Cheat Sheet
Certified Ethical Hacker (CEH) Cheat Sheet
By The Exam Atlas Editorial Team · Verified 2026-05-29
A final-revision summary for CEH. Study aid only — no notes in the proctored exam, and only test systems you own or are authorised to test.
The five phases
- Reconnaissance → 2. Scanning → 3. Gaining Access → 4. Maintaining Access → 5. Covering Tracks.
| Category | Used for |
|---|
| Network scanner | Discovering hosts, ports and services |
| Packet sniffer | Capturing and analysing network traffic |
| Vulnerability scanner | Finding known weaknesses |
| Exploitation framework | Validating exploitability (authorised testing) |
| Web proxy | Inspecting and testing web traffic |
| Password tool | Testing password strength |
Common ports
| Port | Service |
|---|
| 21 / 22 / 23 | FTP / SSH / Telnet |
| 25 / 53 | SMTP / DNS |
| 80 / 443 | HTTP / HTTPS |
| 139 / 445 | NetBIOS / SMB |
| 3389 | RDP |
Attack types at a glance
| Attack | Idea |
|---|
| Footprinting | Gathering target information |
| Enumeration | Extracting names, shares, services |
| Privilege escalation | Gaining higher rights |
| Social engineering | Manipulating people |
| SQL injection | Abusing unvalidated input to a database |
| MITM / on-path | Intercepting communications |
| DoS / DDoS | Overwhelming a service |
FAQ
- Can I use notes in the CEH exam?
- No. CEH is proctored. Use this for final revision before exam day only, and only ever test systems you are authorised to test.
Sources
