Certified Professional Ethical Hacker (CPEH) – Outline

Detailed Course Outline

  • Module 1 – Introduction to Ethical Hacking a. What and Why? b. Differences c. Security Definitions d. Risk Management e. Methodologies Module 2 – Linux Fundamentals a. Core Concepts b. The shell and other items you need to know c. Managing users d. Basic Commands Module 3 – Protocols a. Network Models b. Protocols & Services Module 4 – Cryptography a. Understanding Cryptography b. Symmetric Encryption c. Asymmetric Encryption d. Hashing e. Cryptography in Use f. Crypto Attacks Module 5 – Password Cracking a. What and Why b. Attacks and Tools of the Trade c. Countermeasures
  • Module 6 – Malware a. DOS & DDOS b. Viruses & Backdoors c. Trojans and Backdoors d. Ransomeware
  • Module 7 – Security Devices a. Basic Security Elements b. Security Appliances
  • Module 8 – Information Gathering a. What are we looking for? b. Where/How do we find this information? c. Are there tools to help? Module 9 – Social Engineering a. Social Engineering Types b. Phishing Scams
  • Module 10 – Reconnaissance a. What are we looking for? b. Port Scanning c. Are there tools to help? d. Banner Grabbing e. Enumeration Module 11 – Vulnerability Assessment a. What is a Vulnerability Assessment b. Tools of the Trade c. Testing Internal and External Systems Module 12 - Network Attacks a. Sniffing Techniques b. Hijacking Module 13 – Hacking Servers a. Servers, What are they good for? b. What is an Exploit? c. Tools of the Trade Module 14 – Hacking Web Technologies a. OWASP Top 10 b. SQL Injection c. XSS Module 15 – Hacking Wireless Networks a. Wireless Technologies b. Mobile and IoT Technologies c. Various Tools Used d. Hacking Techniques e. Countermeasures Module 16 – Maintaining Access and Covering Tracks a. Maintaining Access b. Covering Tracks
  • Detailed Labs Outline:
  • Lab 1 – Intro to C)PEH Setup a. Recording Ips and Logging into VMs b. Joining the Domain
  • Lab 2 - Linux Fundamentals a. Command Line Tips and Tricks b. Linux Networking for Beginners c. Using FTP during a Pentest
  • Lab 3 – Understanding Protocols a. Analyze http session
  • Lab 4 - Cryptography Lab a. Hashing Data of all Sorts b. The Basics of Cryptographic Algorithms
  • Lab 5 – Password Cracking
  • Lab 6 - Malware a. Creating a virus b. Beast Trojan
  • Lab 7 – Information Gathering a. Google Queries b. Searching Pastebin c. Maltego d. People Search Using the Spokeo Online Tool e. Recon with Chrome f. Nslookup
  • Lab 8 – Information Gathering – Active Reconnaissance a. Scanning with Nmap b. Scanning with Hping c. Banner Grabbing d. Enumerating a local System with Hyena e. SMTP Enumeration f. Ad Enumeration
  • Lab 9 – Vulnerability Assessment a. Vulnerability Assessment with Nessus b. Vulnerability Assessment with Saint
  • Lab 10 – Network Sniffing/IDS a. Sniffing Passwords with Wireshark b. Performing MtM with Cain c. Performing MtM with sslstrip
  • Lab 11 - Windows Hacking a. Attack Windows 7 with Client-Side Exploit b. Windows 2012 Reverse TCP Exploit c. Cracking with John the Ripper Lab 12 – Attacking Databases a. Attacking MySQL Database b. Manual SQL Injection
  • Lab 13 – Attacking Web Applications a. Attacking with XSS b. Attacking with CSRF
  • Lab 14 - Backdoors a. Setting up a Backdoor