# CERTIFICATIONS

- [Certified Ethical Hacker (C|EH)(Practical)](/certifications/certified-ethical-hacker-c-or-eh-practical.md): This note will guide you with all my methodologies I used while preparing and throughout the exam.
- [Reconnaissance (Footprinting)](/certifications/certified-ethical-hacker-c-or-eh-practical/reconnaissance-footprinting.md): Welcome to the Footprinting module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [Scanning Networks](/certifications/certified-ethical-hacker-c-or-eh-practical/scanning-networks.md): Welcome to the Scanning Networks module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [Vulnerability Analysis](/certifications/certified-ethical-hacker-c-or-eh-practical/vulnerability-analysis.md): Welcome to the Vulnerability Analysis module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [System Hacking](/certifications/certified-ethical-hacker-c-or-eh-practical/system-hacking.md): Welcome to the System Hacking module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [Sniffing](/certifications/certified-ethical-hacker-c-or-eh-practical/sniffing.md): Welcome to the Sniffing module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [SQL Injection](/certifications/certified-ethical-hacker-c-or-eh-practical/sql-injection.md): Welcome to the SQL Injection module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [Remote code execution](/certifications/certified-ethical-hacker-c-or-eh-practical/remote-code-execution.md): Remote code execution (RCE), also known as code injection, refers to an attacker executing commands on a system from a remote machine. Often this means exploiting a web application/server to run comma
- [Hacking Web Applications & Servers](/certifications/certified-ethical-hacker-c-or-eh-practical/hacking-web-applications-and-servers.md): Welcome to the Hacking Web Applications & Servers module. This note will guide you thru all the methodologies I followed while preparing for CEH (Practical) exam.
- [Local and remote file inclusion](/certifications/certified-ethical-hacker-c-or-eh-practical/hacking-web-applications-and-servers/local-and-remote-file-inclusion.md): Local file inclusion (LFI) vulnerabilities allow an attacker to read local files on the web server using malicious web requests, such as:
- [File upload bypass](/certifications/certified-ethical-hacker-c-or-eh-practical/hacking-web-applications-and-servers/file-upload-bypass.md): File upload mechanisms are very common on websites, but sometimes have poor validation. This allows attackers to upload malicious files to the web server, which can then be executed by other users or
- [Cross-site scripting](/certifications/certified-ethical-hacker-c-or-eh-practical/hacking-web-applications-and-servers/cross-site-scripting.md): Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.
- [Cross-site request forgery](/certifications/certified-ethical-hacker-c-or-eh-practical/hacking-web-applications-and-servers/cross-site-request-forgery.md): Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
- [Server-side request forgery](/certifications/certified-ethical-hacker-c-or-eh-practical/hacking-web-applications-and-servers/server-side-request-forgery.md): In this section, I will explain what server-side request forgery is, describe some common examples, and explain how to find and exploit various kinds of SSRF vulnerabilities.
- [Exploitation](/certifications/certified-ethical-hacker-c-or-eh-practical/exploitation.md): Here are the articles in this section:
- [Working with exploits](/certifications/certified-ethical-hacker-c-or-eh-practical/exploitation/working-with-exploits.md): This section is mostly about local exploits, because they're annoying. Remote python exploits are usually point-and-shoot and web exploits have their own section.
- [Password cracking](/certifications/certified-ethical-hacker-c-or-eh-practical/exploitation/password-cracking.md): Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.
- [Metasploit](/certifications/certified-ethical-hacker-c-or-eh-practical/exploitation/metasploit.md): This page is just basic stuff I forget all the time. There are other Metasploit tips in sections where it's relevant.
- [Buffer overflow](/certifications/certified-ethical-hacker-c-or-eh-practical/exploitation/buffer-overflow.md): Exploit buffer overflow issues by overwriting the memory of an application. This changes the execution path of the program, triggering a response that damages files or exposes private information.
- [Cloud Computing](/certifications/certified-ethical-hacker-c-or-eh-practical/cloud-computing.md): Welcome to the Cloud Computing module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [Cryptography](/certifications/certified-ethical-hacker-c-or-eh-practical/cryptography.md): Welcome to the Cryptography module. This note will guide you thru all the methodologies that I used while preparing for the CEH (Practical) exam.
- [Mobile Pentesting Resources](/certifications/certified-ethical-hacker-c-or-eh-practical/mobile-pentesting-resources.md)
- [Learning resources](/certifications/certified-ethical-hacker-c-or-eh-practical/learning-resources.md)