SlideShare a Scribd company logo

CEH Domain 2.pdf

โ€ข
โ€ข
infosec train
infosec train

Footprinting is a technique used to gather as much information as possible about a target network, victim, or system. It aids hackers in several ways to compromise a companyโ€™s infrastructure. https://www.infosectrain.com/courses/ceh-v11-certification-training/

Education
1 of 12
Download to read offline
CEH v11 Reconnaissance Techniques DOMAIN 2 www.infosectrain.com
www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
Reconnaissance Techniques Reconnaissance is the initial step that every ethical hacker follows. Reconnaissance is a method of gathering all the important information about our target system and network. The ethical hacker follows the below steps to gather the maximum information about the target: > Collect the initial information > Determine the range of the network > Identi๏ฌes the active machines > Identi๏ฌes the access ports and open ports > Fingerprint the operating system > Uncover services on ports > And ๏ฌnally, map them. www.infosectrain.com | sales@infosectrain.com 02 DOMAIN 2 Reconnaissance Techniques In this blog, we will discuss the 2nd domain of CEH, which is โ€˜Reconnaissance Techniquesโ€™
Types of Reconnaissance www.infosectrain.com | sales@infosectrain.com 03 DOMAIN 2 Reconnaissance Techniques There are two types of reconnaissance: Passive reconnaissance Passive reconnaissance is the process of gathering information about a target computer or network without actively using it. Itโ€™s a way to acquire data about a victim without making them aware of it. Ethical hackers use tools like Shodan and Wireshark to perform passive reconnaissance. Active reconnaissance Active reconnaissance is a process of gathering information by directly engaging with the target system. Ethical hackers can perform active reconnaissance by using different tools like Netcat, Ping, and Traceroute. This recon is faster and accurate; simultaneously, the chances of getting detected are also very high because the ethical hacker is directly interacting with the target system.
www.infosectrain.com | sales@infosectrain.com 04 Reconnaissance Techniques DOMAIN 2 Reconnaissance Techniques There are three reconnaissance techniques: > Footprint and reconnaissance > Scanning networks > Enumeration.
01 www.infosectrain.com | sales@infosectrain.com 05 Footprint and Reconnaissance Footprinting is a technique used to gather as much information as possible about a target network, victim, or system. It aids hackers in several ways to compromise a companyโ€™s infrastructure. The security posture of the target may also be determined using this kind of penetration testing. Footprinting can be done passively or actively. Passive footprinting, such as looking at a companyโ€™s website and collecting information, active footprinting, such as using social engineering techniques to access sensitive data. During this phase, ethical hackers will collect information like: > IP addresses > Domain name > Employee information > Namespaces > E-mails > Phone numbers DOMAIN 2 Reconnaissance Techniques
> Network-based footprinting > Open-source footprinting > DNS integration DOMAIN 2 Reconnaissance Techniques Sub-branches of Footprinting: www.infosectrain.com | sales@infosectrain.com 06
02 www.infosectrain.com | sales@infosectrain.com 07 Network Scanning Network scanning identi๏ฌes active ports, hosts, and the various services used by the target application. For example, assume you are an ethical hacker and trying to ๏ฌnd weak points in the application. You use network scanning to ๏ฌnd out those points. In simple terms, to hack a network, youโ€™ll need to discover a weak point in the system that can be exploited. Such network nodes can be located by performing a Network Scanning operation. The difference between Reconnaissance and Network Scanning : Assume you are a police of๏ฌcer and are planning to ๏ฌnd some criminal. First of all, you will gather all the information about the criminals like name, location, and daily routine, which is called reconnaissance. Then you will ๏ฌnd an entry point to enter into his home to attack him, and the process of ๏ฌnding the entry point is called network scanning. DOMAIN 2 Reconnaissance Techniques
Port scanning: Port Scanning, as its name suggests, ๏ฌnds out which ports are active on the network. Scanners transmit client requests to a range of ports on the target network and then store the details of the ports that respond to the requests. In this way, active ports are discovered. There are various types of port scanning. They are: > TCP scanning > SYN scanning > UDP scanning > ACK scanning > Window scanning > FIN scanning DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 08 Types of Network Scanning :
DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 09 Vulnerability scanning: An ethical hacker uses vulnerability scanning to ๏ฌnd out the weaknesses in the network. This identi๏ฌes vulnerabilities that are caused by inappropriate programming or miscon๏ฌgured networks.
03 Enumeration Enumeration is described as the procedure by which the user names, hostnames, network resources, shares, and services may be extracted from a system. In this step, the attacker connects with the system and makes directed requests to learn more about the target. By using enumeration, ethical hackers can get the information of: > SNMP data, if they are not secured correctly. > Network shares > Usernames of different systems > IP tables > Password policies lists DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 10
www.infosectrain.com | sales@infosectrain.com

Recommended

Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Infosectrain3
ย 
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesDomain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
ShivamSharma909
ย 
CEH Domain 3.pdf
CEH Domain 3.pdfCEH Domain 3.pdf
CEH Domain 3.pdf
infosec train
ย 
Chapter 2
Chapter 2Chapter 2
Chapter 2
shahhardik27
ย 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
ShivamSharma909
ย 
CEH Domain 4.pdf
CEH Domain 4.pdfCEH Domain 4.pdf
CEH Domain 4.pdf
infosec train
ย 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
ย 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
ย 

Recommended

Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Infosectrain3
ย 
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack TechniquesDomain 3 of CEH v11: System Hacking Phases and Attack Techniques
Domain 3 of CEH v11: System Hacking Phases and Attack Techniques
ShivamSharma909
ย 
CEH Domain 3.pdf
CEH Domain 3.pdfCEH Domain 3.pdf
CEH Domain 3.pdf
infosec train
ย 
Chapter 2
Chapter 2Chapter 2
Chapter 2
shahhardik27
ย 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
ShivamSharma909
ย 
CEH Domain 4.pdf
CEH Domain 4.pdfCEH Domain 4.pdf
CEH Domain 4.pdf
infosec train
ย 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
ย 
ANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdfANS_Ch_05_Handouts.pdf
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
ย 
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Infosectrain3
ย 
Hacking
HackingHacking
Hacking
rameswara reddy venkat
ย 
Hacking
HackingHacking
Hacking
Roshan Chaudhary
ย 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumeration
Mehrdad Jingoism
ย 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
Sripati Mahapatra
ย 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In Detail
Greater Noida Institute Of Technology
ย 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
ย 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
ย 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
MSA Technosoft
ย 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking Presentation
Animesh Behera
ย 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
ย 
Ce hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networks
Mehrdad Jingoism
ย 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
Q Fadlan
ย 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
ย 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.ppt
cemporku
ย 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
tehkotak4
ย 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
Geoff Pesimo
ย 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
SuhailShaik16
ย 
Ethical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingEthical hacking is a based on computer hacking
Ethical hacking is a based on computer hacking
sxkkjbzq2k
ย 
Network and web security
Network and web securityNetwork and web security
Network and web security
Nitesh Saitwal
ย 
Azure Administrator and Security Training.pdf
Azure Administrator and Security Training.pdfAzure Administrator and Security Training.pdf
Azure Administrator and Security Training.pdf
infosec train
ย 
SOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrainSOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrain
infosec train
ย 

More Related Content

Similar to CEH Domain 2.pdf

Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumeration
Mehrdad Jingoism
ย 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
MSA Technosoft
ย 
Ce hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networks
Mehrdad Jingoism
ย 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
ย 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
tehkotak4
ย 
Ethical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingEthical hacking is a based on computer hacking
Ethical hacking is a based on computer hacking
sxkkjbzq2k
ย 

Similar to CEH Domain 2.pdf (20)

Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
ย 
Hacking
HackingHacking
Hacking
ย 
Hacking
HackingHacking
Hacking
ย 
Ce hv8 module 04 enumeration
Ce hv8 module 04 enumerationCe hv8 module 04 enumeration
Ce hv8 module 04 enumeration
ย 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
ย 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In Detail
ย 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
ย 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
ย 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
ย 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking Presentation
ย 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
ย 
Ce hv8 module 03 scanning networks
Ce hv8 module 03 scanning networksCe hv8 module 03 scanning networks
Ce hv8 module 03 scanning networks
ย 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
ย 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ย 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.ppt
ย 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
ย 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
ย 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
ย 
Ethical hacking is a based on computer hacking
Ethical hacking is a based on computer hackingEthical hacking is a based on computer hacking
Ethical hacking is a based on computer hacking
ย 
Network and web security
Network and web securityNetwork and web security
Network and web security
ย 

More from infosec train

CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdfCISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
infosec train
ย 
Everything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrainEverything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrain
infosec train
ย 
AXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrainAXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrain
infosec train
ย 
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
infosec train
ย 

More from infosec train (20)

Azure Administrator and Security Training.pdf
Azure Administrator and Security Training.pdfAzure Administrator and Security Training.pdf
Azure Administrator and Security Training.pdf
ย 
SOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrainSOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrain
ย 
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdfCISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
ย 
CRISC Domains Mind Map InfosecTrain .pdf
CRISC Domains Mind Map InfosecTrain .pdfCRISC Domains Mind Map InfosecTrain .pdf
CRISC Domains Mind Map InfosecTrain .pdf
ย 
Everything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrainEverything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrain
ย 
Top 10 Cyber Attacks 2024.pdf InfosecTrain
Top 10 Cyber Attacks 2024.pdf InfosecTrainTop 10 Cyber Attacks 2024.pdf InfosecTrain
Top 10 Cyber Attacks 2024.pdf InfosecTrain
ย 
Cloud Storage vs. Local Storage.pdf InfosecTrain
Cloud Storage vs. Local Storage.pdf InfosecTrainCloud Storage vs. Local Storage.pdf InfosecTrain
Cloud Storage vs. Local Storage.pdf InfosecTrain
ย 
Threat- Hunting-Tips .pdf InfosecTrain
Threat- Hunting-Tips .pdf InfosecTrainThreat- Hunting-Tips .pdf InfosecTrain
Threat- Hunting-Tips .pdf InfosecTrain
ย 
AXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrainAXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrain
ย 
Interpreting the Malicious Mind Motive Behind Cyberattacks.pdf
Interpreting the Malicious Mind Motive Behind Cyberattacks.pdfInterpreting the Malicious Mind Motive Behind Cyberattacks.pdf
Interpreting the Malicious Mind Motive Behind Cyberattacks.pdf
ย 
Cybersecurity Expert Training InfosecTrain.pdf
Cybersecurity Expert Training InfosecTrain.pdfCybersecurity Expert Training InfosecTrain.pdf
Cybersecurity Expert Training InfosecTrain.pdf
ย 
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
ย 
CEH v12 Certification Training Guide.pdf
CEH v12 Certification Training Guide.pdfCEH v12 Certification Training Guide.pdf
CEH v12 Certification Training Guide.pdf
ย 
GRC Online Training by InfosecTrain.pdf
GRC Online Training by InfosecTrain.pdfGRC Online Training by InfosecTrain.pdf
GRC Online Training by InfosecTrain.pdf
ย 
PMP Certification Training Course.pdf
PMP Certification Training Course.pdfPMP Certification Training Course.pdf
PMP Certification Training Course.pdf
ย 
upcoming batches of InfosecTrain .pdf 01
upcoming batches of InfosecTrain .pdf 01upcoming batches of InfosecTrain .pdf 01
upcoming batches of InfosecTrain .pdf 01
ย 
Best SOC Career Guide InfosecTrain .pdf
Best SOC Career Guide InfosecTrain .pdfBest SOC Career Guide InfosecTrain .pdf
Best SOC Career Guide InfosecTrain .pdf
ย 
NIST CHECKLIST by InfosecTrain.pdf InfosecTrain
NIST CHECKLIST by InfosecTrain.pdf InfosecTrainNIST CHECKLIST by InfosecTrain.pdf InfosecTrain
NIST CHECKLIST by InfosecTrain.pdf InfosecTrain
ย 
PCI-DSS(Payment Card Industry Data Security Standard) Training .pdf
PCI-DSS(Payment Card Industry Data Security Standard) Training .pdfPCI-DSS(Payment Card Industry Data Security Standard) Training .pdf
PCI-DSS(Payment Card Industry Data Security Standard) Training .pdf
ย 
Types of Data Privacy by InfosecTrain.pdf
Types of Data Privacy by InfosecTrain.pdfTypes of Data Privacy by InfosecTrain.pdf
Types of Data Privacy by InfosecTrain.pdf
ย 

Recently uploaded

The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
ย 

Recently uploaded (20)

Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
ย 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
ย 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
ย 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
ย 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
ย 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
ย 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
ย 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
ย 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
ย 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
ย 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
ย 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
ย 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
ย 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
ย 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
ย 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
ย 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
ย 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
ย 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
ย 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
ย 

CEH Domain 2.pdf

  • 2. www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
  • 3. Reconnaissance Techniques Reconnaissance is the initial step that every ethical hacker follows. Reconnaissance is a method of gathering all the important information about our target system and network. The ethical hacker follows the below steps to gather the maximum information about the target: > Collect the initial information > Determine the range of the network > Identi๏ฌes the active machines > Identi๏ฌes the access ports and open ports > Fingerprint the operating system > Uncover services on ports > And ๏ฌnally, map them. www.infosectrain.com | sales@infosectrain.com 02 DOMAIN 2 Reconnaissance Techniques In this blog, we will discuss the 2nd domain of CEH, which is โ€˜Reconnaissance Techniquesโ€™
  • 4. Types of Reconnaissance www.infosectrain.com | sales@infosectrain.com 03 DOMAIN 2 Reconnaissance Techniques There are two types of reconnaissance: Passive reconnaissance Passive reconnaissance is the process of gathering information about a target computer or network without actively using it. Itโ€™s a way to acquire data about a victim without making them aware of it. Ethical hackers use tools like Shodan and Wireshark to perform passive reconnaissance. Active reconnaissance Active reconnaissance is a process of gathering information by directly engaging with the target system. Ethical hackers can perform active reconnaissance by using different tools like Netcat, Ping, and Traceroute. This recon is faster and accurate; simultaneously, the chances of getting detected are also very high because the ethical hacker is directly interacting with the target system.
  • 5. www.infosectrain.com | sales@infosectrain.com 04 Reconnaissance Techniques DOMAIN 2 Reconnaissance Techniques There are three reconnaissance techniques: > Footprint and reconnaissance > Scanning networks > Enumeration.
  • 6. 01 www.infosectrain.com | sales@infosectrain.com 05 Footprint and Reconnaissance Footprinting is a technique used to gather as much information as possible about a target network, victim, or system. It aids hackers in several ways to compromise a companyโ€™s infrastructure. The security posture of the target may also be determined using this kind of penetration testing. Footprinting can be done passively or actively. Passive footprinting, such as looking at a companyโ€™s website and collecting information, active footprinting, such as using social engineering techniques to access sensitive data. During this phase, ethical hackers will collect information like: > IP addresses > Domain name > Employee information > Namespaces > E-mails > Phone numbers DOMAIN 2 Reconnaissance Techniques
  • 7. > Network-based footprinting > Open-source footprinting > DNS integration DOMAIN 2 Reconnaissance Techniques Sub-branches of Footprinting: www.infosectrain.com | sales@infosectrain.com 06
  • 8. 02 www.infosectrain.com | sales@infosectrain.com 07 Network Scanning Network scanning identi๏ฌes active ports, hosts, and the various services used by the target application. For example, assume you are an ethical hacker and trying to ๏ฌnd weak points in the application. You use network scanning to ๏ฌnd out those points. In simple terms, to hack a network, youโ€™ll need to discover a weak point in the system that can be exploited. Such network nodes can be located by performing a Network Scanning operation. The difference between Reconnaissance and Network Scanning : Assume you are a police of๏ฌcer and are planning to ๏ฌnd some criminal. First of all, you will gather all the information about the criminals like name, location, and daily routine, which is called reconnaissance. Then you will ๏ฌnd an entry point to enter into his home to attack him, and the process of ๏ฌnding the entry point is called network scanning. DOMAIN 2 Reconnaissance Techniques
  • 9. Port scanning: Port Scanning, as its name suggests, ๏ฌnds out which ports are active on the network. Scanners transmit client requests to a range of ports on the target network and then store the details of the ports that respond to the requests. In this way, active ports are discovered. There are various types of port scanning. They are: > TCP scanning > SYN scanning > UDP scanning > ACK scanning > Window scanning > FIN scanning DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 08 Types of Network Scanning :
  • 10. DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 09 Vulnerability scanning: An ethical hacker uses vulnerability scanning to ๏ฌnd out the weaknesses in the network. This identi๏ฌes vulnerabilities that are caused by inappropriate programming or miscon๏ฌgured networks.
  • 11. 03 Enumeration Enumeration is described as the procedure by which the user names, hostnames, network resources, shares, and services may be extracted from a system. In this step, the attacker connects with the system and makes directed requests to learn more about the target. By using enumeration, ethical hackers can get the information of: > SNMP data, if they are not secured correctly. > Network shares > Usernames of different systems > IP tables > Password policies lists DOMAIN 2 Reconnaissance Techniques www.infosectrain.com | sales@infosectrain.com 10