ceh v7 and v8 comparison
TRANSCRIPT
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 1 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Version Comparison
CEHv8 vs CEHv7
CEHv7 CEHv8
Updated information as per the latest developments with a proper flow
Classroom friendly with diagrammatic representation of concepts and attacks
Exclusive section for best practices to follow to protect information systems against various attacks
New and rich presentation style with eye catching graphics
Latest OS covered and a patched testing environment
Well tested, result oriented, descriptive and analytical lab manual to evaluate the presented concepts
19 Modules 20 Modules
90 Labs 110 Labs
1700 Slides 1770 Slides
No Document Document
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 2 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Module Comparison of CEHv8 with CEHv7
Introduction to Ethical Hacking
Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources. The topics highlighted in red under CEHv8 Module 01: Introduction to Ethical Hacking are the new additions.
CEHv7 Module 01: Introduction to Ethical Hacking
CEHv8 Module 01: Introduction to Ethical Hacking
Data Breach Investigations Report Data Breach Investigations Report
Essential Terminologies Essential Terminologies
Elements of Information Security Elements of Information Security
Effects of Hacking on Business Top Information Security Attack Vectors
Who Is a Hacker? Motives, Goals, and Objectives of Information Security Attacks
Hacking Phases Information Security Threats
Types of Attacks on a System Information Warfare
Why Ethical Hacking is Necessary IPv6 Security Threats
Skills of an Ethical Hacker Hacking vs. Ethical Hacking
Vulnerability Research Effects of Hacking on Business
What Is Penetration Testing? Who Is a Hacker?
Hacking Phases
Types of Attacks on a System
Why Ethical Hacking is Necessary
Skills of an Ethical Hacker
Incident Management Process
Types of Security Policies
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 3 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Vulnerability Research
What Is Penetration Testing?
Footprinting and Reconnaissance
Footprinting refers to uncovering and collecting as much information as possible about a target network, for identifying various ways to intrude into an organization’s network system. The topics highlighted in red under CEHv8 Module 02: Footprinting and Reconnaissance are the new additions.
CEHv7 Module 02: Footprinting and Reconnaissance
CEHv8 Module 02: Footprinting and Reconnaissance
Footprinting Terminologies Footprinting Terminologies
What Is Footprinting? What Is Footprinting?
Objectives of Footprinting Objectives of Footprinting
Footprinting Threats Footprinting Threats
Footprinting through Search Engines Footprinting through Search Engines
Website Footprinting Website Footprinting
Email Footprinting Email Footprinting
Competitive Intelligence Competitive Intelligence
Footprinting Using Google Footprinting Using Google
WHOIS Footprinting WHOIS Footprinting
DNS Footprinting DNS Footprinting
Network Footprinting Network Footprinting
Footprinting Tools Footprinting through Social Engineering
Footprinting Countermeasures Footprinting through Social Networking Sites
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 4 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Footprinting Pen Testing Footprinting Tools
Footprinting Countermeasures
Footprinting Pen Testing
Footprinting Terminologies
What Is Footprinting?
Scanning Networks
Network scanning refers to a set of procedures for identifying hosts, ports, and services in a network. The topics highlighted in red under CEHv8 Module 03: Scanning Networks are the new additions
CEHv7 Module 03: Scanning Networks CEHv8 Module 03: Scanning Networks
Overview of Network Scanning Overview of Network Scanning
CEH Scanning Methodology CEH Scanning Methodology
Checking for Live Systems Checking for Live Systems
Scanning Techniques Scanning IPv6 Network
IDS Evasion Techniques Scanning Techniques
Banner Grabbing IDS Evasion Techniques
Vulnerability Scanning Banner Grabbing
Drawing Network Diagrams Vulnerability Scanning
Proxy Chaining Drawing Network Diagrams
HTTP Tunneling Techniques Proxy Chaining
SSH Tunneling HTTP Tunneling Techniques
Anonymizers SSH Tunneling
IP Spoofing Detection Techniques Anonymizers
Scanning Countermeasures IP Spoofing Detection Techniques
Scanning Pen Testing Scanning Countermeasures
Scanning Pen Testing
Latest Network Scanning Tools Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 5 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
6 more Labs Added
Enumeration
In the enumeration phase, attacker creates active connections to system and performs directed queries to gain more information about the target. The topics highlighted in red under CEHv8 Module 04: Enumeration are the new additions.
CEHv7 Module 04: Enumeration CEHv8 Module 04: Enumeration
What Is Enumeration? What Is Enumeration?
Techniques for Enumeration Techniques for Enumeration
NetBIOS Enumeration Services and Ports to Enumerate
Enumerate Systems Using Default Passwords NetBIOS Enumeration
SNMP Enumeration Enumerate Systems Using Default Passwords
UNIX/Linux Enumeration SNMP Enumeration
LDAP Enumeration Working of SNMP
NTP Enumeration UNIX/Linux Enumeration
SMTP Enumeration LDAP Enumeration
DNS Enumeration NTP Enumeration
Enumeration Countermeasures SMTP Enumeration
Enumeration Pen Testing DNS Enumeration
Enumeration Countermeasures
Enumeration Pen Testing
Latest Enumeration Tools Added
1 more Lab Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 6 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
System Hacking
Password cracking techniques are used to recover passwords from computer systems. The topics highlighted in red under CEHv8 Module 05 System Hacking are the new additions.
CEHv7 Module 05 System Hacking CEHv8 Module 05 System Hacking
System Hacking: Goals System Hacking: Goals
CEH Hacking Methodology (CHM) CEH Hacking Methodology (CHM)
Password Cracking Password Cracking
Microsoft Authentication Stealing Passwords Using Keyloggers
How to Defend against Password Cracking Microsoft Authentication
Privilege Escalation How to Defend against Password Cracking
Types of Privilege Escalation Privilege Escalation
Executing Applications Types of Privilege Escalation
Types of Keystroke Loggers and Spywares Executing Applications
Anti-Keylogger and Anti-Spywares Methodology of Attacker in using Remote Keylogger
Detecting Rootkits Types of Keystroke Loggers and Spywares
NTFS Stream Manipulation Anti-Keylogger and Anti-Spywares
Classification of Steganography Various methods to place a rootkit
Steganalysis Methods/Attacks on Steganography
Detecting Rootkits
Covering Tracks NTFS Stream Manipulation
Penetration Testing Application of steganography
Classification of Steganography
Audio Steganography Methods
Issues in Information hiding
Steganalysis Methods/Attacks on Steganography
Detecting Text, Image, Audio, and Video Steganography
Covering Tracks
Penetration Testing
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 7 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Trojans and Backdoors
It is a program in which the malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and cause damage, such as ruining the file allocation table on your hard disk. The topics highlighted in red under CEHv8 Module 06: Trojans and Backdoors are the new additions.
CEHv7 Module 06: Trojans and Backdoors CEHv8 Module 06: Trojans and Backdoors
What Is a Trojan? What Is a Trojan?
What Do Trojan Creators Look For What Do Trojan Creators Look For
Indications of a Trojan Attack Indications of a Trojan Attack
Common Ports used by Trojans Common Ports used by Trojans
How to Infect Systems Using a Trojan How to Infect Systems Using a Trojan
Different Ways a Trojan can Get into a System
Different Ways a Trojan can Get into a System
How to Deploy a Trojan How to Deploy a Trojan
Types of Trojans Types of Trojans
How to Detect Trojans Trojan Analysis
Trojan Countermeasures How to Detect Trojans
Trojan Horse Construction Kit Trojan Countermeasures
Anti-Trojan Software Trojan Horse Construction Kit
Pen Testing for Trojans and Backdoors Anti-Trojan Software
Pen Testing for Trojans and Backdoors
Latest Trojan Detection Tools Added
2 more Labs Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 8 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Viruses and Worms
A virus is a self-replicating program that produces its own code by attaching copies of itself into other executable codes. The topics highlighted in red under CEHv8 Module 07: Viruses and Worms are the new additions.
CEHv7 Module 07: Viruses and Worms CEHv8 Module 07: Viruses and Worms
Introduction to Viruses Introduction to Viruses
Stages of Virus Life Stages of Virus Life
Working of Viruses Working of Viruses
Indications of Virus Attack Common Techniques Used to Distribute Malware on the Web
How does a Computer Get Infected by Viruses
Indications of Virus Attack
Types of Viruses How does a Computer Get Infected by Viruses
Virus Maker Virus Analysis
Computer Worms Types of Viruses
Worm Analysis Virus Maker
Worm Maker Computer Worms
Malware Analysis Procedure Worm Analysis
Online Malware Analysis Services Worm Maker
Virus and Worms Countermeasures Malware Analysis Procedure
Antivirus Tools Online Malware Analysis Services
Penetration Testing for Virus Virus Detection Methods
Virus and Worms Countermeasures
Antivirus Tools
Penetration Testing for Virus
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 9 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Sniffers
Packet sniffing is a process of monitoring and capturing all data packets passing through a given network using software (application) or hardware device. The topics highlighted in red under CEHv8 Module 08: Sniffing are the new additions.
CEHv7 Module 08: Sniffers CEHv8 Module 08: Sniffing
Packet Sniffing Packet Sniffing
Sniffing Threats Sniffing Threats
Types of Sniffing Attacks Types of Sniffing Attacks
Hardware Protocol Analyzers Hardware Protocol Analyzers
MAC Flooding IPv6 Addresses
How DHCP Works MAC Flooding
Rogue DHCP Server Attack How DHCP Works
ARP Spoofing Techniques Rogue DHCP Server Attack
ARP Poisoning Tools ARP Spoofing Techniques
How to Defend Against ARP Poisoning ARP Poisoning Tools
Spoofing Attack Threats How to Defend Against ARP Poisoning
How to Defend Against MAC Spoofing Spoofing Attack Threats
DNS Poisoning Techniques MAC Spoofing Technique
How to Defend Against DNS Spoofing IRDP Spoofing
Sniffing Tools How to Defend Against MAC Spoofing
Sniffing Pen Testing DNS Poisoning Techniques
How to Defend Against DNS Spoofing
Sniffing Tools
Sniffer Detection Technique
Sniffing Pen Testing
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 10 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Social Engineering
Social engineering is the art of convincing people to reveal confidential information. Social
engineers depend on the fact that people are unaware of their valuable information and are
careless about protecting it. The topics highlighted in red under CEHv8 Module 09: Social
Engineering are the new additions.
CEHv7 Module 09: Social Engineering CEHv8 Module 09: Social Engineering
What Is Social Engineering? What Is Social Engineering?
Factors that Make Companies Vulnerable to Attacks
Factors that Make Companies Vulnerable to Attacks
Warning Signs of an Attack Warning Signs of an Attack
Phases in a Social Engineering Attack Phases in a Social Engineering Attack
Common Targets of Social Engineering Common Targets of Social Engineering
Human-based Social Engineering Human-based Social Engineering
Computer-based Social Engineering Computer-based Social Engineering
Social Engineering Through Impersonation on Social Networking Sites
Mobile-based Social Engineering
Identify Theft Mobile-based Social Engineering Using SMS
Social Engineering Countermeasures Social Engineering Through Impersonation on Social Networking Sites
How to Detect Phishing Emails Identify Theft
Identity Theft Countermeasures Social Engineering Countermeasures
Social Engineering Pen Testing How to Detect Phishing Emails
Identity Theft Countermeasures
Social Engineering Pen Testing
Social Engineering Toolkit
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 11 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Denial of Service
Denial of Service (DoS) is an attack on a computer or network that prevents legitimate use of its
resources. The topics highlighted in red under CEHv8 Module 10: Denial-of-Service are the new
additions.
CEHv7 Module 10: Denial of Service CEHv8 Module 10: Denial-of-Service
What Is a Denial of Service Attack? What Is a Denial of Service Attack?
What Are Distributed Denial of Service Attacks?
What Are Distributed Denial of Service Attacks?
Symptoms of a DoS Attack Symptoms of a DoS Attack
DoS Attack Techniques DoS Attack Techniques
Botnet Botnet
Botnet Ecosystem Botnet Ecosystem
DDoS Attack Tools Botnet Trojans
DoS Attack Tools DDoS Attack Tools
Detection Techniques DoS Attack Tools
DoS/DDoS Countermeasure Detection Techniques
Techniques to Defend against Botnets DoS/DDoS Countermeasure
Advanced DDoS Protection Appliances Techniques to Defend against Botnets
Denial of Service (DoS) Attack Penetration Testing
Advanced DDoS Protection Appliances
Denial of Service (DoS) Attack Penetration Testing
Latest DDoS and DoS attack tools added
Latest DoS/DDoS Protection Tools added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 12 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Session Hijacking
Session Hijacking refers to the exploitation of a valid computer session where an attacker takes
over a session between two computers. The topics highlighted in red under CEHv8 Module 11:
Session Hijacking are the new additions.
CEHv7 Module 11: Session Hijacking CEHv8 Module 11: Session Hijacking
What Is Session Hijacking? What Is Session Hijacking?
Why Session Hijacking Is Successful? Why Session Hijacking Is Successful?
Key Session Hijacking Techniques Key Session Hijacking Techniques
Brute Forcing Attack Brute Forcing Attack
Session Hijacking Process Session Hijacking Process
Types of Session Hijacking Types of Session Hijacking
Application Level Session Hijacking Application Level Session Hijacking
Session Sniffing Session Sniffing
Man-in-the-Middle Attack Man-in-the-Middle Attack
Network Level Session Hijacking Network Level Session Hijacking
TCP/IP Hijacking TCP/IP Hijacking
Session Hijacking Tools Session Hijacking Tools
Protecting against Session Hijacking Protecting against Session Hijacking
IPsec Architecture IPsec Architecture
Session Hijacking Pen Testing Session Hijacking Pen Testing
Latest Session Hijacking Tools Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 13 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Hacking Webservers
Web server pen testing is used to identify, analyze, and report vulnerabilities such as
authentication weaknesses, configuration errors, protocol related vulnerabilities, etc. in a web
server. The topics highlighted in red under CEHv8 Module 12: Hacking Webservers are the new
additions.
CEHv7 Module 11: Session Hijacking CEHv8 Module 11: Session Hijacking
IIS Webserver Architecture IIS Webserver Architecture
Why Web Servers are Compromised? Why Web Servers are Compromised?
Impact of Webserver Attacks Impact of Webserver Attacks
Webserver Attacks Webserver Attacks
Webserver Attack Methodology Webserver Attack Methodology
Webserver Attack Tools Webserver Attack Tools
Metasploit Architecture Metasploit Architecture
Web Password Cracking Tool Web Password Cracking Tool
Countermeasures Countermeasures
How to Defend Against Web Server Attacks How to Defend Against Web Server Attacks
Patch Management How to Defend against HTTP Response Splitting and Web Cache Poisoning
Patch Management Tools Patch Management
Webserver Pen Testing Patch Management Tools
Latest Webserver Security Tools Added
Latest Webserver Pen Testing Tools Added
Webserver Pen Testing
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 14 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Hacking Web Applications
Web applications provide an interface between end users and web servers through a set of web
pages that are generated at the server end or contain script code to be executed dynamically
within the client web browser. The topics highlighted in red under CEHv8 Module 13: Hacking
Web Applications are the new additions.
CEHv7 Module 13: Hacking Web Applications
CEHv8 Module 13: Hacking Web Applications
How Web Applications Work How Web Applications Work
Web Attack Vectors Web Attack Vectors
Web Application Threats Web Application Threats
Web App Hacking Methodology Web App Hacking Methodology
Footprint Web Infrastructure Footprint Web Infrastructure
Hacking Web Servers Hacking Web Servers
Analyze Web Applications Analyze Web Applications
Attack Authentication Mechanism Attack Authentication Mechanism
Attack Authorization Schemes Attack Authorization Schemes
Session Management Attack Session Management Attack
Attack Data Connectivity Attack Data Connectivity
Attack Web App Client Attack Web App Client
Attack Web Services Attack Web Services
Web Application Hacking Tools Latest Web Application Hacking Tools
Countermeasures Countermeasures
Web Application Security Tools Latest Web Application Security Tools Added
Web Application Firewall Web Application Firewall
Web Application Pen Testing Web Application Pen Testing
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 15 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
SQL Injection
SQL Injection is the most common website vulnerability on the Internet. It is a flaw in Web
Applications and not a database or web server issue. The topics highlighted in red under CEHv8
Module 14: SQL Injection are the new additions.
CEHv7 Module 14: SQL Injection CEHv8 Module 14: SQL Injection
SQL Injection SQL Injection
SQL Injection Attacks SQL Injection Attacks
SQL Injection Detection SQL Injection Detection
SQL Injection Attack Characters SQL Injection Attack Characters
Testing for SQL Injection Testing for SQL Injection
Types of SQL Injection Types of SQL Injection
Blind SQL Injection Blind SQL Injection
SQL Injection Methodology SQL Injection Methodology
Advanced SQL Injection Advanced SQL Injection
Password Grabbing Bypass Website Logins Using SQL Injection
Network Reconnaissance Using SQL Injection Password Grabbing
SQL Injection Tools Network Reconnaissance Using SQL Injection
Evasion Technique Latest SQL Injection Tools Added
How to Defend Against SQL Injection Attacks Evasion Technique
SQL Injection Detection Tools How to Defend Against SQL Injection Attacks
Latest SQL Injection Detection Tools Added
2 more Labs Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 16 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Hacking Wireless Networks
Wi-Fi is developed on IEEE 802.11 standards, and it is widely used in wireless communication. It
provides wireless access to applications and data across a radio network. The topics highlighted
in red under CEHv8 Module 15: Hacking Wireless Networks are the new additions.
CEHv7 Module 15: Hacking Wireless Networks
CEHv8 Module 15: Hacking Wireless Networks
Types of Wireless Networks Types of Wireless Networks
Wireless Terminologies Wireless Terminologies
Types of Wireless Encryption Types of Wireless Encryption
How to Break WEP Encryption How to Break WEP Encryption
Wireless Threats Wireless Threats
Footprint the Wireless Network Footprint the Wireless Network
GPS Mapping Mobile-based Wi-Fi Discovery Tools
Wireless Traffic Analysis GPS Mapping
What Is Spectrum Analysis? Wireless Traffic Analysis
How to Reveal Hidden SSIDs What Is Spectrum Analysis?
Crack Wi-Fi Encryption How to Reveal Hidden SSIDs
Wireless Hacking Tools Crack Wi-Fi Encryption
Bluetooth Hacking Latest Wireless Hacking Tools Added
How to BlueJack a Victim Bluetooth Hacking
How to Defend Against Wireless Attacks How to BlueJack a Victim
Wireless Security Tools How to Defend Against Wireless Attacks
Wireless Penetration Testing Latest Wireless Security Tools Added
Wireless Penetration Testing
1 more Lab Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 17 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Hacking Mobile Platforms
CEHv8 Module 16 Hacking Mobile Platforms is a new module which covers the following topics:
CEHv8 Module 16 Hacking Mobile Platforms
Mobile Attack Vectors Guidelines for Securing Windows OS
Devices
Mobile Platform Vulnerabilities and
Risks Blackberry Attack Vectors
Android OS Architecture Guidelines for Securing BlackBerry
Devices
Android Vulnerabilities Mobile Device Management (MDM)
Android Trojans General Guidelines for Mobile
Platform Security
Securing Android Devices Mobile Protection Tools
Jailbreaking iOS Mobile Pen Testing
Guidelines for Securing iOS Devices
Windows Phone 8 Architecture
Evading IDS, Firewalls, and Honeypots
An intrusion detection system (IDS) gathers and analyzes information from within a computer
or a network, to identify the possible violations of security policy, including unauthorized
access, as well as misuse. The topics highlighted in red under CEHv8 Module 17: Evading IDS,
Firewalls, and Honeypots are the new additions.
CEHv7 Module 16: Evading IDS, Firewalls, and Honeypots
CEHv8 Module 17: Evading IDS, Firewalls, and Honeypots
Ways to Detect an Intrusion Ways to Detect an Intrusion
Types of Intrusion Detection Systems Types of Intrusion Detection Systems
General Indications of Intrusions General Indications of Intrusions
Firewall Architecture Firewall Architecture
Types of Firewall Types of Firewall
Firewall Identification Firewall Identification
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 18 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
How to Set Up a Honeypot How to Set Up a Honeypot
Intrusion Detection Tools Latest Intrusion Detection Tools Added
How Snort Works How Snort Works
Firewalls Firewalls
Honeypot Tools Latest Honeypot Tools Added
Evading IDS Evading IDS
Evading Firewalls Evading Firewalls
Detecting Honeypots Detecting Honeypots
Firewall Evasion Tools Latest Firewall Evasion Tools Added
Packet Fragment Generators Packet Fragment Generators
Countermeasures Countermeasures
Firewall/IDS Penetration Testing Firewall/IDS Penetration Testing
1 more Lab Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 19 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Buffer Overflow
A generic buffer overflow occurs when a program tries to store more data in a buffer than it
was intended to hold. The topics highlighted in red under CEHv8 Module 18: Buffer Overflow
are the new additions.
CEHv7 Module 17: Buffer Overflow CEHv8 Module 18: Buffer Overflow
Heap-Based Buffer Overflow Heap-Based Buffer Overflow
Knowledge Required to Program Buffer Overflow Exploits
Why Are Programs and Applications Vulnerable to Buffer Overflows?
Buffer Overflow Steps Knowledge Required to Program Buffer Overflow Exploits
Overflow Using Format String Buffer Overflow Steps
Buffer Overflow Examples Overflow Using Format String
How to Mutate a Buffer Overflow Exploit Buffer Overflow Examples
Identifying Buffer Overflows How to Mutate a Buffer Overflow Exploit
How to Detect Buffer Overflows in a Program
Identifying Buffer Overflows
BoF Detection Tools How to Detect Buffer Overflows in a Program
Defense Against Buffer Overflows Latest BoF Detection Tools Added
Buffer Overflow Security Tools Defense Against Buffer Overflows
Buffer Overflow Penetration Testing Programming Countermeasures
Latest Buffer Overflow Security Tools Added
Buffer Overflow Penetration Testing
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 20 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Cryptography
Cryptography is the conversion of data into a scrambled code that is decrypted and sent across
a private or public network. The topics highlighted in red under CEHv8 Module 19:
Cryptography are the new additions.
CEHv7 Module 18: Cryptography CEHv8 Module 19: Cryptography
Cryptography Cryptography
Encryption Algorithms Encryption Algorithms
Ciphers Ciphers
What Is SSH (Secure Shell)? What Is SSH (Secure Shell)?
Cryptography Tools Latest Cryptography Tools Added
Public Key Infrastructure (PKI) Public Key Infrastructure (PKI)
Certification Authorities Certification Authorities
Digital Signature Digital Signature
Disk Encryption Disk Encryption
Disk Encryption Tool Disk Encryption Tool
Cryptography Attacks Cryptography Attacks
Code Breaking Methodologies Code Breaking Methodologies
Cryptanalysis Tools Latest Cryptanalysis Tools Added
Online MD5 Decryption Tools Online MD5 Decryption Tools
2 more Labs Added
Certified Ethical Hacker Exam 312-50 Version Comparison
Page | 21 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.
Penetration Testing
Penetration testing assesses the security model of the organization as a whole. It reveals
potential consequences of a real attacker breaking into the network. The topics highlighted in
red under CEHv8 Module 20: Penetration Testing are the new additions.
CEHv7 Module 19: Penetration Testing CEHv8 Module 20: Penetration Testing
Security Assessments Security Assessments
Vulnerability Assessment Vulnerability Assessment
What Should be Tested? Introduction to Penetration Testing
ROI on Penetration Testing Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
Types of Penetration Testing What Should be Tested?
Common Penetration Testing Techniques ROI on Penetration Testing
Pre-Attack Phase Types of Penetration Testing
Attack Phase Common Penetration Testing Techniques
Post-Attack Phase Pre-Attack Phase
Penetration Testing Deliverable Templates Attack Phase
Pen Testing Roadmap Post-Attack Phase
Web Application Testing Penetration Testing Deliverable Templates
Outsourcing Penetration Testing Services Pen Testing Roadmap
Web Application Testing
Outsourcing Penetration Testing Services