CEH v13 Modules
Each module includes Learn, Labs, Challenges, Assessment and a Mastery Report. Progress only advances through evidence — tracked commands, validated findings, solved challenges.
Introduction to Ethical Hacking
Kill-chain mapping, MITRE ATT&CK technique IDs.
Footprinting and Reconnaissance
Passive & active intel gathering on real targets.
Scanning Networks
IP/ASN intel and HTTP service fingerprinting.
Enumeration
DNS zone mining, CAA & TXT/SPF/DMARC enumeration.
Vulnerability Analysis
Live NVD CVE triage and CVSS v3.1 vectoring.
System Hacking
Hash cracking and Linux privilege-escalation paths.
Malware Threats
IoC hashing and malware-to-CVE mapping.
Sniffing
Layer-2 sniffing concepts and credential decoding.
Social Engineering
Phishing-domain CT recon and DMARC defense.
Denial of Service
Amplification factors and reflector protocols.
Session Hijacking
JWT decoding (alg=none) and cookie-flag auditing.
Evading IDS, Firewalls and Honeypots
Fragmentation, decoy, and evasion flags.
Hacking Web Servers
Header audits, robots.txt intel, stack fingerprinting.
Hacking Web Applications
XSS payload craft and TLS certificate inspection.
SQL Injection
Tautology bypass and UNION column-count discovery.
Hacking Wireless Networks
WPA2 4-way handshake mechanics.
Hacking Mobile Platforms
Android dangerous-permission identification.
IoT and OT Hacking
MQTT protocol footprint.
Cloud Computing
S3 endpoints and cloud IMDS attack paths.
Cryptography
Hashing comparison and XOR symmetric toy.