ceh study, amount of applications

productproduct Member Posts: 7 ■□□□□□□□□□
Viewing the CEH labs there must be at least 50 different applications to learn

I feel like I can skip/lightly brush over some of these, as how many network scanners do I need to know well, how many malware creators etc?
  • Looking at the exam; could somene clarify what apps you need to know for it (I assume hping3, nmap, snort, metasplot?)
  • Do the other lesser known apps come up in the exam e.g "GUI Trojan Mosucker"?


  • Options
    cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Best option is for you to check the "Passed CEH" threads. Most popular applications will be evident there.
  • Options
    OctalDumpOctalDump Member Posts: 1,722
    nmap, nmap, nmap. I think also wireshark and ettercap filters. Most of the other stuff, you just need to know what the tool is, what you use it for etc. check out old forum threads or a hacker course online to brush up on your apps.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • Options
    IronmanXIronmanX Member Posts: 323 ■■■□□□□□□□
    "(I assume hping3, nmap, snort, metasplot?)"

    No Metasploit usage questions. I believe you could be asked high level questions like whats the meterpreter is and stuff like that. I think it may be possible to get snort questions, but I did not get any. I think with snort you can figure out whats going on with snort if you know your ports.

    Know your ports and not just the common 21, 80, 443....

    Know nmap very well (nmap switches, how ports response when you have different tcp flags set. know TCP very well), know wireshark very well.
    Know Aircrack-ng well.

    I did get asked hping3 questions but I don't think you need a huge focus on that tool like you do TCP, nmap, wireshark...
  • Options
    danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    They love nmap, so know what each letter of the command does. I don't think metasploit and hping so much. Perhaps tcpdump, wireshark, know your tcp flags and what they do, port numbers, etc.
    I am a Jack of all trades, Master of None
  • Options
    productproduct Member Posts: 7 ■□□□□□□□□□
    Thanks guys, great answers v helpful !
  • Options
    BadgerTesterBadgerTester Registered Users Posts: 1 ■□□□□□□□□□
    I got a 60% on my test this morning. Odd, I actually only second guessed myself on about 10 questions. I know me failing doesn't give me much credibility, but I have actually taken this test 2 other times. I even before this 3rd time went to a boot camp. The instructor informed us that they have completely "revamped" the test and added new material. So I studied in depth the mobile security chapter (because the v8 didn't go nearly as in depth in to mobile mobile side as v9 has now) and the cloud computing had its own chapter. There was not one question on the test about either one of those chapters, except 2 and they both were about bluetooth. It had maybe 3 nmap questions, one being a command syntax question (-F). I believe there were maybe 5 ethical pen testing questions.
    Know your Firewalls! I believe there were 8 different firewall questions. Lots of tool questions (dmitry, kerberos, armatage, metadoogil) there were more but those are the ones I remember off the top of my head. Lots of Sql injection, XSS and cross-site request forgery questions. Noticed a few buffer over flow questions. Study web applications. Had one Hash question, RSA. There are about 10 wireless questions. So know your wireless data, from what type of antenna to 802.11a/b/g/i/n.

    I think what hurt me was the scenario questions. I am not very good with those, one word throwing me off sucks. There are a few port questions specifically one about printers.

    Hope this helps you, I will warn you that I saw a lot more wireless network questions the second time I took the test vs this 3rd time. I have been using the pocket prep v9 and have recognized many of the questions from the times I took the tests. I am looking to take it one more time later this year, maybe when there is a valid test **** out (maybe by May or June). Because all three times I have taken it I have not had any direction as to what to study. So I have gone into the tests trying to know everything and honestly that isn't possible unless I had been already involved in Ethical hacking in the first place. I suggest setting up a lab or reading through a lab manual to get an idea as to how the tools work and function. Because some of the questions require you to "finish the answer," based on the tool in the question.

    So, I am not saying don't study the mobile hacking or the cloud computing part. BUT, I again have taken it 3 times and the only questions about either one of those; that I can recall, are about bluetooth.

    Anyway, I know i don't have much credibility since I have not passed. But I guess in my mind, any "direction" I can have is good direction.
  • Options
    Sch1smSch1sm Member Posts: 64 ■■■□□□□□□□
    They've removed buffer overflows from the study material, btw. So I would be surprised if they had questions on that. Then again, you never know with ECC..
Sign In or Register to comment.