{"id":21316216,"url":"https://github.com/rajeevranjancom/ceh_practical_master_doc","last_synced_at":"2026-03-19T19:51:10.673Z","repository":{"id":232314599,"uuid":"385348489","full_name":"rajeevranjancom/CEH_Practical_Master_DOC","owner":"rajeevranjancom","description":"practical not Theory","archived":false,"fork":false,"pushed_at":"2022-02-08T05:35:05.000Z","size":13963,"stargazers_count":1,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-22T10:36:44.230Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rajeevranjancom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-07-12T18:39:37.000Z","updated_at":"2022-02-08T05:35:08.000Z","dependencies_parsed_at":"2024-04-09T04:34:06.729Z","dependency_job_id":null,"html_url":"https://github.com/rajeevranjancom/CEH_Practical_Master_DOC","commit_stats":null,"previous_names":["rajeevranjancom/ceh_practical_master_doc"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rajeevranjancom%2FCEH_Practical_Master_DOC","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rajeevranjancom%2FCEH_Practical_Master_DOC/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rajeevranjancom%2FCEH_Practical_Master_DOC/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rajeevranjancom%2FCEH_Practical_Master_DOC/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rajeevranjancom","download_url":"https://codeload.github.com/rajeevranjancom/CEH_Practical_Master_DOC/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243795954,"owners_count":20349250,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-21T18:31:12.082Z","updated_at":"2026-01-02T14:41:47.067Z","avatar_url":"https://github.com/rajeevranjancom.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Guide-CEH-Practical-Master\n\n### **Exame Details**\n- Exam Title: Certified Ethical Hacker (Practical) \n- Number of Practical Challenges: 20 \n- Duration: 6 hours \n- Availability: Aspen – iLabs \n- Test Format: iLabs Cyber Range \n- Passing Score: 70% (14 Questions)\n--------------------------------------------\n**Exam Tips**\n- Vulnerability analysis to identify security loopholes in the target organization’s network, communication infrastructure, and end systems, etc;\n- System hacking, steganography;\n- Network scanning to identify live and vulnerable machines in a network;\n- OS banner grabbing, service, and user enumeration;\n- Different types of cryptography attacks;\n- SQL injection attacks;\n- Packet sniffing;\n--------------------------------------------\n**Format**\n- Realized Test with Web Browser iLabs\n- One Kali Linux (No Update) and Windows Server 2016 to perform the pentest\n- Five machines to compromise on an isolated network from the internet\n- Search in Google? (Yes!)\n- Talk to someone during the race? (No!)\n--------------------------------------------\n### **Tools**\n\n- Nmap\n- Hydra\n- Sqlmap\n- Wpscan\n- Nikto\n- John\n- Hashcat\n- Metasploit\n- Responder LLMNR\n- Wireshark or Tcpdump\n- Steghide\n- OpenStego\n- QuickStego\n- Dirb\n- Searchsploit\n- Crunch\n- Cewl\n- Veracrypt\n- Hashcalc\n- Rainbow Crack\n--------------------------------------------\n### **Helps**\n\n- Reddit Exam Reviews\n- Medium Exam Reviews\n- Professionals Certificate\n- Hack The Box (Challenges Steganography and Web) (https://www.hackthebox.eu/)\n- Vulnhub (Machines Easy to Medium) (https://www.vulnhub.com/)\n- Labs PenTest Brazil (CEH Course made in Major Eder ft ACADI-TI) (https://acaditi.com.br/ceh-v10-treinamento-certified-ethical-hacker/)\n- TryHackMe (https://tryhackme.com/) / https://tryhackme.com/room/wirectf / https://tryhackme.com/room/wirectf / https://tryhackme.com/room/hydra / https://tryhackme.com/room/sqli / https://tryhackme.com/room/crackthehash / https://medium.com/@kyryloren/jack-writeup-by-kyryloren-tryhackme-e41cff4e1c55\n- iLabs CEH (https://ilabs.eccouncil.org/ethical-hacking-exercises/)\n\n--------------------------------------------\n### **Examples Questions (There are the real issues)**\n- What is the IP of the Windows X machine?\n- What is the version of the Linux Kernel?\n- How many Windows machines are there?\n- What is the password for user X of the FTP server?\n- What is user X's IBAN number?\n- Which user X's phone number?\n- What is the password hidden in the .jpeg file?\n\n--------------------------------------------\n### **Attacks Vector**\n\nhttps://www.upguard.com/blog/attack-vector\n\nhttps://searchsecurity.techtarget.com/definition/attack-vector\n\nhttps://www.balbix.com/insights/attack-vectors-and-breach-methods/\n\nhttps://attack.mitre.org/\n\nhttps://searchsecurity.techtarget.com/definition/attack-vector#:~:text=An%20attack%20vector%20is%20a,vulnerabilities%2C%20including%20the%20human%20element.\n\nhttps://www.youtube.com/watch?v=LsuoJb7n3co\n\nhttps://www.youtube.com/watch?v=rcB4EZLfi7I\n\nhttps://www.youtube.com/watch?v=dz7Ntp7KQGA\n\n--------------------------------------------\n### **Network Scanning**\n\nhttps://nmap.org/man/pt_BR/index.html\n\nhttps://nmap.org/docs.html\n\nhttps://hackertarget.com/nmap-cheatsheet-a-quick-reference-guide/\n\nhttps://hackertarget.com/nmap-tutorial/\n\nhttps://www.stationx.net/nmap-cheat-sheet/\n\nhttps://media.x-ra.de/doc/NmapCheatSheetv1.1.pdf\n\nhttps://www.100security.com.br/netdiscover\n\nhttps://kalilinuxtutorials.com/netdiscover-scan-live-hosts-network/\n\nhttps://www.youtube.com/watch?v=PS677owUk-c\n\nhttps://www.stationx.net/nmap-cheat-sheet/\n\nhttps://redteamtutorials.com/2018/10/14/nmap-cheatsheet/\n\nhttps://resources.infosecinstitute.com/nmap-cheat-sheet/#gref\n\nhttps://medium.com/@infosecsanyam/nmap-cheat-sheet-nmap-scanning-types-scanning-commands-nse-scripts-868a7bd7f692\n\nhttps://resources.infosecinstitute.com/network-discovery-tool/#gref\n\n--------------------------------------------\n### **Enumeration**\nhttps://null-byte.wonderhowto.com/how-to/enumerate-smb-with-enum4linux-smbclient-0198049/\n\nhttps://www.hackingarticles.in/a-little-guide-to-smb-enumeration/\n\nhttps://0xdf.gitlab.io/2018/12/02/pwk-notes-smb-enumeration-checklist-update1.html\n\nhttps://medium.com/@arnavtripathy98/smb-enumeration-for-penetration-testing-e782a328bf1b\n\nhttps://www.redsiege.com/blog/2020/04/user-enumeration-part-3-windows/\n\nhttps://nmap.org/nsedoc/scripts/smb-enum-users.html\n\nhttps://github.com/sensepost/UserEnum\n\n--------------------------------------------\n### **Brute Force**\n\nhttps://linuxconfig.org/password-cracking-with-john-the-ripper-on-linux\n\nhttps://securitytutorials.co.uk/brute-forcing-passwords-with-thc-hydra/\n\nhttps://securitytutorials.co.uk/brute-forcing-passwords-with-thc-hydra/\n\nhttps://redteamtutorials.com/2018/10/25/hydra-brute-force-https/\n\nhttps://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-online-passwords-with-tamper-data-thc-hydra-0155374/\n\nhttps://laconicwolf.com/2018/09/29/hashcat-tutorial-the-basics-of-cracking-passwords-with-hashcat/\n\nhttps://medium.com/@sc015020/how-to-crack-passwords-with-john-the-ripper-fdb98449ff1\n\nhttps://www.varonis.com/blog/john-the-ripper/\n\n--------------------------------------------\n### **Wordlists**\n\nhttp://www.phenoelit.org/dpl/dpl.html\n\nhttps://datarecovery.com/rd/default-passwords/\n\nhttps://github.com/Dormidera/WordList-Compendium\n\nhttps://github.com/danielmiessler/SecLists\n\nhttps://www.kaggle.com/wjburns/common-password-list-rockyoutxt\n\n--------------------------------------------\n### **SQL Injection**\n\nhttps://hackertarget.com/sqlmap-tutorial/\n\nhttps://www.binarytides.com/sqlmap-hacking-tutorial/\n\nhttps://www.hackingarticles.in/database-penetration-testing-using-sqlmap-part-1/\n\nhttps://medium.com/@rafaelrenovaci/dvwa-solution-sql-injection-blind-sqlmap-cd1461ad336e\n\nhttps://medium.com/hacker-toolbelt/dvwa-1-9-viii-blind-sql-injection-with-sqlmap-ee8d59fbdea7\n\nhttps://www.exploit-db.com/docs/english/13701-easy-methodblind-sql-injection.pdf\n\nhttps://gracefulsecurity.com/sql-injection-filter-evasion-with-sqlmap/\n\nhttps://medium.com/@drag0n/sqlmap-tamper-scripts-sql-injection-and-waf-bypass-c5a3f5764cb3\n\nhttps://owasp.org/www-community/attacks/SQL_Injection_Bypassing_WAF\n\nhttps://www.1337pwn.com/use-sqlmap-to-bypass-cloudflare-waf-and-hack-website-with-sql-injection/\n\n--------------------------------------------\n### **Steganography**\n\nhttps://resources.infosecinstitute.com/steganography-and-tools-to-perform-steganography/#gref\n\nhttps://flylib.com/books/en/1.36.1/steganography.html\n\nhttps://blog.eccouncil.org/what-is-steganography-and-what-are-its-popular-techniques/\n\nhttps://www.edureka.co/blog/steganography-tutorial\n\nhttps://www.tutorialspoint.com/image-based-steganography-using-python\n\nhttps://medium.com/@KamranSaifullah/da-vinci-stenography-challenge-solution-90122a59822\n\nhttps://medium.com/@chrisdare/steganography-in-computer-forensics-6d6e87d85c0a\n\nhttps://www.telegraph.co.uk/culture/art/art-news/8197896/Mona-Lisa-painting-contains-hidden-code.html\n\nhttps://medium.com/write-ups-hackthebox/tagged/steganography\n\nhttp://moinkhans.blogspot.com/2015/06/steghide-beginners-tutorial.html\n\nhttps://www.2daygeek.com/easy-way-hide-information-inside-image-and-sound-objects/\n\n--------------------------------------------\n### **System Hacking**\n\nhttps://www.notsosecure.com/pwning-with-responder-a-pentesters-guide/\n\nhttps://www.ivoidwarranties.tech/posts/pentesting-tuts/responder/cheatsheet/\n\nhttps://blog.rapid7.com/2017/03/21/combining-responder-and-psexec-for-internal-penetration-tests/\n\nhttps://www.4armed.com/blog/llmnr-nbtns-poisoning-using-responder/\n\nhttps://medium.com/@hninja049/how-to-easy-find-exploits-with-searchsploit-on-linux-4ce0b82c82fd\n\nhttps://www.offensive-security.com/offsec/edb-searchsploit-update-2020/\n\nhttps://www.youtube.com/watch?v=29GlfaH5qCM\n\nhttps://www.hackingloops.com/maintaining-access-metasploit/\n\nhttps://resources.infosecinstitute.com/information-gathering-using-metasploit/\n\nhttps://www.youtube.com/watch?v=s6rwS7UuMt8\n\nhttps://null-byte.wonderhowto.com/how-to/exploit-eternalblue-windows-server-with-metasploit-0195413/\n\nhttps://www.youtube.com/watch?v=joT8NxlXxVY\n\nhttps://attack.mitre.org/techniques/T1557/001/\n\nhttps://www.youtube.com/watch?v=0TBCzaBklcE\n\nhttps://www.youtube.com/watch?v=FfoQFKhWUr0\n\nhttps://www.youtube.com/watch?v=Fg2gvk0qgjM\n\nhttps://www.youtube.com/watch?v=rjRDsXp_MNk\n\nhttps://www.sternsecurity.com/blog/local-network-attacks-llmnr-and-nbt-ns-poisoning\n\nhttps://medium.com/@subhammisra45/llmnr-poisoning-and-relay-5477949b7bef\n\nhttps://www.hackingarticles.in/get-reverse-shell-via-windows-one-liner/\n\n--------------------------------------------\n### **Web Scanners**\n\nhttps://blog.clusterweb.com.br/?p=1297\n\nhttps://hackertarget.com/nikto-tutorial/\n\nhttps://geekflare.com/nikto-webserver-scanner/\n\nhttps://www.youtube.com/watch?v=K78YOmbuT48\n\nhttps://blog.sucuri.net/2015/12/using-wpscan-finding-wordpress-vulnerabilities.html\n\nhttps://www.hackingtutorials.org/web-application-hacking/hack-a-wordpress-website-with-wpscan/\n\nhttps://linuxhint.com/wpscan_wordpress_vulnerabilities_scan/\n\nhttps://www.youtube.com/watch?v=SS991k5Alp0\n\nhttps://www.youtube.com/watch?v=MtyhOrBfG-E\n\nhttps://www.youtube.com/watch?v=sQ4TtFdaiRA\n\nhttps://www.exploit-db.com/docs/english/45556-wordpress-penetration-testing-using-wpscan-and-metasploit.pdf?rss\n\nhttps://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/\n\nhttps://www.youtube.com/watch?v=BTGP5sZfJKY\n\nhttps://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-5-creating-custom-wordlist-with-cewl-0158855/\n\nhttps://medium.com/tech-zoom/dirb-a-web-content-scanner-bc9cba624c86\n\nhttps://www.hackingarticles.in/comprehensive-guide-on-dirb-tool/\n\n--------------------------------------------\n### **Sniffers**\n\nhttps://www.youtube.com/watch?v=TkCSr30UojM\n\nhttps://www.varonis.com/blog/how-to-use-wireshark/\n\nhttps://hackertarget.com/wireshark-tutorial-and-cheat-sheet/\n\nhttps://www.lifewire.com/wireshark-tutorial-4143298\n\nhttps://www.comparitech.com/net-admin/wireshark-cheat-sheet/\n\nhttps://medium.com/hacker-toolbelt/wireshark-filters-cheat-sheet-eacdc438969c\n\nhttps://github.com/security-cheatsheet/wireshark-cheatsheet\n\nhttps://www.cellstream.com/resources/2013-09-10-11-55-21/cellstream-public-documents/wireshark-related/83-wireshark-display-filter-cheat-sheet/file\n\nhttps://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-inspect-packets/\n\nhttps://www.youtube.com/watch?v=4_7A8Ikp5Cc\n\nhttps://www.guru99.com/wireshark-passwords-sniffer.html\n\nhttps://danielmiessler.com/study/tcpdump/\n\nhttps://hackertarget.com/tcpdump-examples/\n\nhttps://opensource.com/article/18/10/introduction-tcpdump\n\n--------------------------------------------\n### **Reviews and Details CEH Practical**\n\nhttps://www.linkedin.com/pulse/my-jouney-ceh-practical-joas-antonio-dos-santos (My Review)\n\nhttps://forums.itpro.tv/topic/2604/ceh-practical/2\n\nhttps://www.linkedin.com/pulse/considera%C3%A7%C3%B5es-sobre-o-exame-ceh-practical-leandro-cortiz/\n\nhttps://infayer.com/archivos/65\n\nhttps://medium.com/@jonaldallan/passed-ec-councils-certified-ethical-hacker-practical-20634b6f0f2\n\nhttps://www.reddit.com/r/CEH/comments/c69fou/passed_ceh_practicalpost_exam_writeup/\n\nhttps://www.reddit.com/r/CEH/comments/eeu3cx/ceh_practical_handson_exam_passed_with_2020_score/\n\nhttps://www.reddit.com/r/CEH/comments/8wk2ve/ceh_vs_ceh_practical/\n\nhttps://www.reddit.com/r/CEH/comments/dfa1y8/passed_ceh_practical/\n\nhttps://www.reddit.com/r/CEH/comments/b1wgbs/ceh_v10_practical/\n\nhttps://www.youtube.com/watch?v=ZYEo2AQdgcg\n\nhttps://www.youtube.com/watch?v=MEYjyr65bJE\n\nhttps://www.reddit.com/r/CEH/comments/ek0gzp/ceh_practical_passed_2020/\n\nhttps://www.reddit.com/r/CEH/comments/evuztj/ceh_practical/\n\nhttps://www.reddit.com/r/CEH/comments/f6t80r/can_ceh_practical_be_regarded_as_a/\n\nhttps://www.reddit.com/r/CEH/comments/g6z6vn/just_passed_ceh_practical_1920/\n\nhttps://medium.com/@jonathanchelmus/c-eh-practical-exam-review-42755546c82e\n\nhttps://www.reddit.com/r/CEH/comments/hk6880/passing_ceh_practical/\n\nhttps://www.reddit.com/r/CEH/comments/f629zk/ceh_practical_vs_ejpt_vs_ecppt/\n\nhttps://www.youtube.com/watch?v=o1u69KvSFmQ\u0026list=PLmQBbrHGk7jQbsvF3_xJp720yaUgeYCkj\n\nhttps://www.youtube.com/watch?v=oYgtePf0z44\n\nhttps://www.youtube.com/watch?v=9g5gdhoDotg\u0026list=PLWGnVet-gN_kGHSHbWbeI0gtfYx3PnDZO\n\nhttps://www.youtube.com/watch?v=LHU0OFcWSBk\n\nhttps://medium.com/@mruur/ceh-practical-exam-review-918e76f831ff\n\nhttps://www.youtube.com/c/XanderBilla/videos\n\nhttps://www.youtube.com/watch?v=YZf5xmeaU58\n\nhttps://newhorizons.com.sg/ceh-master/\n\nhttps://www.iitlearning.com/certified-ethical-hacker-practical.php\n\nhttps://medium.com/@anontuttuvenus/ceh-practical-exam-review-185ea4cef82a\n\nhttps://www.cyberprotex.com/ceh.html\n\nhttps://www.infosec4tc.com/product/ceh-master-exam1-exam2-practical/\n\nhttps://sysaptechnologies.com/certified-ethical-hacker-ceh-v10-practical/\n\nhttps://jensoroger.wordpress.com/2019/02/09/oscp-ceh-practical/\n\nhttps://khroot.com/2020/06/20/certified-ethical-hacker-practical-review/\n\nhttps://github.com/Samsar4/Ethical-Hacking-Labs\n\nhttps://www.reddit.com/r/CEH/comments/jg0y6u/ceh_practical/\n\nhttps://www.reddit.com/r/CEH/comments/dfa1y8/passed_ceh_practical/\n\nhttps://www.reddit.com/r/CEH/comments/cgualo/ceh_practical_tell_me_about_it/\n\nhttps://www.reddit.com/r/CEH/comments/c69fou/passed_ceh_practicalpost_exam_writeup/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frajeevranjancom%2Fceh_practical_master_doc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frajeevranjancom%2Fceh_practical_master_doc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frajeevranjancom%2Fceh_practical_master_doc/lists"}