that it cannot provide a service. This lesson also covers some methods you can employ to mitigate or prevent DoS attacks.

Lesson 12, “Session Hijacking,” provides an overview of TCP sessions and some of the vulnerabilities that can be exploited, such as man-in-the middle and cross-site attacks.

Lesson 13, “Hacking Webservers,” looks at some of the common webserver implementations and some of the authentication authorization protocols often used. In addition, you’ll learn about common webserver attacks, methodologies, countermeasures, and several security tools.

Lesson 14, “Hacking Web Applications,” examines different attack vectors and threats, how to perform footprinting of web apps, and how to corral your knowledge of web application evolution, protocols, mechanics, and tools to guard against vulnerabilities.

Lesson 15, “Advanced Web Application Hacking,” provides you with an understanding of vulnerabilities associated with command injection, XML injection, XXS (cross-site scripting), and Cross-Site Request Forgery (CSRF), as well as how to both exploit and mitigate related attacks.

Lesson 16, “SQL Injection,” covers the methodologies and attacks that use SQL injection, as well as tools to detect and defend against these attacks.

Lesson 17, “Hacking Wireless,” kicks off with an in depth look at wireless LAN fundamentals, including mechanics, encryption, and antenna types. The lesson continues by providing a wealth of knowledge about building your own wireless penetration testing lab for hacking practice using tools such as Pineapple, Airecrack-ng suite, cOWPatty, and many others. This lesson also delves into Bluetooth vulnerabilities and offers strategies for defending against wireless attacks.

Lesson 18, “IDS, Firewalls, and Honeypots,” explores IDS, firewall, and honeypot concepts, tools, and related penetration testing methods.

Lesson 19, “Cloud Computing,” covers the relatively new cloud computing environment and the challenges involved with conducting penetration testing in cloud networks.

Lesson 20, “Cryptography,” explores algorithms and tools related to encryption, cryptography, and cryptanalysis.

Lesson 21, “IoT Hacking,” kicks off with a look at how the Internet of Things has become increasingly pervasive and covers the IoT tools ZigBee, IEEE 802.15.4, INSTEON, ZWave, and LoRA. The lesson concludes with coverage of IoT penetration testing methods and security tools.

Lesson 22, “Hacking Mobile Platforms,” delves into security concerns in the era of the BYOD workforce, necessitating a Mobile Device Management (MDM) strategy. An under the hood look at Android and iOS security concerns, tools, and hacking methods concludes the lesson and the course.

About Pearson Video Training

Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.

Table of contents

  1. Introduction
    1. Certified Ethical Hacker (CEH): Introduction
  2. Module 1: Security Essentials
    1. Module introduction
  3. Lesson 1: Course Overview
    1. Learning objectives
    2. 1.1 Areas of Focus and Exam Info
    3. 1.2 Course Is and Isn't
  4. Lesson 2: Introduction to Ethical Hacking
    1. Learning objectives
    2. 2.1 Cybersecurity Overview
    3. 2.2 Threats and Attack Vectors
    4. 2.3 Attack Concepts
    5. 2.4 Understanding the Legal Aspects of Penetration Testing
    6. 2.5 Exploring Penetration Testing Methodologies
    7. 2.6 Attack Phases
    8. 2.7 Attack Types
    9. 2.8 InfoSec Policies
  5. Lesson 3: Footprinting and Recon
    1. Learning objectives
    2. 3.1 Footprinting Concepts
    3. 3.2 Footprinting Objectives
    4. 3.3 Footprinting Methodologies
    5. 3.4 Search Engines
    6. 3.5 Finding People
    7. 3.6 Competitive Intelligence
    8. 3.7 Websites
    9. 3.8 Email Tracking
    10. 3.9 Network Discovery
    11. 3.10 DNS/Whois
    12. 3.11 Social Engineering
    13. 3.12 Employee Online Activities
    14. 3.13 Footprinting Tools
    15. 3.14 Footprinting Countermeasures
    16. 3.15 Penetration Testing: Footprinting and Recon
  6. Lesson 4: Scanning Networks
    1. Learning objectives
    2. 4.1 Network Scanning Overview
    3. 4.2 Scanning Techniques
    4. 4.3 TCP/UDP Refresher
    5. 4.4 TCP Scanning Types
    6. 4.5 More TCP Scanning Techniques
    7. 4.6 Nmap Demo
    8. 4.7 IDS Evasion
    9. 4.8 Banner Grabbing
    10. 4.9 Vulnerability Scanning
    11. 4.10 Network Diagramming
    12. 4.11 Using and Chaining Proxies
    13. 4.12 HTTP and SSH Tunneling
    14. 4.13 Anonymizers
    15. 4.14 IP Spoofing and Countermeasures
    16. 4.15 Penetration Testing: Scanning Networks
  7. Module 2: System Security
    1. Module introduction
  8. Lesson 5: Enumeration
    1. Learning objectives
    2. 5.1 Enumeration Overview
    3. 5.2 NetBIOS Enumeration
    4. 5.3 Users and Default Passwords
    5. 5.4 SNMP Enumeration
    6. 5.5 Linux Enumeration
    7. 5.6 LDAP, NTP, SMTP, DNS Enumeration
    8. 5.7 Enumerating IKE, IPsec, VPNs
    9. 5.8 Enumeration Countermeasures
    10. 5.9 Penetration Testing: Enumeration
  9. Lesson 6: Vulnerability Analysis
    1. Learning objectives
    2. 6.1 Introducing Vulnerability Research and Classification
    3. 6.2 Exploring Vulnerability Assessment
    4. 6.3 Vulnerability Management Lifecycle (Vulnerability Assessment Phases)
    5. 6.4 Understanding Different Approaches of Vulnerability Assessment Solutions
    6. 6.5 Overview of Vulnerability Scoring Systems
    7. 6.6 Vulnerability Assessment Tools
    8. 6.7 Overview of Vulnerability Assessment Reports
  10. Lesson 7: System Hacking
    1. Learning objectives
    2. 7.1 Hacking Methodology
    3. 7.2 Password Cracking
    4. 7.3 Keyloggers and Anti-keyloggers
    5. 7.4 Microsoft Authentication
    6. 7.5 Defense Against Password Cracking
    7. 7.6 Privilege Escalation
    8. 7.7 Executing Applications
    9. 7.8 Rootkits and Anti-rootkits
    10. 7.9 NTFS Stream Manipulation
    11. 7.10 Steganography and Steganalysis Methods
    12. 7.11 Covering Tracks
    13. 7.12 Penetration Testing: System Hacking
  11. Lesson 8: Malware Threats
    1. Learning objectives
    2. 8.1 Understanding Malware and Malware Propagation Techniques
    3. 8.2 Trojans, Backdoors, Viruses, Worms
    4. 8.3 Indications of Infection
    5. 8.4 Common Ports
    6. 8.5 How Malware Gets Into a System
    7. 8.6 How to Detect
    8. 8.7 Anti-malware Software
    9. 8.8 Online Malware Analysis Services
    10. 8.9 Countermeasures
    11. 8.10 Penetration Testing: Malware Threats
  12. Lesson 9: Sniffing
    1. Learning objectives
    2. 9.1 Sniffing Overview
    3. 9.2 Sniffing Attack Types
    4. 9.3 Protocol Analyzers
    5. 9.4 Sniffing Tools
    6. 9.5 Sniffing Detection and Defense
    7. 9.6 Penetration Testing: Sniffing
  13. Lesson 10: Social Engineering
    1. Learning objectives
    2. 10.1 Social Engineering Concepts
    3. 10.2 Social Networking
    4. 10.3 Identity Theft
    5. 10.4 Social Engineering Countermeasures
    6. 10.5 Understanding Social Engineering
    7. 10.6 Surveying Social Engineering Methodologies
    8. 10.7 Understanding How to Target Employees
    9. 10.8 Exploring Social Engineering Tools
    10. 10.9 Exploring the Social Engineering Toolkit (SET)
    11. 10.10 Surveying Social Engineering Case Studies
    12. 10.11 Penetration Testing: Social Engineering
  14. Module 3: Network Security
    1. Module introduction
  15. Lesson 11: Denial-of-Service (DoS)
    1. Learning objectives
    2. 11.1 DoS/DDoS Overview
    3. 11.2 DoS Techniques
    4. 11.3 Botnets
    5. 11.4 DoS Attack Tools
    6. 11.5 Detection and Countermeasures
    7. 11.6 DDoS Protection Tools
    8. 11.7 Penetration Testing: DoS
  16. Lesson 12: Session Hijacking
    1. Learning objectives
    2. 12.1 What Is Session Hijacking?
    3. 12.2 Techniques
    4. 12.3 Application Level Session Hijacking
    5. 12.4 MitM Attacks
    6. 12.5 Cross-site Attacks
    7. 12.6 Network Level Hijacking
    8. 12.7 Session Hijacking Tools
    9. 12.8 Hijacking Protection
    10. 12.9 Penetration Testing: Session Hijacking
  17. Module 4: Web Services Security
    1. Module introduction
  18. Lesson 13: Hacking Webservers
    1. Learning objectives
    2. 13.1 Webserver Concepts
    3. 13.2 Webserver Attacks
    4. 13.3 Attack Methodology
    5. 13.4 Countermeasures
    6. 13.5 System Patch Management
    7. 13.6 Security Tools
    8. 13.7 Exploring CMS and Framework Identification
    9. 13.8 Surveying Web Crawlers and Directory Brute Force
    10. 13.9 Understanding How Web Application Scanners Work
    11. 13.10 Introducing Nikto
    12. 13.11 Introducing the Burp Suite
    13. 13.12 Introducing OWASP Zed Application Proxy (ZAP)
    14. 13.13 Introducing OpenVAS
  19. Lesson 14: Hacking Web Applications
    1. Learning objectives
    2. 14.1 Attack Vectors and Threats
    3. 14.2 Footprinting
    4. 14.3 Authentication and Authorization System Attacks
    5. 14.4 Understanding the Need for Web Application Penetration Testing
    6. 14.5 Exploring How Web Applications Have Evolved Over Time
    7. 14.6 Understanding the Web Application Protocols
    8. 14.7 Exploring the HTTP Request and Response
    9. 14.8 Surveying Session Management and Cookies
    10. 14.9 Understanding the APIs
    11. 14.10 Exploring the Tools Used to Test the APIs
    12. 14.11 Exploring Cloud Services
    13. 14.12 Exploring Web Application Frameworks
    14. 14.13 Surveying Docker Containers
    15. 14.14 Introducing DevOps
    16. 14.15 Understanding Authentication Schemes in Web Applications
    17. 14.16 Exploring Session Management Mechanisms and Related Vulnerabilities
    18. 14.17 Database Connectivity Attacks
  20. Lesson 15: Advanced Web Application Hacking
    1. Learning objectives
    2. 15.1 Understanding What is Command Injection
    3. 15.2 Exploiting Command Injection Vulnerabilities
    4. 15.3 Understanding What is XML Injection
    5. 15.4 Exploiting XML Injection Vulnerabilities
    6. 15.5 Undertanding How to Mitigate Injection Vulnerabilities
    7. 15.6 Understanding What is XSS
    8. 15.7 Exploiting Reflected XSS Vulnerabilities
    9. 15.8 Exploiting Stored XSS Vulnerabilities
    10. 15.9 Exploiting DOM Based XSS Vulnerabilities
    11. 15.10 Understanding Cross-Site Request Forgery (CSRF)
    12. 15.11 Exploiting CSRF Vulnerabilities
    13. 15.12 Evading Web Application Security Controls
    14. 15.13 Mitigating XSS and CSRF Vulnerabilities
    15. 15.14 Surveying the Client-side Code and Storage
    16. 15.15 Understanding HTML5 Implementations
    17. 15.16 Understanding AJAX Implementations
    18. 15.17 Mitigating AJAX, HTML5, and Client-side Vulnerabilities
    19. 15.18 Understanding the Other Common Security Flaws in Web Applications
    20. 15.19 Exploiting Insecure Direct Object References and Path Traversal
    21. 15.20 Surveying Information Disclosure Vulnerabilities
    22. 15.21 Fuzzing Web Applications
    23. 15.22 Web Application Security Tools
    24. 15.23 Web Application Firewalls
  21. Lesson 16: SQL Injection
    1. Learning objectives
    2. 16.1 Overview
    3. 16.2 Attacks Using SQL Injection
    4. 16.3 Methodology
    5. 16.4 Understanding SQL Injection
    6. 16.5 Exploiting SQL Injection Vulnerabilities
    7. 16.6 SQL Injection Defense
    8. 16.7 Detection Tools
  22. Module 5: Wireless and Internet Security
    1. Module introduction
  23. Lesson 17: Hacking Wireless
    1. Learning objectives
    2. 17.1 Wireless LAN Overview
    3. 17.2 Wireless Encryption
    4. 17.3 Wireless Threats
    5. 17.4 Understanding Wireless Antennas
    6. 17.5 Surveying Wi-Fi Devices Like the Pinneaple
    7. 17.6 Building Your Own Lab
    8. 17.7 Introducing the Aircrack-ng Suite
    9. 17.8 Introducing Airmon-ng
    10. 17.9 Understanding Airodump-ng
    11. 17.10 Introducing Aireplay-ng
    12. 17.11 Introducing Airdecap-ng
    13. 17.12 Introducing Airserv-ng
    14. 17.13 Introducing Airtun-ng
    15. 17.14 Understanding WEP Fundamentals
    16. 17.15 Learning How to Crack WEP
    17. 17.16 Understanding WPA Fundamentals
    18. 17.17 Surveying Attacks Against WPA2-PSK Networks
    19. 17.18 Using coWPAtty
    20. 17.19 Using Pyrit
    21. 17.20 Exploring WPA Enterprise Hacking
    22. 17.21 Using Kismet
    23. 17.22 Using Wireshark
    24. 17.23 Defining Evil Twin Attacks
    25. 17.24 Performing Evil Twin Attacks
    26. 17.25 Using Karmetasploit
    27. 17.26 Bluetooth and Bluejacking
    28. 17.27 Understanding Bluetooth Vulnerabilities
    29. 17.28 Surveying Tools for Bluetooth Monitoring
    30. 17.29 Wireless Attack Defense
    31. 17.30 Wireless IPS
  24. Lesson 18: IDS, Firewalls, and Honeypots
    1. Learning objectives
    2. 18.1 IDS, Firewall, and Honeypot Concepts
    3. 18.2 Firewall Tools
    4. 18.3 Honeypot Tools
    5. 18.4 IDS Tools
    6. 18.5 Evading IDS and Firewalls
    7. 18.6 Evading IDS and Firewall Tools
    8. 18.7 Detecting Honeypots
    9. 18.8 Penetration Testing: IDS, Firewalls, and Honeypots
  25. Lesson 19: Cloud Computing
    1. Learning objectives
    2. 19.1 Overview
    3. 19.2 Providers
    4. 19.3 Detection
    5. 19.4 Instance and VPC Security Methods
    6. 19.5 Cloud Use as a Pen Testing Source
    7. 19.6 Understanding the Challenge of Testing Cloud Services
    8. 19.7 Exploring How to Test in the Cloud
  26. Lesson 20: Cryptography
    1. Learning objectives
    2. 20.1 Overview
    3. 20.2 Algorithms
    4. 20.3 Tools
    5. 20.4 Public Key Infrastructure
    6. 20.5 Email
    7. 20.6 Disk Encryption and Tools
    8. 20.7 Attacks Against Cryptography
    9. 20.8 Cryptanalysis Tools
  27. Lesson 21: IoT Hacking
    1. Learning objectives
    2. 21.1 Understanding IoT Fundamentals
    3. 21.2 Exploring ZigBee and IEEE 802.15.4
    4. 21.3 Exploring INSTEON
    5. 21.4 Exploring ZWave
    6. 21.5 Exploring LoRA
    7. 21.6 Overview of IoT Penetration Testing
    8. 21.7 IoT Security Tools
  28. Lesson 22: Hacking Mobile Platforms
    1. Learning objectives
    2. 22.1 Understanding OWASP Mobile Device Vulnerabilities
    3. 22.2 Wrestling with the BYOD Dilemma
    4. 22.3 Understanding Mobile Device Management (MDM)
    5. 22.4 Understanding Mobile Device Security Policies
    6. 22.5 Exploring The Android Security Model
    7. 22.6 Exploring Android Emulators and SDK
    8. 22.7 Understanding Android Hacking Tools and Methodologies
    9. 22.8 Introducing iOS Security
    10. 22.9 Exploring Jailbraking iOS
    11. 22.10 Surveying Tools for Dissasembling iOS Applications
    12. 22.11 Understanding Mobile Spyware
    13. 22.12 Exploring How to Make Your Own STORM-like Mobile Hacking Device
  29. Summary
    1. Certified Ethical Hacker (CEH): Summary

Product information

  • Title: Certified Ethical Hacker (CEH), 2nd Edition
  • Author(s): Omar Santos / Nick Garner / William Bo Rothwell
  • Release date: July 2019
  • Publisher(s): Pearson
  • ISBN: 0135647452