The CEH or Certified Ethical Hacker is one of the most prestigious courses in the field of hacking and cybersecurity offered by the EC-Council Institute. In 2024, version 13 of this course was released, which has significant changes and updates over the previous versions (versions 12 and 11). In CEH v13, more emphasis has been placed on emerging topics. Changes in the topics and educational content of the topics related to Industrial Systems Security (SCADA/ICS), 5G Network Security, and DevOps Security have become completer and more comprehensive, and this version has also updated the hacking of GSM and mobile networks and paid more attention to Supply Chain Attacks and Zero-Day Exploits.
Tools used in CEH v13
The CEH v13 course uses a suite of advanced and specialized tools for ethical hacking and penetration testing. These tools are divided into a few general categories, which include tools for detection, scanning, exploitation, cryptography, network traffic analysis, social engineering, and many others. Here are the important tools for the CEH v13 course, along with the relevant category:
1. Reconnaissance and Footprinting Tools
These tools are used to gather information in the early stages of attacks.
- Nmap: A tool to scan ports and identify devices active on the network
- Maltego: Public and Private Data Identification and Analysis Tool
- Recon-ng: A Framework for Gathering Information from Different Sources
- theHarvester: A tool for collecting email, domain names, IPs, and network infrastructure
2. Scanning and Vulnerability Assessment Tools
These tools are used to identify vulnerabilities in systems and networks.
- Nessus: Vulnerability Detection Tool in Systems and Networks
- OpenVAS: A Framework for Scanning Security Vulnerabilities
- Nikto: Web Server Scanner to Identify Web Application Vulnerabilities
- Netcat: A tool for scanning and connecting networks to identify ports and open connections
3. Exploitation Tools
These tools are used to penetrate systems and exploit vulnerabilities.
- Metasploit: A Framework for Exploiting Vulnerabilities and Intrusions into Systems
- SQLMap: Penetration Testing Tool for Detecting and Exploiting SQL Injection Attacks
- BeEF (Browser Exploitation Framework): A tool for exploiting browsers
- ExploitDB: A Database for Searching for Registered Vulnerabilities
4. Password Cracking and Cryptography Tools
These tools are used to crack passwords and analyze cryptographic algorithms.
- John the Ripper: Password Cracking Tool Using Dictionary Attacks and Brute Force
- Hashcat: The Fastest Hash Cracking Tool Using GPUs
- Hydra: Brut Force Attack Tool on Various Network Services
- Cain & Abel: Tool for Cracking Passwords, Recording Network Traffic, and Bruteforce Attacks
5. Sniffing and Traffic Analysis Tools
These tools are used to analyze network packets and listen to information.
- Wireshark: Network Packet Analysis and Traffic Checking Tool on Wired and Wireless Networks
- Tcpdump: A Tool for Capturing and Analyzing Network Packets
- Ettercap: A tool to perform man-in-the-middle eavesdropping attacks on networks
- Kismet: Wireless Network Traffic Detection and Eavesdropping Tool
6. Social Engineering Tools
These tools are used for deception-based attacks and human interaction.
- Social-Engineer Toolkit (SET): A set of tools for executing social engineering attacks
- Phishing Frameworks: Tools Like Gophish to Run Phishing Attacks
- Maltego: In addition to collecting information, it is also used to analyze social relationships
7. Web Application Hacking Tools
Web hacking tools to identify and exploit vulnerabilities in web applications.
- Burp Suite: A Framework for Testing the Security of Web Applications
- OWASP ZAP: Web Application Penetration Analysis and Testing Tool
- W3af: Web Application Vulnerability Detection and Exploitation Tool
- DirBuster: Hidden Web Directories Search & Find Tool
8. Wireless Hacking Tools
These tools are used to infiltrate wireless networks and identify their vulnerabilities.
- Aircrack-ng: A Collection of Tools for Attacks on Wireless Networks
- Kismet: Wireless Network Detection and Wireless Traffic Analysis Tool
- Fern WiFi Cracker: Wireless Network Penetration Test Tool
- Reaver: Exploiting WPS Vulnerabilities in Wi-Fi Networks
9. Malware Analysis Tools
These tools are used to detect and analyze malware.
- Cuckoo Sandbox: A Tool for Executing Malware in a Simulated Environment and Analyzing Their Behavior
- Remnux: Linux Distribution for Malware Analysis
- Ghidra: Reverse Engineering and Malware Analysis Tool
- OllyDbg: Debugger for Analyzing Windows Applications
10. Cloud Security Tools
These tools are used to analyze and identify vulnerabilities in cloud environments.
- ScoutSuite: Cloud Services Security Settings Checker Tool
- Prowler: Vulnerability Detection Tool and Insecure Settings on AWS
- CloudSploit: Cloud Services Security Analysis Tool
11. Mobile Security Tools
Tools related to the identification and analysis of mobile vulnerabilities and mobile operating systems.
- MobSF (Mobile Security Framework): A tool for analyzing the security of mobile applications
- Drozer: A Framework for Identifying Vulnerabilities in Android Apps
- Frida: Mobile App Reverse Analysis and Engineering Tool
- APKTool: A tool to analyze APK files and reverse engineer Android apps
12. IoT Security Tools
Tools used to identify and analyze the security of IoT devices.
- IoT Inspector: IoT Device Security Analysis Tool
- Firmware Analysis Toolkit: Firmware Analysis Tool for IoT Devices
- JTAGulator: A Tool for Identifying and Analyzing IoT Hardware Debug Ports
13. Incident Management and Reporting Tools
These tools are used to manage incidents and prepare security reports.
- Splunk: Log Analysis and Security Event Management Tool
- ELK Stack: A suite of tools for collecting and analyzing data and security logs
- Graylog: Log Management and Analysis Tool for Identifying Security Events
EC-Council – Certified Ethical Hacker – CEH v13
download link
Size: 9.5 GB
The EC-Council Certified Ethical Hacker (CEH) v13 course is designed to build expertise in ethical hacking methodologies, focusing on key areas like network security, threat intelligence, vulnerability assessment, and hacking techniques. With hands-on labs and real-world scenarios, the course prepares cybersecurity professionals to think like hackers, enabling them to protect networks effectively. The updated v13 covers critical areas such as malware threats, cloud security, and IoT. Ideal for cybersecurity roles, CEH v13 is globally recognized and equips participants with essential tools for safeguarding information systems.
Syllabus
Module 1: Introduction to Ethical Hacking
Module 2: Foot Printing and Reconnaissance
Module 3: Scanning Networks
Module 4: Enumeration
Module 5: Vulnerability Analysis
Module 6: System Hacking
Module 7: Malware Threats
Module 8: Sniffing
Module 9: Social Engineering
Module 10: Denial-of-Service
Module 11: Session Hijacking
Module 12: Evading IDS, Firewalls, and Honeypots
Module 13: Hacking Web Servers
Module 14: Hacking Web Applications
Module 15: SQL Injection
Module 16: Hacking Wireless Networks
Module 17: Hacking Mobile Platforms
Module 18: IoT and OT Hacking
Module 19: Cloud Computing
Module 20: Cryptography
- Design