CEH v13 Module 01 Cheat Sheet: Introduction to Ethical Hacking
Devesh AgarwalModule 01: Introduction to Ethical Hacking
As I prepare for the Certified Ethical Hacker (CEH) certification, Iโve put together this cheat sheet for Module 01: Introduction to Ethical Hacking. This quick reference is divided into two parts:
๐ง Part 1: Key Concepts for MCQs
๐ ๏ธ Part 2: Tools and Commands You Must Know
๐ง Part 1: Key Concepts for CEH MCQs
๐ Ethical Hacking Basics
Ethical Hacking is the legal practice of testing a systemโs security by attempting to exploit vulnerabilities โ all with permission.
๐ค Types of Hackers
| Type | Description |
| Black Hat | Malicious attacker |
| White Hat | Ethical hacker |
| Grey Hat | Mix of good and bad intentions |
| Script Kiddie | Uses tools without deep knowledge |
| Hacktivist | Political/social motivation |
| State-Sponsored | Government-employed attacker |
๐ The CIA Triad + More
| Concept | Description |
| Confidentiality | Protect data from unauthorized access |
| Integrity | Ensure data is unaltered |
| Availability | Ensure services/data are accessible |
| Authenticity | Verify identities |
| Non-Repudiation | No denial of action or communication |
๐ก๏ธ Security Testing Types
| Testing Type | Purpose |
| Vulnerability Assessment | Identify weaknesses |
| Penetration Testing | Exploit vulnerabilities |
| Security Auditing | Verify security policies |
| Posture Assessment | Overall security status |
๐ Ethical Hacking Phases
Reconnaissance โ Info gathering
Scanning โ Network, port, and vulnerability scanning
Gaining Access โ Exploiting weaknesses
Maintaining Access โ Backdoors, persistence
Covering Tracks โ Deleting logs, hiding activity
๐ฅ Common Attack Vectors
Social Engineering
Web Application Attacks (XSS, SQLi)
Wireless Attacks
Cloud & IoT Exploits
MITM (Man-in-the-Middle)
DoS/DDoS
๐งฑ Defense Tactics vs. Hacking Phases
| Phase | Countermeasure |
| Reconnaissance | IDS/IPS, DNS monitoring, Honeypots |
| Scanning | Firewall rules, Port filtering |
| Gaining Access | Patch management, Multi-factor Auth |
| Maintaining Access | EDR, Behavioral Analytics |
| Covering Tracks | Centralized logging, File integrity tools |
๐ ๏ธ Part 2: Important Tools and Commands
๐งฐ Common Ethical Hacking Tools
| Tool | Use Case |
| Nmap | Network scanning and host discovery |
| Wireshark | Packet analysis |
| Metasploit | Exploit framework |
| Nessus | Vulnerability scanner |
| Burp Suite | Web security testing |
| Hydra | Password brute-forcing |
| John the Ripper | Password cracking |
| Aircrack-ng | Wireless testing |
| Nikto | Web server scanning |
๐ง Common Command Examples
๐ Nmap (Network Mapping)
nmap -sS 192.168.1.1 # Stealth SYN scan
nmap -A 192.168.1.1 # Aggressive scan with OS detection
nmap -p 1-65535 192.168.1.1 # Full port scan
Subscribe to my newsletter
Read articles from Devesh Agarwal directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by