CEH v13 Module 01 Cheat Sheet: Introduction to Ethical Hacking

Module 01: Introduction to Ethical Hacking
As I prepare for the Certified Ethical Hacker (CEH) certification, Iโve put together this cheat sheet for Module 01: Introduction to Ethical Hacking. This quick reference is divided into two parts:
๐ง Part 1: Key Concepts for MCQs
๐ ๏ธ Part 2: Tools and Commands You Must Know
๐ง Part 1: Key Concepts for CEH MCQs
๐ Ethical Hacking Basics
Ethical Hacking is the legal practice of testing a systemโs security by attempting to exploit vulnerabilities โ all with permission.
๐ค Types of Hackers
Type | Description |
Black Hat | Malicious attacker |
White Hat | Ethical hacker |
Grey Hat | Mix of good and bad intentions |
Script Kiddie | Uses tools without deep knowledge |
Hacktivist | Political/social motivation |
State-Sponsored | Government-employed attacker |
๐ The CIA Triad + More
Concept | Description |
Confidentiality | Protect data from unauthorized access |
Integrity | Ensure data is unaltered |
Availability | Ensure services/data are accessible |
Authenticity | Verify identities |
Non-Repudiation | No denial of action or communication |
๐ก๏ธ Security Testing Types
Testing Type | Purpose |
Vulnerability Assessment | Identify weaknesses |
Penetration Testing | Exploit vulnerabilities |
Security Auditing | Verify security policies |
Posture Assessment | Overall security status |
๐ Ethical Hacking Phases
Reconnaissance โ Info gathering
Scanning โ Network, port, and vulnerability scanning
Gaining Access โ Exploiting weaknesses
Maintaining Access โ Backdoors, persistence
Covering Tracks โ Deleting logs, hiding activity
๐ฅ Common Attack Vectors
Social Engineering
Web Application Attacks (XSS, SQLi)
Wireless Attacks
Cloud & IoT Exploits
MITM (Man-in-the-Middle)
DoS/DDoS
๐งฑ Defense Tactics vs. Hacking Phases
Phase | Countermeasure |
Reconnaissance | IDS/IPS, DNS monitoring, Honeypots |
Scanning | Firewall rules, Port filtering |
Gaining Access | Patch management, Multi-factor Auth |
Maintaining Access | EDR, Behavioral Analytics |
Covering Tracks | Centralized logging, File integrity tools |
๐ ๏ธ Part 2: Important Tools and Commands
๐งฐ Common Ethical Hacking Tools
Tool | Use Case |
Nmap | Network scanning and host discovery |
Wireshark | Packet analysis |
Metasploit | Exploit framework |
Nessus | Vulnerability scanner |
Burp Suite | Web security testing |
Hydra | Password brute-forcing |
John the Ripper | Password cracking |
Aircrack-ng | Wireless testing |
Nikto | Web server scanning |
๐ง Common Command Examples
๐ Nmap (Network Mapping)
nmap -sS 192.168.1.1 # Stealth SYN scan
nmap -A 192.168.1.1 # Aggressive scan with OS detection
nmap -p 1-65535 192.168.1.1 # Full port scan
Subscribe to my newsletter
Read articles from Devesh Agarwal directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
