Ec Council – Certified Ethical Hacker – CEH v10 – Exercices List Complete

Module 02 Footprinting and Reconnaissance

Exercise 1: Open Source Information Gathering Using Windows Command Line Utilities
Exercise 2: Collecting Information About a Target Website Using Firebug
Exercise 3: Mirroring Website Using HTTrack Web Site Copier
Exercise 4: Advanced Network Route Tracing Using Path Analyzer Pro
Exercise 5: Information Gathering Using Metasploit

Module 03 Scanning Networks

Exercise 1: UDP and TCP Packet Crafting Techniques using HPING3
Exercise 2: Scanning The Network Using The Colasoft Packet Builder
Exercise 3: Basic Network Troubleshooting Using MegaPing
Exercise 4: Understanding Network Scanning Using Nmap
Exercise 5: Exploring Various Network Scanning Techniques
Exercise 6: Scanning a Network Using NetScan Tools Pro
Exercise 7: Avoiding Scanning Detection using Multiple Decoy IP Addresses
Exercise 8: Drawing Network Diagrams Using Network Topology Mapper
Exercise 9: Checking for Live Systems Using Angry IP Scanner
Exercise 10: Scanning for Network Traffic Going Through a Computer’s Adapter Using IP-Tools
Exercise 11: Identify Target System OS with TTL and TCP Window Sizes using Wireshark

Module 04 Enumeration

Exercise 1: NetBIOS Enumeration Using Global Network Inventory
Exercise 2: Enumerating Network Resources Using Advanced IP Scanner
Exercise 3: Performing Network Enumeration Using SuperScan
Exercise 4: Enumerating Resources in a Local Machine Using Hyena
Exercise 5: Performing Network Enumeration Using NetBIOS Enumerator
Exercise 6: Enumerating a Network Using SoftPerfect Network Scanner
Exercise 7: Enumerating a Target Network using Nmap and Net Use
Exercise 8: Enumerating Services on a Target Machine
Exercise 9: SNMP Enumeration Using snmp_enum
Exercise 10: LDAP Enumeration Using Active Directory Explorer (ADExplorer)
Exercise 11: Enumerating information from Windows and Samba host using Enum4linux

Module 05 Vulnerability Analysis

Exercise 1: Vulnerability Analysis Using Nessus
Exercise 2: CGI Scanning with Nikto

Module 06 System Hacking

Exercise 1: Dumping and Cracking SAM Hashes to Extract Plaintext Passwords
Exercise 2: Creating and Using Rainbow Tables
Exercise 3: Auditing System Passwords Using L0phtCrack
Exercise 4: Exploiting Client Side Vulnerabilities and Establishing a VNC Session
Exercise 5: Escalating Privileges by Exploiting Client Side Vulnerabilities
Exercise 6: Hacking Windows 10 using Metasploit, and Post-Exploitation Using Meterpreter
Exercise 7: User System Monitoring and Surveillance Using Spytech SpyAgent
Exercise 8: Web Activity Monitoring and Recording using Power Spy
Exercise 9: Hiding Files Using NTFS Streams
Exercise 10: Hiding Data Using White Space Steganography
Exercise 11: Image Steganography Using OpenStego
Exercise 12: Image Steganography Using Quick Stego
Exercise 13: Viewing, Enabling, and Clearing Audit Policies Using Auditpol
Exercise 14: Covert Channels using Covert_TCP
Exercise 15: Hacking Windows Server 2012 with a Malicious Office Document Using TheFatRat
Exercise 16: Active Online Attack using Responder

Module 07 Malware Threats

Exercise 1: Creating an HTTP Trojan and Remotely Controlling a Target Machine Using HTTP RAT
Exercise 2: Creating a Trojan Server Using the GUI Trojan MoSucker
Exercise 3: Gaining Control over a Victim Machine Using njRAT
Exercise 4: Obfuscating a Trojan Using SwayzCryptor and Making it Undetectable to Various Anti-Virus Programs
Exercise 5: Creating a Server Using the ProRat Tool
Exercise 6: Creating a Trojan Server Using Theef
Exercise 7: Creating a Virus Using the JPS Virus Maker Tool
Exercise 8: Creating a Worm Using Internet Worm Maker Thing
Exercise 9: Virus Analysis using IDA
Exercise 10: Virus Analysis Using OllyDbg
Exercise 11: Detecting Trojans
Exercise 12: Monitoring TCP/IP Connections Using the CurrPorts
Exercise 13: Removing Malware using Clamwin
Exercise 14: Performing Registry Entry Monitoring
Exercise 15: Startup Program Monitoring Tool

Module 08 Sniffing

Exercise 1: Sniffing Passwords using Wireshark
Exercise 2: Analyzing a Network Using Capsa Network Analyzer
Exercise 3: Spoofing MAC Address Using SMAC
Exercise 4: Performing Man-in-the-Middle Attack using Cain & Abel
Exercise 5: Detecting ARP Poisoning in a Switch Based Network
Exercise 6: Detecting ARP Attacks with XArp Tool

Module 09 Social Engineering

Exercise 1: Sniffing Website Credentials Using Social Engineering Toolkit (SET)

Module 10 Denial-of-Service

Exercise 1: SYN Flooding a Target Host Using Metasploit
Exercise 2: SYN Flooding a Target Host Using hping3
Exercise 3: Performing Distributed Denial of Service Attack Using HOIC

Module 11 Session Hijacking

Exercise 1: Session Hijacking Using the Zed Attack Proxy (ZAP)

Module 12 Evading IDS Firewalls and Honeypots

Exercise 1: Detecting Intrusions Using Snort
Exercise 2: Detecting Malicious Network Traffic Using HoneyBOT
Exercise 3: Bypassing Windows Firewall Using Nmap Evasion Techniques
Exercise 4: Bypassing Firewall Rules Using HTTP/FTP Tunneling
Exercise 5: Bypassing Windows Firewall using Metasploit

Module 13 Hacking Web Servers

Exercise 1: Performing Web Server Reconnaissance using Skipfish
Exercise 2: Footprinting a Web Server Using the httprecon Tool
Exercise 3: Footprinting a Web Server Using ID Serve
Exercise 4: Cracking FTP Credentials Using Dictionary Attack
Exercise 5: Uniscan Web Server Fingerprinting in Kali Linux

Module 14 Hacking Web Applications

Exercise 1: Exploiting Parameter Tampering and XSS Vulnerabilities in Web Applications
Exercise 2: Enumerating and Hacking a Web Application Using WPScan and Metasploit
Exercise 3: Exploiting Remote Command Execution Vulnerability to Compromise a Target Web Server
Exercise 4: Auditing Web Application Framework Using Vega
Exercise 5: Website Vulnerability Scanning Using Acunetix WVS
Exercise 6: Exploiting File Upload Vulnerability at Different Security Levels
Exercise 7: Performing Cross-Site Request Forgery (CSRF) Attack

Module 15 SQL Injection

Exercise: 1 SQL Injection Attacks on an MS SQL Database
Exercise: 2 Scanning Web Applications Using N-Stalker Tool
Exercise: 3 Performing SQL Injection attack against MSSQL to extract Databases and WebShell using SQLMAP

Module 16 Hacking Wireless Networks

Exercise: 1 WiFi Packet Analysis using Wireshark
Exercise: 2 Cracking a WEP with Aircrack-ng
Exercise: 3 Cracking a WPA (Wi-Fi Protected Access) with Aircrack-ng

Module 17 Hacking Mobile Platforms

Exercise: 1 Creating Binary Payloads using Kali Linux to Hack Android
Exercise: 2 Harvesting Users’ Credentials Using the Social Engineering Toolkit

Module 19 Cloud Computing

Exercise: 1 Creating User Accounts and Assigning User Rights in ownCloud
Exercise: 2 Securing ownCloud from Malicious File uploads using ClamAV
Exercise: 3 Bypassing ownCloud Antivirus and Hacking the Host using Kali Linux
Exercise: 4 Implementing DoS Attack on Linux Cloud Server Using Slowloris Script

Module 20 Cryptography

Exercise 1: Calculating One-Way Hashes Using HashCalc
Exercise 2: Calculating MD5 Hashes Using MD5 Calculator
Exercise 3: Understanding File and Text Encryption Using CryptoForge
Exercise 4: Encrypting and Decrypting the Data Using BCTextEncoder
Exercise 5: Creating and Using Self-Signed Certificate
Exercise 6: Basic Disk Encryption Using VeraCrypt
Exercise 7: Basic Data Encryption Using CrypTool

Ec Council – Certified Ethical Hacker – CEH v10 – ilabs Complete

Module 02 – Footprinting and Reconnaissance

The objective of the lab is to extract information about the target organization that includes, but is not limited to:

• Internet Protocol (IP) address and IP range associated with the target
• Purpose of organization and why it exists
• Size of the organization
• Class of its IP block
• People and contacts at the target
• Types of operating systems (OS) and network topology in use
• Type of firewall implemented, either hardware or software or combination
• Type of remote access used, either SSH or VPN

Module 03 – Scanning Networks

The objective of this lab is to help students in conducting network scanning, port scanning, analyzing the network vulnerabilities, and so on.
You need to perform a network scan to:

• Check live systems and open ports
• Perform banner grabbing and OS fingerprinting
• Identify network vulnerabilities
• Draw network diagrams of vulnerable hosts

Module 04 – Enumeration

The objective of this lab is to provide expert knowledge on network enumeration and other responsibilities that include:

• User name and user groups
• Lists of computers, their operating systems, and ports
• Machine names, network resources, and services
• Lists of shares on individual hosts on the network
• Policies and passwords

Module 05 – Vulnerability Analysis

The objective of this lab is to help students in conducting vulnerability scanning, analyzing the network vulnerabilities, and so on.
You need to perform a network scan to:

• Check live systems and open ports
• Perform banner grabbing and OS fingerprinting
• Identify network vulnerabilities
• Draw network diagrams of vulnerable hosts

Module 06 – System Hacking

The goal of system hacking is to gain access, escalate privileges, execute applications, and hide files.
The objective of this lab is to help students learn to monitor a system remotely and to extract hidden files and other tasks that include:

• Extracting administrative passwords
• Hiding files and extracting hidden files
• Recovering passwords
• Monitoring a system remotely

Module 07 – Malware Threats

The objective of this lab includes:

• Creating and using different types of malware, such as Trojans, Viruses, and Worms, and exploiting a target machine as proof of concept
• Detecting malware

Module 08 – Sniffing

The objective of this lab is to make students learn to sniff a network and analyze packets for any attacks on the network.
The primary objectives of this lab are to:

• Sniff the network
• Analyze incoming and outgoing packets
• Troubleshoot the network for performance
• Secure the network from attacks

Module 09 – Social Engineering

The objective of this lab is to:

• Perform Credential Harvesting

Module 10 – Denial-of-Service

The objective of this lab is to help students learn to perform Denial of Service attacks and test a network for DoS flaws.
In this lab, you will:

• Perform a DoS attack by sending a large number of SYN packets continuously
• Perform a HTTP flooding attack
• Perform a DDoS attack
• Detect and analyze DoS attack traffic

Module 11 – Session Hijacking

The objective of this lab is to help students learn session hijacking and take over a user account.
In this lab, you will:

• Intercept the Traffic between server and client
• Attain a user session by intercepting the traffic
• Perform ARP Poisoning using Cain & Abel
• Modify Cookies and Hijack a session using Firebug

Module 12 – Evading IDS Firewalls and Honeypots

The objective of this lab is to help students learn and detect intrusions in a network, log, and view all log files.
In this lab, you will learn how to:

• Install and configure Snort IDS
• Detect Intruders using HoneyBot
• Bypassing Windows Firewall Using Nmap
• Bypassing Firewall Rules Using HTTP/FTP Tunneling
• Bypassing Windows Firewall using Metasploit

Module 13 – Hacking Web Servers

The objective of this lab is to help students learn to detect unpatched security flaws, verbose error messages, and much more.
The objective of this lab is to:

• Perform Web Server Security Reconnaissance
• Detect unpatched security flaws like Shellshock bug
• Crack remote passwords

Module 14 – Hacking Web Applications

The objective of this lab is to provide expert knowledge of web application vulnerabilities and attacks, such as:

• Parameter tampering
• Cross-Site Scripting (XSS)
• Stored XSS
• Username and Password Enumeration
• Exploiting WordPress Plugin Vulnerabilities
• Exploiting Remote Command Execution Vulnerability
• Web Application Auditing Framework
• Website Vulnerability Scanning

Module 15 – SQL Injection

The objective of this lab is to provide expert knowledge on SQL Injection attacks and other responsibilities that include:

• Understanding when and how web application connects to a database server in order to access data
• Extracting basic SQL Injection flaws and vulnerabilities
• Testing web applications for Blind SQL Injection vulnerabilities
• Scanning web servers and analyzing the reports
• Securing information in web applications and web servers

Module 16 – Hacking Wireless Networks

The objective of this lab is to protect the wireless network from attackers.
In this lab, you will learn how to:

• Analyze Wireless Network Traffic using Wireshark
• Crack WEP using aircrack-ng
• Crack WPA using aircrack-ng

Module 17 – Hacking Mobile Platforms

The objective of this lab is to help students learn to detect unpatched security flaws in mobile devices, and use them for performing penetration testing.
The objective of this lab is to:

• Exploit the vulnerabilities in an Android device
• Crack websites passwords
• Use Android device to perform a DoS attack on a machine
• Perform Security Assessment on an Android Device

Module 19 – Cloud Computing

The objective of this lab is to help students to build a cloud server, secure it with OpenSSL Encryption, and exploit java vulnerability to harvest user credentials.
In this lab, you will:

• Create User Accounts and assign user rights
• Securing ownCloud from malicious file uploads using ClamAV
• Bypassing ownCloud Antivirus and hacking the host using Kali Linux

Module 20 – Cryptography

This lab will show you how to use encryption tools to encrypt data. It will teach you how to:

• Use encrypting/decrypting techniques
• Generate Hashes and checksum files

Tags : Footprinting and Reconnaissance, Scanning Networks, Enumeration, Vulnerability Analysis , System Hacking, Malware Threats, Sniffing, Social Engineering, Denial-of-Service, Session Hijacking, Evading IDS Firewalls and Honeypots, Hacking Web Servers, Hacking Web Applications, SQL Injection, Hacking Wireless Networks, Hacking Mobile Platforms, Cloud Computing, Cryptography