CEH Practical & Master, iLAB Practice
Based on my experience, completing all of the official iLAB modules can lead to passing the exam. I've compiled a list of iLAB exercises that can enhance your technical skills. These exercises are not just for the purpose of the exam but also to improve your penetration testing techniques.
CEH Practical Website :
- https://www.eccouncil.org/train-certify/certified-ethical-hacker-ceh-practical/
- https://ilabs.eccouncil.org/ethical-hacking-exercises/
- https://www.uuu.com.tw/Course/Show/1609/CEH%E5%A4%A7%E5%B8%AB%E9%9B%99%E8%AA%8D%E8%AD%89%E5%AF%A6%E6%88%B0%E8%80%83%E8%A9%A6%E7%B8%BD%E8%A4%87%E7%BF%92%E7%8F%AD
- https://medium.com/blacksecurity/ceh-practical-master-3e80cac180a2
- Parrot OS and Linux command
- Basic Network concept
Footprinting and reconnaissance are the initial steps in penetration testing. You need to understand the usage methods of various tools for this purpose.
- Perform footprinting through web services
-
Gather an email list using theHarvester
-
Determine target OS through passive footprinting
- Perform website footprinting
- Gather information about a target website using ping command line utility
- Perform DNS footprinting
- Perform reverse DNS lookup using reverse IP domain check and DNSRecon
- Perform network footprinting Locate the network range
- Perform network tracerouting in Windows and Linux Machines
- Perform footprinting using various footprinting tools
- Footprinting a target using FOCA
Nmap is an important tool frequently utilized in penetration testing. Please learn how to use Nmap commands effectively.
- Perform host discovery
- Perform host discovery using Nmap
- Perform port and service discovery
-
Explore various network scanning techniques using Nmap
-
Explore various network scanning techniques using Hping3
- Perform OS discovery
-
Identify the target system’s OS with Time-to-Live (TTL) and TCP window sizes using Wireshark
-
Perform OS discovery using Nmap Script Engine (NSE)
You must understand various enumeration techniques.
- Perform NetBIOS enumeration
-
Perform NetBIOS enumeration using Windows command-line utilities
-
Perform NetBIOS enumeration using an NSE Script
- Perform SNMP enumeration
-
Perform SNMP enumeration using snmp-check
-
Perform SNMP enumeration using Nmap
- Perform LDAP enumeration
-
Perform LDAP enumeration using Python and Nmap
-
Perform LDAP enumeration using ldapsearch
- Perform DNS enumeration
-
Perform DNS enumeration using zone transfer
-
Perform DNS enumeration using Nmap
- Perform RPC, SMB, and FTP enumeration
- Perform RPC, SMB, and FTP enumeration using Nmap
Vulnerability assessment tools are commonly used. Please familiarize yourself with the basic usage methods of these tools.
- Perform vulnerability assessment using various vulnerability assessment tools
-
Perform vulnerability analysis using OpenVAS
-
Perform vulnerability scanning using Nessus
Please make sure to familiarize yourself with privilege escalation techniques.
- Gain access to the system
- Perform active online attack to crack the system’s password using Responder
- Perform privilege escalation to gain higher privileges
-
Escalate privileges in Linux machine by exploiting misconfigured NFS
-
Escalate privileges to gather hashdump using Mimikatz
- Maintain remote access and hide malicious activities
-
Image steganography using OpenStego and StegOnline
-
Maintain domain persistence by exploiting Active Directory Objects
- Clear logs to hide the evidence of compromise
- Clear Linux machine logs using the BASH shell
Reverse engineering is challenging, but here, please focus on becoming familiar with the tools' usage.
- Gain access to the target system using Trojans
- Gain control over a victim machine using the njRAT RAT Trojan
- Perform static malware analysis
-
Perform a strings search using BinText
-
Identify packaging and obfuscation methods using PEid
-
Analyze ELF executable file using Detect It Easy (DIE)
-
Find the portable executable (PE) information of a malware executable file using PE Explorer
-
Perform malware disassembly using IDA and OllyDbg
-
Perform malware disassembly using Ghidra
- Perform dynamic malware analysis
- Perform port monitoring using TCPView and CurrPorts
Please gain an understanding of network packet traffic analysis and the usage of Wireshark.
- Perform active sniffing
- Perform ARP poisoning using arpspoof
- Perform network sniffing using various sniffing tools
- Perform password sniffing using Wireshark
- Detect a phishing attack
- Detect phishing using Netcraft
Please gain an understanding of network packet traffic analysis and the usage of Wireshark.
- Perform DoS and DDoS attacks using various Techniques
-
Perform a DoS attack (SYN flooding) on a target host using Metasploit
-
Perform a DoS attack on a target host using hping3
- Detect session hijacking
- Detect session hijacking using Wireshark
- Evade firewalls using various evasion techniques
- Bypass windows firewall using Nmap evasion techniques
Web Server attack techniques are quite common. Please understand how to gather relevant version information and use cracking tools.
- Footprint the web server
-
Information gathering using Ghost Eye
-
Footprint a web server using Netcat and Telnet
-
Enumerate web server information using Nmap Scripting Engine (NSE)
-
Uniscan web server fingerprinting in Parrot Security
- Perform a web server attack
- Crack FTP credentials using a Dictionary Attack
Web applications often have vulnerabilities. Please understand how to gather relevant version information and utilize tools.
- Footprint the web infrastructure
-
Perform web application reconnaissance using Nmap and Telnet
-
Perform web application reconnaissance using WhatWeb
-
Perform web application vulnerability scanning using Vega
-
Identify clickjacking vulnerability using ClickjackPoc
- Perform web application attacks
-
Perform a brute-force attack using Burp Suite
-
Perform parameter tampering using Burp Suite
-
Identify XSS vulnerabilities in web applications using PwnXSS
-
Exploit parameter tampering and XSS vulnerabilities in web applications
Please gain an understanding of the concept of SQL Injection and the SQLMAP tool.
- Perform SQL injection attacks
-
Perform an SQL injection attack on an MSSQL database
-
Perform an SQL injection attack against MSSQL to extract databases using sqlmap
Please understand the differences between WEP, WPA, and WPA2, and become familiar with Aircrack-ng.
- Perform wireless traffic analysis
- Wi-Fi packet analysis using Wireshark
- Perform wireless attacks
-
Crack a WEP network using Aircrack-ng
-
Crack a WPA2 network using Aircrack-ng
Please become knowledgeable about mobile security techniques and get familiar with adb commands and the Phonesploit tool.
- Hack android devices
-
Exploit the Android platform through ADB using PhoneSploit
-
Hack an Android device by creating APK file using AndrORAT
- Secure Android Devices using Various Android Security Tools
- Analyze a malicious app using online Android analyzers
Please understand the packet structures of MQTT and Modbus.
- Perform footprinting using various footprinting techniques
- Gather information using online footprinting tools
- Capture and analyze IoT device traffic
- Capture and analyze IoT traffic using Wireshark
Cloud services are commonly used in our work, and I believe practicing with them is very worthwhile.
- Perform S3 bucket enumeration using various S3 bucket enumeration tools
-
Enumerate S3 buckets using lazys3
-
Enumerate S3 buckets using S3Scanner
Cryptography is crucial in the field of information security. It's essential to understand the concept of encryption and decryption, as well as how to use cryptographic tools.
- Encrypt the information using various cryptography tools
-
Calculate one-way hashes using HashCalc
-
Calculate MD5 hashes using MD5 Calculator
-
Calculate MD5 hashes using HashMyFiles
-
Encrypt and decrypt data using BCTextEncoder
- Perform disk encryption
-
Perform disk encryption using VeraCrypt
-
Perform disk encryption using BitLocker Drive Encryption
- Perform cryptanalysis using various cryptanalysis tools
- Perform cryptanalysis using CrypTool
The Engage Lab is an exercise to test your familiarity with tools and vulnerabilities. If you can solve most of the questions, you will be able to pass the exam smoothly.
- Engage 1 - 4