What this book covers

Chapter 1, Understanding Ethical Hacking, covers the elements of InfoSec, the cyber kill chain methodology, different hacking concepts, types, and phrases, as well as the concepts of ethical hacking.

Chapter 2, Introduction to Reconnaissance, is all about reconnaissance. Everything has a starting point, and the starting point for attackers when they target an organization is through the process of reconnaissance/footprinting.

Chapter 3, Reconnaissance – a Deeper Dive, delves into reconnaissance in more depth. Now that you've got a basic understanding of the information we're trying to gather during the reconnaissance stage, let's dive deeper by looking at OSINT and at publicly available data such as social media services, job sites, and even going back in time to view previous versions of a company's web page.

Chapter 4, Scanning Networks, tells us that scanning the network is the process of discovering this type of information. In some cases, we can remain undiscovered, while other techniques might alert a security team.

Chapter 5, Enumeration, explores how enumeration can expose things such as usernames and groups on systems, routing tables, system names, and network shares.

Chapter 6, Vulnerability Analysis, demonstrates how vulnerability analysis is key in providing security to any company's infrastructure from external as well as internal threats.

Chapter 7, System Hacking, focuses on the tools and techniques that can be used by attackers to hack the systems identified in our first four steps. This is the ultimate goal of attackers, and it will show you just how vulnerable you might be.

Chapter 8, Social Engineering, describes an easier method that attackers are discovering and actively using to avoid steps 2 to 5. Humans. We are the weakest link. There is no defense against social engineering; only constant vigilance and training of employees can help to circumvent these techniques.

Chapter 9, Malware and Other Digital Attacks, describes some of the most common attack vectors that hackers will exploit, including malware, viruses, ransomware, and denial-of-service (DoS).

Chapter 10, Sniffing and Evading IDS, Firewalls, and Honeypots, examines how sniffing can provide insights into the possibilities of different types of poisoning attacks taking place on a network. These types of attacks and information can help an attacker avoid honeypots and even get around firewalls and intrusion detection systems (IDSs).

Chapter 11, Hacking Wireless Networks, explains how wireless networks present a completely new attack vector that can be challenging to secure. Attackers will go after these networks as many times, lower encryption technologies are often used as well as the vulnerabilities associated with devices and software that are involved.

Chapter 12, Hacking Mobile Platforms, talks about how mobile devices are quickly replacing desktops and laptops as they allow users to not only do the same productivity tasks, but also store critical information such as contact lists, calendars, and credentials. This chapter will show the threats to mobile platforms that attract attackers to these targets.

Chapter 13, Hacking Web Servers and Web Apps, covers how the growth of the internet and web technologies, combined with rapidly increasing internet connectivity, has led to the emergence of a new business landscape. The interconnectivity of services, plugins, operating systems, APIs, and web shells creates an environment ripe for misconfigurations and missed patches.

Chapter 14, Hacking IoT and OT, explains why organizations using IoT or OT devices as part of their network need to protect both the devices and the information from attackers. All security professionals need to understand the landscape of cyber threats, industrial infrastructure, and business.

Chapter 15, Cloud Computing, examines how the push to cloud-based computing has been fast and advantageous for organizations; however, just like any technology, cloud environments also pose several threats and risks. Attackers are targeting vulnerabilities in the cloud software to gain unauthorized access to networks

Chapter 16, Using Cryptography, describes how cryptography and cryptographic (crypto) systems help in securing data from being compromised during online transmissions, but they are not unhackable. Careful deployment and maintaining a healthy environment will help keeps attackers out.

Chapter 17, CEH Exam Practice Questions, lets you see what you have learned!