CEH Practical is a 6-hour, rigorous exam that requires you to demonstrate skills and abilities of ethical hacking techniques such as:

• Port scanning tools (e.g., Nmap, Hping)
• Vulnerability detection
• Attacks on a system (e.g., DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
• SQL injection methodology and evasion techniques
• Web application security tools (e.g., Acunetix WVS)
• SQL injection detection tools (e.g., IBM Security AppScan)
• Communication protocols
• and more…
• Port scanning tools (e.g., Nmap, Hping)
• Vulnerability detection
• Attacks on a system (e.g., DoS, DdoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
• SQL injection methodology and evasion techniques
• Web application security tools (e.g., Acunetix WVS)
• SQL injection detection tools (e.g., IBM Security AppScan)
• Communication protocols
• Scanning (e.g., Port scanning, banner grabbing, vulnerability scanning, network discovery, proxy chaining, IP spoofing)
• Cryptography
• Cryptography toolkit (e.g., OpenSSL)
• Web server attack methodology
• Operating environments (e.g., Linux, Windows, Mac)
• Web application hacking methodology
• Encryption algorithms
• System hacking (e.g., password cracking, privilege escalation, executing applications, hiding files, covering tracks)
• Vulnerability scanning
• Exploitation tools
• Application/file server
• Database structures
• Wireless and Bluetooth hacking methodology
• Wireless terminologies
• Wireless encryption
• Network/wireless sniffers (e.g., Wireshark, Airsnort)
• Malware (e.g., Trojan, virus, backdoor, worms)
• Botnet
• Malware analysis
• Network sniffing
• Backups and archiving (e.g., local, network)
• Data analysis
• Log analysis tools
• Cryptanalysis tool (e.g., CrypTool)