Domains of CEH
Information Security and Ethical Hacking Overview – 6%
Reconnaissance Techniques-21%
Phases of system hacking and Attack Techniques-17%
Network and perimeter hacking-14%
Web application hacking-16%
Wireless network hacking – 6%
Mobile platform, IoT and OT hacking -8%
Cloud Computing 6%

We will be discussing the fourth domain of CEH: ‘Network & perimeter hacking’.
Networks are made up of computers that share resources, such as printers and CDs, exchange files, and allow for electronic communications. A network of computers can be connected via cables, telephone lines or satellites.
A network is simply a group of devices connected by a physical communication medium.
What is network hacking?
As I mentioned, a network is a collection or devices. Network hacking is simply gaining access to all information on network devices via the internet.
How can networks be compromised?
As with all big plans, large-scale cyber attacks start with a simple step. Ethical hackers will need to think like malicious hackers when attacking networks. Only then can organizations have a clear understanding of their security vulnerabilities.
Attackers start with traditional methods. False email is one of the most popular traditional methods. An attacker can create an incorrect email by copying it as an original. An attacker could create an Amazon Big Billion Day email asking you to click on the links to receive the 50% discount. Once you click the link, you will be redirected directly to a malicious website from which an attacker can install viruses on your network device.
Once an attacker has gained access to your network, he’ll begin to escalate his privileges to administrator level as they are responsible for maintaining the entire network.
Privilege escalation is simply the act of exploiting a bug in an operating system or application to gain access to resources that would otherwise not be accessible to an average user.
Tools for network perimeter hacking
ARP Scan: ARP scan is used to scan internal networks. It is faster than netdiscover arp scanning. The ARP Scan tool allows you to gather data about internal networks in a noisy manner. I use the term “noisy” to mean that the tool will be detected by the IDS/IPS sensors and leave behind traces.
These are the four most common ARP Scan scenarios:
We can identify all IPv4 network devices.
We can identify false IP addresses.
We can quickly identify and map IP addresses to MAC address.
We can find and isolate malicious devices.

PivotSuite – With PivotSuite penetration testers and red team members can move within a network using compromised systems. It is portable, platform-independent, and powerful. It can be used as either a client or server.
Nmap: Nmap can be used as a port scanner. Port scanning is when hackers scan the target system to find data such as live systems, open ports, or other services that are running over it.
Nmap can scan ports and identify different operating systems, versions of services, firewall configurations, and many other features.
Network attack techniques
Spoofing: A spoofing attack in network security is when an individual successfully pretends to be another data source and gains an illegitimate edge.
An attacker can purchase advertising space on any website and post exciting advertisements that encourage users to click them. If the user clicks on the advertisement, he will be redirect to a malicious page where an attacker can install vi.