Infoga may be a tool gathering email accounts informations (ip,hostname,country,...) from completely different public supply (search engines, pgp key servers and shodan) and check if email was leaked using haveibeenpwned.com API. is a really simple tool, however very effective for the first stages of a penetration test or just to know the visibility of your company within the net.

CEH's Malware Analysis module outlines a structured approach:
* Identify suspicious indicators (e.g., JavaScript, OpenAction)
* Extract and analyze embedded objects
* Determine behavior and exploit logic
PDFStreamDumper allows analysts to extract JavaScript code and embedded objects for detailed inspection.
Option B is correct.
Option A is useful but insufficient for deep analysis.
Option C only aids identification, not behavior understanding.

The CEH web server attack methodology describes reconnaissance as a key phase, where testers gather publicly available information before attempting exploitation. Robots.txt is commonly used by administrators to instruct web crawlers about which directories should not be indexed. CEH emphasizes that attackers regularly review robots.txt because it often exposes sensitive directories unintentionally, providing valuable intelligence about internal structure, configuration paths, administrative pages, and potential weak points. In this scenario, the tester observes "Disallow" entries and then discovers the directories are not protected by authentication, allowing direct access to sensitive files. This falls under information gathering through exposed indexing instructions rather than directory traversal, which involves path-manipulation exploits. The tester is not altering file paths or inserting traversal sequences; instead, they are reviewing publicly available indexing instructions and discovering misconfigured access controls. This perfectly aligns with the reconnaissance phase of the CEH methodology, where attackers learn about server architecture using passive or minimally intrusive techniques.

A Network-based Intrusion Detection System (NIDS) monitors all network traffic for signs of suspicious activity across multiple hosts. In large environments with critical assets (e.g., financial or healthcare networks), NIDS is ideal because it provides visibility into entire network segments, not just individual systems.
NIDS can be deployed at strategic points (e.g., DMZs, VLANs, subnets) to detect unauthorized access, malware activity, or policy violations.
Reference - CEH v13 Official Courseware:
Module 13: Evading IDS, Firewalls, and Honeypots
Quote:
"Network-based IDS monitors traffic across an entire subnet or segment and is most effective in large environments to detect malicious activity before it reaches critical assets." Incorrect Options Explained:
A). Honeypots attract and log attacker behavior, but do not provide network-wide detection.
B). Firewalls filter traffic but are not detection systems.
D). HIDS monitors activity on a single host only.
=

Hashing algorithms are specifically designed to ensure data integrity. A hash function takes an input and returns a fixed-length string, called a hash or message digest. Even a small change in the input results in a completely different hash, making it useful for detecting tampering.
Common hashing algorithms include:
MD5 (now obsolete for secure uses)
SHA-1, SHA-2, SHA-3
HMAC (Hashed Message Authentication Code)
From CEH v13 Courseware:
Module 20: Cryptography
Topic: Hash Functions and Data Integrity
CEH v13 Study Guide states:
"Hashing algorithms provide integrity by generating a unique digital fingerprint of data. Any alteration in the message content will result in a different hash value, indicating that the integrity has been compromised." Incorrect Options:
A: Symmetric algorithms provide confidentiality.
B: Asymmetric algorithms provide confidentiality and authentication.
D: "Integrity algorithms" is not a formal cryptographic term.
Reference:CEH v13 Study Guide - Module 20: Cryptographic Hash FunctionsNIST FIPS 180-4 - Secure Hash Standard (SHS)