Scribd
Upload
3K views

CEH - Module 2 - Lab

This document provides examples of using various online tools to gather information about websites and organizations through open-source intelligence techniques. The tools are used to find documents, videos, employee details, DNS records, and technical details related to targets like ECCouncil, Microsoft, Amazon, and others.

Uploaded by

Chang Carl
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
3K views

CEH - Module 2 - Lab

This document provides examples of using various online tools to gather information about websites and organizations through open-source intelligence techniques. The tools are used to find documents, videos, employee details, DNS records, and technical details related to targets like ECCouncil, Microsoft, Amazon, and others.

Uploaded by

Chang Carl
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

1.

Use an advanced Google hacking technique to find PDF files on the website
www.eccouncil.org. Enter the complete URL of the CEH-Brochure.pdf file.
https://www.eccouncil.org/wp-content/uploads/2022/09/CEH-brochure.pdf-(Correct
Attempt)

2.
Search for "EC-Council CEHv11" on YouTube (https://www.youtube.com) and perform a
reverse image search on the YouTube video titled as "EC-Council Certified Ethical
Hacker (CEH) v11" using Youtube Metadata (https://mattw.io/youtube-metadata/) video
analysis tool. Enter the Video ID.
V_i3wCtn0qA-(Correct Attempt)

3.
Use the NAPALM FTP Indexer (https://www.searchftps.net/) to extract critical FTP
information about a target organization, Microsoft. Enter YES if you find files
located on the target's FTP servers; else, enter NO.
YES-(Correct Attempt)

4.
Use the Shodan IoT search engine to search for information about vulnerable IoT
devices in a target organization, Amazon. Enter YES if you find details of
vulnerable IoT devices related to amazon; else, enter NO.
YES-(Correct Attempt)

5.
Search for www.eccouncil.org on Netcraft (https://www.netcraft.com) and identify
the operating system of the web server hosting the website www.eccouncil.org.
Linux-(Correct Attempt)

6.
Gather personal information about Satya Nadella (CEO of Microsoft) using PeekYou
(https://www.peekyou.com), an online people search service. Enter the name of the
university where Satya Nadella studied MBA.
University of Chicago-(Correct Attempt)

7.
Use theHarvester tool to gather the list of email IDs related to Microsoft
(www.microsoft.com) organization from the Baidu search engine. Enter the option
that specifies the domain or company name to search.
-d-(Correct Attempt)

*Note: In this command, -d specifies the domain or company name to search, -l


specifies the number of results to be retrieved, and -b specifies the data source.

8.
Use Tor Browser to perform searches on the deep and dark web. Identify the search
engine Tor Browser uses to perform a dark web search.
DuckDuckGo-(Correct Attempt)

9.
Use Censys (https://search.censys.io/?q) to perform the passive footprinting of
www.eccouncil.org. Flag submission is not required for this task, enter "No flag"
as the answer.
No flag-(Correct Attempt)

10.
Use theHarvester tool to gather information about the employees (name and job
title) of a target organization (eccouncil.org) available on LinkedIn. Enter the
option to specify the data source as LinkedIn.
-b-(Correct Attempt)

*Note: In this command, -d specifies the domain or company name to search (here,
eccouncil), -l specifies the number of results to be retrieved, and -b specifies
the data source as LinkedIn.

11.
Use the Sherlock tool to gather all the URLs related to Satya Nadella from various
social networking sites. Enter the complete URL related to Nadella that is obtained
from the social networking site Academia.edu.
https://independent.academia.edu/nadella-(Correct Attempt)

13.
Use the ping command-line utility to test the reachability of the website
www.eccouncil.org. Identify the maximum packet/frame size on this machine’s
network.
1472-(Correct Attempt)

14.
Use Photon tool to crawl www.certifiedhacker.com website for internal, external and
scripts URLs. What is the option that was used to specify the target website?
-u-(Correct Attempt)

15.
Use Photon tool to crawl www.certifiedhacker.com website using URLs from
archive.org. Enter the option that specifies using URLs from archive.org as seeds.
--wayback-(Correct Attempt)

16.
Gather information about www.certifiedhacker.com website using Central Ops. Enter
the IP address gathered under Address lookup section.
162.241.216.11-(Correct Attempt)

17.
In the Windows 11 machine, use Web Data Extractor web spidering tool to gather the
target company’s data. Enter the target website that was used in this task to
gather information.
https://www.certifiedhacker.com-(Correct Attempt)

18.
In the Windows 11 machine, use HTTrack Web Site Copier tool to mirror the entire
website of the target organization (https://www.certifiedhacker.com). Enter the
newly created HTML file name, which allows you to view the webpage of the mirrored
website on any browser.
index.html-(Correct Attempt)

19.
Use GRecon to search for available subdomains, sub-subdomains, login pages,
directory listings, exposed documents, WordPress entries and pasting sites in
target website. Enter the target that was used in this task to gather information.
certifiedhacker.com-(Correct Attempt)

20.
Use CeWL ruby application to gather a wordlist from the target website
(https://www.certifiedhacker.com). Enter the command which allows you to gather a
unique wordlist from the target website with a minimum word length of 6 and the
depth of 3 to spider the target website.
cewl -d 3 -m 6 https://www.certifiedhacker.com-(Correct Attempt)
21.
In Windows 11 machine, use eMailTrackerPro tool located at E:\CEH-Tools\CEHv12
Module 02 Footprinting and Reconnaissance\Email Tracking Tools to gather
information about an email by analyzing the email header. Observe the output and
enter YES if the tool contains the “Abuse Reporting” feature; else, enter NO.
YES-(Correct Attempt)

22.
Perform a Whois lookup using DomainTools and find the URL that belongs to registrar
of the website www.certifiedhacker.com.
http://networksolutions.com-(Correct Attempt)

23.
Use the nslookup command-line utility to find the primary server of the website
www.certifiedhacker.com
ns1.bluehost.com-(Correct Attempt)

24.
Perform a reverse DNS lookup using DNSRecon on IP range (162.241.216.0-
162.241.216.255) to locate a DNS PTR record. Enter the DNS PTR record for IP
address 162.241.216.11.
box5331.bluehost.com-(Correct Attempt)

25.
Use SecurityTrails to gather information regarding the subdomains and DNS records
of the certifiedhacker.com website. Enter YES if you find any NS records; else,
enter NO.
YES-(Correct Attempt)

26.
Use SecurityTrails to gather information regarding the subdomains and DNS records
of the certifiedhacker.com website. Enter YES if you find any AAAA records; else,
enter NO.
NO-(Correct Attempt)

27.
Use the ARIN Whois database search tool (https://www.arin.net/about/welcome/region)
to locate the network range of the target organization (www.certifiedhacker.com).
Enter the network range information about the target organization.
162.240.0.0 - 162.241.255.255-(Correct Attempt)

28.
Perform network tracerouting using traceroute command in Linux machine for
www.certifiedhacker.com domain. Enter the IP address of the target domain.
162.241.216.11-(Correct Attempt)

29.
Use the Recon-ng tool to gather personnel information. Enter the Recon-ng module
name, extracts the contacts associated with the domain and displays them.
recon/domains-contacts/whois_pocs-(Correct Attempt)

30.
Use the Maltego tool to gather information about the target organization
(www.certifiedhacker.com). Enter the information about the mail exchange server
associated with the certifiedhacker.com domain.
mail.certifiedhacker.com-(Correct Attempt)

31.
Use the OSRFramework tool to check for the existence of a Mark Zuckerberg profile
on different social networking platforms. Enter YES if the given user profile
exists; else, enter NO.
YES-(Correct Attempt)

32.
Use Foca tool to gather useful information about the www.eccouncil.org. Enter the
number of browsers that are available under Search engines section.
3-(Correct Attempt)

33.
Use the BillCipher tool to footprint a target website URL
(www.certifiedhacker.com). Identify the webserver application used to host the web
pages.
nginx-(Correct Attempt)

34.
Use the OSINT Framework (https://osintframework.com) to explore footprinting
categories and associated tools. Enter the complete website URL of the Domain
Dossier tool, which generates reports from public records.
https://centralops.net/co/DomainDossier.aspx-(Correct Attempt)

You might also like