SlideShare a Scribd company logo

Domain 2 of CEH v11: Reconnaissance Techniques

S
ShivamSharma909

Reconnaissance is the initial step that every ethical hacker follows. Reconnaissance is a method of gathering all the important information about our target system and network. The ethical hacker follows the below steps to gather the maximum information about the target: https://www.infosectrain.com/blog/domain-2-of-ceh-v11-reconnaissance-techniques/

Education
1 of 12
Download to read offline
CEH v11 Reconnaissance Techniques DOMAIN 2 www.infosectrain.com
www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
Reconnaissance Techniques Reconnaissance is the initial step that every ethical hacker follows. Reconnaissance is a method of gathering all the important information about our target system and network. The ethical hacker follows the below steps to gather the maximum information about the target: > Collect the initial information > Determine the range of the network > Identifies the active machines > Identifies the access ports and open ports > Fingerprint the operating system > Uncover services on ports > And finally, map them. www.infosectrain.com | sales@infosectrain.com 02 DOMAIN 2 Reconnaissance Techniques In this blog, we will discuss the 2nd domain of CEH, which is ‘Reconnaissance Techniques’
Types of Reconnaissance www.infosectrain.com | sales@infosectrain.com 03 DOMAIN 2 Reconnaissance Techniques There are two types of reconnaissance: Passive reconnaissance Passive reconnaissance is the process of gathering information about a target computer or network without actively using it. It’s a way to acquire data about a victim without making them aware of it. Ethical hackers use tools like Shodan and Wireshark to perform passive reconnaissance. Active reconnaissance Active reconnaissance is a process of gathering information by directly engaging with the target system. Ethical hackers can perform active reconnaissance by using different tools like Netcat, Ping, and Traceroute. This recon is faster and accurate; simultaneously, the chances of getting detected are also very high because the ethical hacker is directly interacting with the target system.
www.infosectrain.com | sales@infosectrain.com 04 Reconnaissance Techniques DOMAIN 2 Reconnaissance Techniques There are three reconnaissance techniques: > Footprint and reconnaissance > Scanning networks > Enumeration.
01 www.infosectrain.com | sales@infosectrain.com 05 Footprint and Reconnaissance Footprinting is a technique used to gather as much information as possible about a target network, victim, or system. It aids hackers in several ways to compromise a company’s infrastructure. The security posture of the target may also be determined using this kind of penetration testing. Footprinting can be done passively or actively. Passive footprinting, such as looking at a company’s website and collecting information, active footprinting, such as using social engineering techniques to access sensitive data. During this phase, ethical hackers will collect information like: > IP addresses > Domain name > Employee information > Namespaces > E-mails > Phone numbers DOMAIN 2 Reconnaissance Techniques
> Network-based footprinting > Open-source footprinting > DNS integration DOMAIN 2 Reconnaissance Techniques Sub-branches of Footprinting: www.infosectrain.com | sales@infosectrain.com 06
02 www.infosectrain.com | sales@infosectrain.com 07 Network Scanning Network scanning identifies active ports, hosts, and the various services used by the target application. For example, assume you are an ethical hacker and trying to find weak points in the application. You use network scanning to find out those points. In simple terms, to hack a network, you’ll need to discover a weak point in the system that can be exploited. Such network nodes can be located by performing a Network Scanning operation. The difference between Reconnaissance and Network Scanning : Assume you are a police officer and are planning to find some criminal. First of all, you will gather all the information about the criminals like name, location, and daily routine, which is called reconnaissance. Then you will find an entry point to enter into his home to attack him, and the process of finding the entry point is called network scanning. DOMAIN 2 Reconnaissance Techniques
Port scanning: Port Scanning, as its name suggests, finds out which ports are active on the network. Scanners transmit client requests to a range of ports on the target network and then store the details of the ports that respond to the requests. In this way, active ports are discovered. There are various types of port scanning. They are: > TCP scanning > SYN scanning > UDP scanning > ACK scanning > Window scanning > FIN scanning DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 08 Types of Network Scanning :
DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 09 Vulnerability scanning: An ethical hacker uses vulnerability scanning to find out the weaknesses in the network. This identifies vulnerabilities that are caused by inappropriate programming or misconfigured networks.
03 Enumeration Enumeration is described as the procedure by which the user names, hostnames, network resources, shares, and services may be extracted from a system. In this step, the attacker connects with the system and makes directed requests to learn more about the target. By using enumeration, ethical hackers can get the information of: > SNMP data, if they are not secured correctly. > Network shares > Usernames of different systems > IP tables > Password policies lists DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 10
www.infosectrain.com | sales@infosectrain.com

Recommended

Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxInfosectrain3
 
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesDomain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesShivamSharma909
 
CEH Domain 3.pdf
CEH Domain 3.pdfCEH Domain 3.pdf
CEH Domain 3.pdfinfosec train
 
Chapter 2
Chapter 2Chapter 2
Chapter 2shahhardik27
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
CEH Domain 4.pdf
CEH Domain 4.pdfCEH Domain 4.pdf
CEH Domain 4.pdfinfosec train
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfMeymunaMohammed1
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfMeymunaMohammed1
 

Recommended

Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxInfosectrain3
 
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesDomain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesShivamSharma909
 
CEH Domain 3.pdf
CEH Domain 3.pdfCEH Domain 3.pdf
CEH Domain 3.pdfinfosec train
 
Chapter 2
Chapter 2Chapter 2
Chapter 2shahhardik27
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
CEH Domain 4.pdf
CEH Domain 4.pdfCEH Domain 4.pdf
CEH Domain 4.pdfinfosec train
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfMeymunaMohammed1
 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfMeymunaMohammed1
 
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxInfosectrain3
 
Hacking
HackingHacking
Hackingrameswara reddy venkat
 
Hacking
HackingHacking
HackingRoshan Chaudhary
 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumerationMehrdad Jingoism
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In DetailGreater Noida Institute Of Technology
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush GuptaTenet Systems Pvt Ltd
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorialMSA Technosoft
 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking PresentationAnimesh Behera
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Ce hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksMehrdad Jingoism
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfShivamSharma909
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptcemporku
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdftehkotak4
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
Ethical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingEthical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingsxkkjbzq2k
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 
CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfShivamSharma909
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...ShivamSharma909
 

More Related Content

Similar to Domain 2 of CEH v11: Reconnaissance Techniques

Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxInfosectrain3
 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumerationMehrdad Jingoism
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Ce hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksMehrdad Jingoism
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfShivamSharma909
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptcemporku
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdftehkotak4
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
Ethical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingEthical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingsxkkjbzq2k
 
Network and web security
Network and web securityNetwork and web security
Network and web securityNitesh Saitwal
 

Similar to Domain 2 of CEH v11: Reconnaissance Techniques (20)

Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumeration
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In Detail
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking Presentation
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Ce hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networks
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.ppt
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
 
Ethical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingEthical hacking is a based on computer hacking
Ethical hacking is a based on computer hacking
 
Network and web security
Network and web securityNetwork and web security
Network and web security
 

More from ShivamSharma909

CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfShivamSharma909
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...ShivamSharma909
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfShivamSharma909
 
Top 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdfTop 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdfShivamSharma909
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfShivamSharma909
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseShivamSharma909
 
Why cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fitWhy cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fitShivamSharma909
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerShivamSharma909
 
Top 20 azure interview questions
Top 20 azure interview questionsTop 20 azure interview questions
Top 20 azure interview questionsShivamSharma909
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questionsShivamSharma909
 
EC-Council Certified SOC Analyst
EC-Council Certified SOC AnalystEC-Council Certified SOC Analyst
EC-Council Certified SOC AnalystShivamSharma909
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingShivamSharma909
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Domain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical HackingDomain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical HackingShivamSharma909
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304ShivamSharma909
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexShivamSharma909
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITShivamSharma909
 

More from ShivamSharma909 (20)

CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdf
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
 
Top 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdfTop 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdf
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdf
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
 
Why cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fitWhy cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fit
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
 
Top 20 azure interview questions
Top 20 azure interview questionsTop 20 azure interview questions
Top 20 azure interview questions
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
 
EC-Council Certified SOC Analyst
EC-Council Certified SOC AnalystEC-Council Certified SOC Analyst
EC-Council Certified SOC Analyst
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Domain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical HackingDomain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical Hacking
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity index
 
Cisa domain 4
Cisa domain 4Cisa domain 4
Cisa domain 4
 
Cisa domain 3
Cisa domain 3Cisa domain 3
Cisa domain 3
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of IT
 

Recently uploaded

This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...KokoStevan
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterMateoGardella
 

Recently uploaded (20)

This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 

Domain 2 of CEH v11: Reconnaissance Techniques

  • 2. www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
  • 3. Reconnaissance Techniques Reconnaissance is the initial step that every ethical hacker follows. Reconnaissance is a method of gathering all the important information about our target system and network. The ethical hacker follows the below steps to gather the maximum information about the target: > Collect the initial information > Determine the range of the network > Identifies the active machines > Identifies the access ports and open ports > Fingerprint the operating system > Uncover services on ports > And finally, map them. www.infosectrain.com | sales@infosectrain.com 02 DOMAIN 2 Reconnaissance Techniques In this blog, we will discuss the 2nd domain of CEH, which is ‘Reconnaissance Techniques’
  • 4. Types of Reconnaissance www.infosectrain.com | sales@infosectrain.com 03 DOMAIN 2 Reconnaissance Techniques There are two types of reconnaissance: Passive reconnaissance Passive reconnaissance is the process of gathering information about a target computer or network without actively using it. It’s a way to acquire data about a victim without making them aware of it. Ethical hackers use tools like Shodan and Wireshark to perform passive reconnaissance. Active reconnaissance Active reconnaissance is a process of gathering information by directly engaging with the target system. Ethical hackers can perform active reconnaissance by using different tools like Netcat, Ping, and Traceroute. This recon is faster and accurate; simultaneously, the chances of getting detected are also very high because the ethical hacker is directly interacting with the target system.
  • 5. www.infosectrain.com | sales@infosectrain.com 04 Reconnaissance Techniques DOMAIN 2 Reconnaissance Techniques There are three reconnaissance techniques: > Footprint and reconnaissance > Scanning networks > Enumeration.
  • 6. 01 www.infosectrain.com | sales@infosectrain.com 05 Footprint and Reconnaissance Footprinting is a technique used to gather as much information as possible about a target network, victim, or system. It aids hackers in several ways to compromise a company’s infrastructure. The security posture of the target may also be determined using this kind of penetration testing. Footprinting can be done passively or actively. Passive footprinting, such as looking at a company’s website and collecting information, active footprinting, such as using social engineering techniques to access sensitive data. During this phase, ethical hackers will collect information like: > IP addresses > Domain name > Employee information > Namespaces > E-mails > Phone numbers DOMAIN 2 Reconnaissance Techniques
  • 7. > Network-based footprinting > Open-source footprinting > DNS integration DOMAIN 2 Reconnaissance Techniques Sub-branches of Footprinting: www.infosectrain.com | sales@infosectrain.com 06
  • 8. 02 www.infosectrain.com | sales@infosectrain.com 07 Network Scanning Network scanning identifies active ports, hosts, and the various services used by the target application. For example, assume you are an ethical hacker and trying to find weak points in the application. You use network scanning to find out those points. In simple terms, to hack a network, you’ll need to discover a weak point in the system that can be exploited. Such network nodes can be located by performing a Network Scanning operation. The difference between Reconnaissance and Network Scanning : Assume you are a police officer and are planning to find some criminal. First of all, you will gather all the information about the criminals like name, location, and daily routine, which is called reconnaissance. Then you will find an entry point to enter into his home to attack him, and the process of finding the entry point is called network scanning. DOMAIN 2 Reconnaissance Techniques
  • 9. Port scanning: Port Scanning, as its name suggests, finds out which ports are active on the network. Scanners transmit client requests to a range of ports on the target network and then store the details of the ports that respond to the requests. In this way, active ports are discovered. There are various types of port scanning. They are: > TCP scanning > SYN scanning > UDP scanning > ACK scanning > Window scanning > FIN scanning DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 08 Types of Network Scanning :
  • 10. DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 09 Vulnerability scanning: An ethical hacker uses vulnerability scanning to find out the weaknesses in the network. This identifies vulnerabilities that are caused by inappropriate programming or misconfigured networks.
  • 11. 03 Enumeration Enumeration is described as the procedure by which the user names, hostnames, network resources, shares, and services may be extracted from a system. In this step, the attacker connects with the system and makes directed requests to learn more about the target. By using enumeration, ethical hackers can get the information of: > SNMP data, if they are not secured correctly. > Network shares > Usernames of different systems > IP tables > Password policies lists DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 10