Certified Ethical Hacker (CEH) kya hai?
Certified Ethical Hacker (CEH) ek globally recognized security certification hai jo yeh prove karti hai ki aapke paas un hackers jaise skills aur creativity hai jo malicious intent ke saath systems ko hack karte hain — lekin aap un skills ka use ethical purpose ke liye karte ho. Yeh certification EC-Council ke through diya jata hai (CEH v12 version). CEH certification beginners ke liye bhi available hai aur professionals ke liye bhi — bas sahi preparation aur resources ki zarurat hoti hai.
CEH ek aisi certification hai jo yeh validate karti hai ki kisi person ke paas penetration testing karne ki knowledge aur skills hain. Bahut saare employers is certification ko ek eligibility criteria maante hain. CEH Cheat Sheet ek short report hoti hai jo exam ke pehle revise karne aur memorize karne mein help karti hai.
CEH itna important kyu hai?
Ethical hackers wo security professionals hote hain jo apni knowledge aur skills ka use doosron ke computer systems test karne ke liye karte hain — bina kisi damage ke intention ke. Isme physical security, access control, identity management, aur application security jaise topics aate hain. Ethical hacking ka ek major part hota hai penetration testing — jisme kisi system ya network ko deliberately attack kiya jata hai vulnerabilities dhundhne ke liye — taki unhe fix kiya ja sake before real attackers unka misuse karein.
CEH Cheat Sheet kya hai?
CEH Cheat Sheet ek online quick reference guide hai jo CEH certification exam ke commonly used configurations aur important concepts ko summarize karti hai. Isme kuch advanced topics bhi included hote hain jo exam pass karne ke liye zaruri hote hain.
Ye cheat sheet batati hai exam mein kya aata hai, kaise prepare karein, aur kaise pass karein. Easy-to-read layout mein sari important CEH exam objectives diye gaye hote hain.
Ye cheat sheet aapke certification journey mein ek reference guide ki tarah kaam karti hai!
CEH Cheat Sheet kaise use karein?
Aap cheat sheet ko hamare website se dekh sakte hain ya download kar sakte hain. Agar aap offline use karna chahte hain to isse apne device mein save karke kabhi bhi access kar sakte hain. CEH ke cheat sheets exam ke pehle revision aur memory refresh ke liye bahut useful hoti hain. Ye ensure karti hai ki aapko last moment pe overload feel na ho. Agar aapko kuch aur add karna ho to aap apna version bhi bana sakte ho.
CEH Cheat Exam Sheet ka use kyu karein?
CEH exam sheet ek aisa tool hai jo aapko short time mein exam ke liye prepare karne mein help karta hai. Sabse badi baat ye hai ki isse ek aise person ne banaya hai jo khud real exam de chuka hai aur pass bhi hua tha. Wo person NCCA certified tha, aur ab wo chahta hai ki aap bhi apna certification pass karein.
Market mein aur bhi tools available hain jo CEH exam clear karne ka claim karte hain, lekin unke paas wahi experience nahi hai. Wo aapko exactly nahi bata sakte ki kaise questions aayenge, kitne questions honge, etc. Lekin ye tool wo sab details provide karta hai!
1. Risks aur Vulnerabilities ko aur achhi tarah samajhna
CEH certification lene ke baad aapko yeh samajhne ka mauka milta hai ki hackers kaise sochte hain aur kaise kaam karte hain. Certified Ethical Hackers (CEH v12) ke paas aise kai benefits hote hain jo aapko security landscape ko better samajhne aur high-level ki security build karne mein help karte hain.
CEH certification aapko risks aur vulnerabilities ke baare mein gehra insight deta hai, jo kai tarah se faayda mand ho sakta hai.
Aapko yeh samajh mein aane lagega ki hackers kis tarah soch kar kaam karte hain, jisse aap unke actions ko pehle hi predict kar sakte hain. Yeh ek important point hai un companies ke liye jo apna data secure rakhna chahti hain. Aap informed decisions le sakte hain aur risks ko identify karke unhe pehle hi mitigate kar sakte hain, jaise hi wo issues banne se pehle pakad mein aa jaayein.
2. Hackers kaise sochte hain, yeh samajhna
Certified Ethical Hacker (CEH) certification aapko hacking techniques ke baare mein sikhaata hai, jiska matlab hai ki aap samajh paayenge ki cyber criminals kis tarah soch kar kisi network ko hack karne ya credit card details churaane ki koshish karte hain.
Yeh knowledge aapko naye strategies develop karne mein madad karegi, jisse aap cyber-attacks ko prevent kar sakein. Iske liye aap different tools jaise firewalls aur antivirus software ka use kar sakte hain.
Hacking sirf systems ko todne tak simit nahi hai — yeh is baat ko samajhne ka process hai ki ek system kaise kaam karta hai, aur usmein kya weaknesses hain jinhe exploit karke hackers sensitive information ya valuable resources tak pahunch sakte hain — jo aapki organization ya customers ke liye bahut important ho sakti hain.
3. CEH se aap zyada paise kama sakte ho
Certified Ethical Hacker (CEH) certification aapki earning badhaane mein bhi madad karti hai, kyunki yeh organizations ko aise skilled IT professionals hire karne mein help karti hai jo cybersecurity issues ko achhe se samajhte hain aur jo latest hacking tools aur technologies se updated hote hain.
CEH v12 credential ka use aap apne career growth ko boost karne ke liye kar sakte hain. Is certification ke through aap industry mein apni value badha sakte hain, jo directly aapki salary aur job opportunities ko positively impact karta hai.
b. Elements of Information Security (Information Security ke Elements)
Confidentiality (Gopniyata): Yeh ensure karta hai ki information sirf authorized logon tak hi pahunch sake.
Integrity (Akhandata): Yeh ensure karta hai ki information accurate ho aur bina changes ke ho.
Availability (Upalabdhata): Authorized users ko zarurat ke samay resources available rahein, yeh ensure karta hai.
Authenticity (Asliyat): Information ya resource ki asli hone ki quality ko ensure karta hai.
Non-repudiation (Inkaar na kar pana): Yeh confirm karta hai ki sender ne message bheja aur receiver ne usse receive kiya – dono deny nahi kar sakte.
c. Phases of Penetration Testing (Penetration Testing ke Phases)
Reconnaissance (Jaankari ikattha karna)
Scanning & Enumeration (Systems ko scan karke details nikalna)
Gaining Access (Target system mein ghusna)
Maintaining Access (Access ko banaye rakhna)
Covering Tracks (Evidence mita dena taaki koi trace na kar sake)
d. Types of Threats (Threats ke Types)
Network Threats: Attacker network channel ko tod kar wahan se data chura sakta hai.
Host Threats: System se directly sensitive info chura leta hai.
Application Threats: Application ke andar ke unprotected gateways ka fayda uthakar attack karta hai.
e. Types of Attacks (Attacks ke Prakar)
OS Attacks: Victim ke Operating System par directly attack hota hai.
App Level Attacks: Application pe based attacks – usually developer ne security testing nahi ki hoti.
Shrink Wrap Code Attacks: Outdated libraries ya frameworks ke bugs ka use karke attack.
Misconfiguration Attacks: Poorly configured security settings ka fayda uthakar kiya gaya attack.
2. Legal (Legal Aspects ya Laws)
18 U.S.C 1029 & 1030: Fraud aur unauthorized access se related U.S. laws.
RFC 1918: Private IP addresses ke standard define karta hai.
RFC 3227: Forensic data collection and storage guide.
ISO 27002: Information Security ke guidelines.
CAN-SPAM: Email marketing rules set karta hai.
SPY-Act: Software license enforcement ke liye.
DMCA: Digital Intellectual Property ko protect karta hai.
SOX: Corporate financial data ke processes ke rules.
GLBA: Personal financial information ke protection ke liye.
FERPA: Students ke education records ke protection ke liye.
FISMA: U.S. government networks ke security standards.
CVSS: Vulnerability ki severity score karne ka system.
CVE: Known vulnerabilities aur exposures ka database.
3. Reconnaissance (Footprinting ya Shuruaati Jaankari Ikatthi Karna)
a. Footprinting Information:
Network Info: Domain, subdomains, IP addresses, Whois records, DNS info, VPN firewalls etc. (e.g. ike-scan se).
System Info: Web server ka OS, servers ki location, users ke naam, usernames, passwords, etc.
Organization Info: Employees ki info, company background, phone numbers, addresses.
b. Footprinting Tools:
Maltego
Recon-ng (Framework)
FOCA
Recon-dog
Dmitry (DeepMagic Information Gathering Tool)
c. Google Hacking (Google Dorks ke through Vulnerabilities dhoondhna)
Google hacking mein Google ke advanced search operators use hote hain – jise “dorks” kehte hain – vulnerabilities dhoondhne ke liye.
Common Dorks:
site:– Specific domain ke pages dikhata hai.inurl:– URL mein specific text hone wale pages.intitle:– Title mein specific word wale pages.cache:– Page ka cached version.link:– Jisme specific URL ka link ho. (Ab discontinued hai.)filetype:– Specific file type ke results.
Google Hacking Tools:
Google Hack Honeypot
Google Hacking Database (GHDB)
Metagoofil
4. Scanning Networks (Network Scanning)
Yeh process host, open ports aur network services ke baare mein aur info collect karta hai – taaki vulnerabilities identify karke ek attack plan banaya ja sake.
a. Scanning Types:
Port Scanning: Open ports aur unpe chalne wali services ka pata lagana.
Network Scanning: Network mein active IP addresses identify karna.
Vulnerability Scanning: Known vulnerabilities test karna systems mein.
b. Common Ports to Scan (Common Ports jo scan kiye jaate hain)
| Port | Protocol | Use |
|---|---|---|
| 22 | TCP | SSH (Secure Shell) – Secure remote login ke liye |
| 23 | TCP | Telnet – Remote login, insecure |
| 25 | TCP | SMTP (Simple Mail Transfer Protocol) – Email sending |
| 53 | TCP/UDP | DNS (Domain Name System) – Domain resolution |
| 80 | TCP | HTTP (Hypertext Transfer Protocol) – Web browsing |
| 123 | TCP | NTP (Network Time Protocol) – Time synchronization |
| 443 | TCP/UDP | HTTPS – Secure web browsing |
| 500 | TCP/UDP | IKE/IPSec – VPN connection ke liye |
| 631 | TCP/UDP | IPP (Internet Printing Protocol) – Network printing |
| 3389 | TCP/UDP | RDP (Remote Desktop Protocol) – Remote desktop |
| 9100 | TCP/UDP | AppSocket/JetDirect – Printer connection (HP) |
c. Scanning Tools (Network Scan karne ke Tools)
1. Nmap – Network scanning ke liye, special packets bhej kar scan karta hai.
Common Nmap Options:
-sA: ACK scan-sF: FIN scan-sS: SYN scan-sT: TCP connect scan-sI: Idle scan-sn: Ping sweep-sN: NULL scan-sR: RPC scan-sW: Window scan-sX: XMAS tree scan-PS: SYN ping-PT: TCP ping-oN: Normal output-oX: XML output-A: OS detection, version detection, script scanning-T0to-T4: Timing options – Slow se Fast
2. Hping – Advanced port scanner, low-level aur stealthy scanning ke liye. Individual IP scan karta hai (Nmap ke comparison mein zyada discreet).
d. Scanning Techniques (Scanning karne ke Techniques)
ICMP Scanning: Broadcast ICMP ping, ICMP sweep
TCP Scanning: TCP connect, SYN scan, ACK scan, IDLE scan
UDP Scanning: Port reachable ya nahi, ICMP error packet se pata lagta hai
List Scanning: Reverse DNS resolution se host name identify karna
SSDP Scanning: UPnP vulnerabilities detect karna
ARP Scan: Ethernet LAN scan karne ke liye useful
5. Enumeration (System se Detailed Info lena)
System se directly query karke important information nikalna.
a. Enumeration Techniques:
Windows Enumeration
User Account Enumeration
NetBIOS Enumeration
SNMP Enumeration
LDAP Enumeration
NTP Enumeration
SMTP Enumeration
Active Directory Brute Forcing
b. DNS Enumeration:
DNS (Domain Name System) URLs ko IP addresses se map karta hai.
Common Tools:
dnsreconnslookupdighost
c. DHCP Process (IP Address Allocation):
Client — Discover –> Server
Server — Offer –> Client
Client — Request –> Server
Server — Acknowledge (Ack) –> Client
6. Sniffing (Network pe data packets ko capture karna)
a. Sniffing Types:
Passive Sniffing: Koi packets send nahi karta – sirf sunta hai.
Active Sniffing: Packets actively send hote hain with source/destination.
b. Sniffer Tools:
Network se data capture karne wale tools:
Cain and Abel
Libpcap
TCPflow
Tcpdump
Wireshark
Kismet
c. Wiretapping:
Internet ya phone conversation pe third-party monitoring.
d. Sniffing Attacks:
MAC Flooding: Switch ko fake MAC addresses se flood kar dena.
DHCP Attacks: Server ke saare IPs le lena, DoS create karna.
DNS Poisoning: Real IP ko malicious IP se replace karna.
VLAN Hopping: Ek VLAN se dusri VLAN ka traffic capture karna.
OSPF Attacks: Fake router banakar routing manipulate karna.
7. Attacking a System (System par Attack karna)
a. LM Hashing:
Windows ke old password hashing system – e.g.,
7 spaces = AAD3B435B51404EE
b. Attack Types:
Passive Online: System ko bina disturb kiye vulnerabilities nikalna
Active Online: Password guessing
Offline: Passwords chura lena (e.g., from SAM file)
Non-electronic: Social Engineering
c. Sidejacking:
Cookies hijack karke kisi session ka access le lena.
d. Authentication Types:
Type 1: Kuch jaante ho (e.g., password)
Type 2: Kuch rakhte ho (e.g., ID card)
Type 3: Tum khud ho (e.g., fingerprint, retina)
e. Session Hijacking Steps:
Client-server traffic sniff karna
Sequence predict karna
Session desynchronize karna
Session hijack karna
Fake packets inject karna
8. Social Engineering (Logo se information nikalna)
Logon ko manipulate karke unse confidential info lena.
a. Steps:
Research: Target organization ke baare mein info collect karna
Select Target: Specific employee choose karna
Relationship Build: Trust banana
Exploit: Information extract kar lena
b. Identity Theft:
Kisi employee ki personal info chura kar unka role play karna.
c. Types of Social Engineers:
Insider Associates: Limited access wale employees
Insider Affiliates: Insiders jo identity spoof kar sakte hain
Outsider Affiliates: Bahar wale log jo vulnerable access point ka use karte hain
9. Physical Security (Physical Suraksha)
a. Physical Measures:
Air quality
Power backup
Humidity control
b. Technical Measures:
Smart cards
Biometric authentication
c. Operational Measures:
Policies and procedures
Access control plans
Access Control Metrics:
False Rejection Rate (FRR): Valid user ko reject karna
False Acceptance Rate (FAR): Invalid user ko allow karna
Crossover Error Rate (CER): Point jahan FAR = FRR hota hai (balance point)
