NDG Ethical Hacking Labs


NDG Ethical Hacking v2 (Series-1 and Series-2)

NDG Ethical Hacking v2, developed by NDG, focuses on one of the most challenging sectors of cybersecurity. This series of labs is designed to provide hands-on experience conducting a variety of ethical hacking practices. These skills can help prepare trainees for a variety of IT positions, including: Cybersecurity Analyst, Penetration Tester, Ethical Hacker-Security Engineer, IT Security Specialist, Cybersecurity Engineer, and Information Security Engineer.

The labs map to several leading industry certifications, as noted in the Supported Labs tables below.

NDG Ethical Hacking v2 (Series-1 and Series-2) labs are supported in NETLAB+ using the NDG Ethical Hacking v2 Pod. Series-2 labs make use of a WinOS VM; a WinOS VM is not necessary to perform the Series-1 labs. The topology may be configured with or without a WinOS VM, depending on whether you plan to use the Series-2 labs. See the NDG Ethical Hacking v2 Pod page for details.

Supported Labs (Series-1)

Material in these labs aligns to the books/certifications shown in the table below.

Lab Title All-In-One CEH Chapters
ISBN-13: 978-1260454550		 EC-Council CEH v10 Domain Modules CompTia Pentest+ Objectives CompTIA All-In-One PenTest+ Chapters
ISBN-13: 978-1260135947
1 DNS Footprinting
  • 2: Reconnaissance: Information Gathering for the Ethical Hacker
  • 2: Footprinting and Reconnaissance
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 4.2: Compare and contrast various use cases of tools
  • 2: Getting to Know Your Targets
  • 3: Network Scanning and Enumeration
  • 4: Vulnerability Scanning and Analysis
2 Packet Crafting with Scapy
  • 3: Scanning and Enumeration
  • 3: Scanning Networks
  • 4: Enumeration
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 4.2: Compare and contrast various use cases of tools
  • 7: Network-Based Attacks
3 Reconnaissance with Nmap, Zenmap, and Masscan
  • 3: Scanning and Enumeration
  • 3: Scanning Networks
  • 4: Enumeration
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 4.1: Given a scenario, use Nmap to conduct information gathering exercises
  • 4.2: Compare and contrast various use cases of tools
  • 2: Getting to Know Your Targets
  • 3: Network Scanning and Enumeration
4 Reconnaissance with HPing
  • 3: Scanning and Enumeration
  • 3: Scanning Networks
  • 4: Enumeration
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 4.2: Compare and contrast various use cases of tools
  • 2: Getting to Know Your Targets
  • 3: Network Scanning and Enumeration
  • 7: Network-Based Attacks
5 Vulnerability Scanning with OpenVAS
  • 3: Scanning and Enumeration
  • 3: Scanning Networks
  • 4: Enumeration
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 2.2: Given a scenario, perform a vulnerability scan
  • 2.3: Given a scenario, analyze vulnerability scan results
  • 4.2: Compare and contrast various use cases of tools
  • 2: Getting to Know Your Targets
  • 3: Network Scanning and Enumeration
  • 4: Vulnerability Scanning and Analysis
6 Network Analysis
  • 4: Sniffing and Evasion
  • 8: Sniffing
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 4.2: Compare and contrast various use cases of tools
  • 3: Network Scanning and Enumeration
  • 7: Network-Based Attacks
7 Evading IDS
  • 4: Sniffing and Evasion
  • 12: Evading IDS, Firewalls, and Honeypots
  • 4.1: Given a scenario, use Nmap to conduct information gathering exercises
  • 3: Network Scanning and Enumeration
  • 7: Network-Based Attacks
8 Password Cracking with John the Ripper and Hashcat
  • 5: Attacking a System
  • 5: Vulnerability Analysis
  • 6: System Hacking
  • 4.2: Compare and contrast various use cases of tools
  • 4.3: Given a scenario, analyze tool output or data related to a penetration test
  • 4: Vulnerability Scanning and Analysis
  • 7: Network-Based Attacks
  • 9: Web and Database Attacks
  • 10: Attacking Local Host Vulnerabilities
9 Metasploit Framework Fundamentals and Armitage
  • 5: Attacking a System
  • 5: Vulnerability Analysis
  • 6: System Hacking
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 2.2: Given a scenario, perform a vulnerability scan
  • 2.3: Given a scenario, analyze vulnerability scan results
  • 2.4: Explain the process of leveraging information to prepare for exploitation
  • 3.4: Given a scenario, exploit application-based vulnerabilities
  • 3.5: Given a scenario, exploit local host vulnerabilities
  • 3.7: Given a scenario, perform post-exploitation techniques
  • 4.2: Compare and contrast various use cases of tools
  • 4.3: Given a scenario, analyze tool output or data related to a penetration test
  • 7: Network-Based Attacks
  • 9: Web and Database Attacks
  • 10: Attacking Local Host Vulnerabilities
10 Web Pentesting
  • 6: Web-Based Hacking: Servers and Applications
  • 13: Hacking Webservers
  • 14: Hacking Web Applications
  • 15: SQL Injection
  • 2.2: Given a scenario, perform a vulnerability scan
  • 2.3: Given a scenario, analyze vulnerability scan results
  • 2.4: Explain the process of leveraging information to prepare for exploitation
  • 3.2: Given a scenario, exploit network-based vulnerabilities
  • 3.4: Given a scenario, exploit application-based vulnerabilities
  • 4.2: Compare and contrast various use cases of tools
  • 4.3: Given a scenario, analyze tool output or data related to a penetration test
  • 4: Vulnerability Scanning and Analysis
  • 9: Web and Database Attacks
11 Client Side Exploitations
  • 6: Web-Based Hacking: Servers and Applications
  • 13: Hacking Webservers
  • 14: Hacking Web Applications
  • 15: SQL Injection
  • 2.4: Explain the process of leveraging information to prepare for exploitation
  • 3.2: Given a scenario, exploit network-based vulnerabilities
  • 3.4: Given a scenario, exploit application-based vulnerabilities
  • 4.2: Compare and contrast various use cases of tools
  • 4.3: Given a scenario, analyze tool output or data related to a penetration test
  • 5: Mobile Device and Application Testing
  • 6: Social Engineering
  • 7: Network-Based Attacks
12 ARP Spoofing and MiTM Attacks
  • 6: Web-Based Hacking: Servers and Applications
  • 13: Hacking Webservers
  • 14: Hacking Web Applications
  • 15: SQL Injection
  • 3.2: Given a scenario, exploit network-based vulnerabilities
  • 4.2: Compare and contrast various use cases of tools
  • 7: Network-Based Attacks
13 Understanding Buffer Overflows
  • 6: Web-Based Hacking: Servers and Applications
  • 13: Hacking Webservers
  • 14: Hacking Web Applications
  • 15: SQL Injection
  • 4.4: Given a scenario, analyze a basic script (limited to Bash, Python, Ruby, and PowerShell)
  • 6: Social Engineering
14 Understanding SQL Commands & Injections
  • 6: Web-Based Hacking: Servers and Applications
  • 13: Hacking Webservers
  • 14: Hacking Web Applications
  • 15: SQL Injection
  • 3.4: Given a scenario, exploit application-based vulnerabilities
  • 4.2: Compare and contrast various use cases of tools
  • 9: Web and Database Attacks
15 Backdooring with Netcat
  • 2: Trojans and Other Attacks
  • 7: Malware Threats
  • 10: Denial-of-Service
  • 11: Session Hijacking
  • 3.5: Given a scenario, exploit local host vulnerabilities
  • 3.7: Given a scenario, perform post-exploitation techniques
  • 4.2: Compare and contrast various use cases of tools
  • 4: Vulnerability Scanning and Analysis
  • 9: Web and Database Attacks
  • 10: Attacking Local Host Vulnerabilities
16 VNC as a Backdoor
  • 2: Trojans and Other Attacks
  • 7: Malware Threats
  • 10: Denial-of-Service
  • 11: Session Hijacking
  • 3.5: Given a scenario, exploit local host vulnerabilities
  • 3.7: Given a scenario, perform post-exploitation techniques
  • 4.2: Compare and contrast various use cases of tools
  • 4: Vulnerability Scanning and Analysis
  • 10: Attacking Local Host Vulnerabilities
17 Creating and Installing SSL Certificates
  • 11: Cryptography 101
  • 20: Cryptography
  • 2.1: Given a scenario, conduct information gathering using appropriate techniques
  • 4: Vulnerability Scanning and Analysis
  • 5: Mobile Device and Application Testing
18 Social Engineering Attacks with Social Engineering Toolkit
  • 12: Low Tech: Social Engineering and Physical Security
  • 9: Social Engineering
  • 2.4: Explain the process of leveraging information to prepare for exploitation
  • 3.1: Compare and contrast social engineering attacks
  • 4.2: Compare and contrast various use cases of tools
  • 6: Social Engineering

Supported Labs (Series-2)

Material in these labs aligns to the books/certifications shown in the table below.

Lab Title All-In-One CEH Chapters
ISBN-13: 978-1260454550		 EC-Council CEH v10 Domain Modules
19 Scanning Methodology
  • 2: Reconnaissance: Information Gathering for the Ethical Hacker
  • 3: Scanning and Enumeration
  • 4: Sniffing and Evasion
  • 2: Footprinting and Reconnaissance
  • 3: Scanning Networks
  • 5: Vulnerability Analysis
  • 8: Sniffing
20 Enumeration
  • 3: Scanning and Enumeration
  • 4: Sniffing and Evasion
  • 4: Enumeration
21 System Hacking
  • 5: Attacking a System
  • 6: System Hacking
  • 7: Malware Threats
22 Registry – Windows Security Account Manager
  • 5: Attacking a System
  • 11: Cryptography 101
  • 4: Enumeration
  • 6: System Hacking
  • 20: Cryptography
23 Covering Your Tracks
  • 4: Sniffing and Evasion
  • 11: Cryptography 101
  • 12: Evading IDS, Firewalls, and Honeypot
  • 20: Cryptography
24 Web-Based Hacking
  • 3: Scanning and Enumeration
  • 6: Web-Based Hacking: Servers and Applications
  • 2: Footprinting and Reconnaissance
  • 11: Session Hijacking
  • 14: Hacking Web Applications
25 Mobile Hacking
  • 8: Mobile Communications and the IoT
  • 17: Hacking Mobile Platforms
26 Cryptography
  • 11: Cryptography 101
  • 20: Cryptography

Academic Book List

The books listed below are recommended resources to accompany the NDG Ethical Hacking v2 labs.

CEH Certified Ethical Hacker All-in-One Exam Guide
4th Edition by Matt Walker
ISBN-13: 978-1260454550
ISBN-10: 126045455X

CompTIA PenTest+ Certification All-in-One Exam Guide 
(Exam PT0-001) 1st Edition by Raymond Nutting
ISBN-13: 978-1260135947
ISBN-10: 1260135942
Enabling the Labs

To enable the NDG Ethical Hacking v2 labs, install the NDG Ethical Hacking - v2 course using the Course Manager. See the Course Manager section of the NETLAB+ VE Admin Guide for details. The course content will then be available to be added to classes.

EHv2
Using the Labs

Always select the correct lab exercise for the lab being performed. Students or teams should schedule the correct lab exercise from the catalog. NETLAB+ will only show those labs for which the required pod type is available. A lab that works on different pod types may appear more than once if your system is so equipped. Instructors should select the correct lab from the Exercise tab during instructor-led lab reservations. This can be done as many times as needed during the reservation.