Contact Us

EC-COUNCIL Certified Ethical Hacker v13 (C|EH® v13)

Cybersecurity

COURSE OVERVIEW


CEH v13: The World's First Ethical Hacking Certification with a 4-Phase AI-Powered Learning Framework. The CEH v13 is a specialized, one-of-a kind training program that helps you gain expertise in ethical hacking, AI, and machine learning. With hands-on training labs, knowledge-based and practical exams, a mock ethical hacking engagement on live networks, and a global hacking competition, this program ensures you master the most in-demand skills needed to excel and stand out in the cybersecurity industry. This learning framework offers not only a comprehensive training program to prepare you for the certification exam but also the industry’s most robust, in-depth, hands-on lab and practice range experience. Master Ethical Hacking and AI Skills That Go Beyond Certification


WHAT YOU'LL LEARN

EC-Council's Certified Ethical Hacker (CEH) certification gives you the skills and knowledge needed to drive your career forward in the age of Al. With CEH you'll learn how to think like a hacker and uncover any hidden vulnerabilities before hackers do. We'll equip you to:


·      Find and fix weaknesses: Discover how hackers exploit systems and learn how to keep your data safe.

·      Become a security expert: Master the top tools and techniques needed to strengthen your organization's security.

·      Protect your reputation: Learn to proactively prevent data breaches and safeguard your customers' trust.

·      Master ethical hacking with Al: Leverage Al-driven techniques to enhance your ethical hacking skills and stay ahead of cyber threats.

 


COURSE OUTLINE:


MODULE 01: INTRODUCTION TO ETHICAL HACKING

·      Learn the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures. 

·      Key topics covered: Elements of Information Security, Classification of Attacks, Hacker Classes, Ethical Hacking, Al-Driven Ethical Hacking, ChatGPT-Powered Al Tools for Ethical Hackers, CEH Ethical Hacking Framework, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Information Assurance (IA), Risk Management, Threat Intelligence Lifecycle, Incident Management, PCIDSS, HIPPA, SOX, GDPR, DPA.

 

MODULE 02: FOOTPRINTING AND RECONNAISSANCE

·      Learn how to use the latest techniques and tools to perform footprinting and reconnaissance, a critical pre-attack phase of the ethical hacking process.

·      Hands-on Labs:

o  Perform footprinting on the target network using search engines, internet research services, and social networking sites

o  Perform whois, DNS, network, and email footprinting on the target network

o  Perform Footprinting using Al

·      Key topics covered: Reconnaissance, Footprinting Using Advanced Google Hacking Techniques, Footprinting through People Search Services, Dark Web Footprinting, Competitive Intelligence Gathering, Footprinting through Social Networking Sites, Whois Lookup, DNS Footprinting, Traceroute Analysis, Email Footprinting, Footprinting through Social Engineering, Al-Powered OSINT Tools.

 

MODULE 03: SCANNING NETWORKS

·      Learn different network scanning techniques and countermeasures.

·      Hands-on Labs:

o  Perform host, port, service, and OS discovery on the target network

o  Perform scanning on the target network beyond IDS and Firewall

o  Perform scanning using Al

·      Key topics covered: Network Scanning, Scanning Tools, Host Discovery Techniques, Port Scanning Techniques, Host Discovery and Port Scanning with Al, Service Version Discovery, OS Discovery/Banner Grabbing, Scanning Beyond IDS and Firewall, Scanning Detection and Prevention.

 

MODULE 04: ENUMERATION

·      Learn various enumeration techniques, including Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits and associated countermeasures.

·      Hands-on Labs:

o  Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration

o  Perform Enumeration using Al

·      Key topics covered: Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VolP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, SMB Enumeration, Enumeration using Al, Enumeration Countermeasures.


MODULE 05: VULNERABILITY ANALYSIS

·      Learn how to identify security loopholes in a target organization's network, communication infrastructure, and end systems. Different types of vulnerability assessment and vulnerability assessment tools are included as well.

·      Hands-on Labs:

o  Perform Vulnerability Research using Vulnerability Scoring Systems and Databases

o  Perform Vulnerability Assessment using Various Vulnerability Assessment Tools

o  Perform Vulnerability Analysis using Al

·      Key topics covered: Vulnerability Classification, Vulnerability Scoring Systems and Databases, Vulnerability-Management Life Cycle, Vulnerability Research, Vulnerability Scanning and Analysis, Vulnerability Assessment Tools, Vulnerability Assessment Reports, Al-Powered Vulnerability Assessment Tools.


MODULE 06: SYSTEM HACKING

·      Learn about the various system hacking methodologies used to discover system and network vulnerabilities, including steganography, steganalysis attacks, and how to cover tracks.

·      Hands-on Labs:

o  Perform an Active Online Attack to Crack the System's Password

o  Perform Buffer Overflow Attack to Gain Access to a Remote System

o  Escalate Privileges using Privilege Escalation Tools

o  Escalate Privileges in Linux Machine

o  Hide Data using Steganography

o  Clear Windows and Linux Machine Logs using Various Utilities

o  Hiding Artifacts in Windows and Linux Machines

o  Perform System Hacking using Al

Key topics covered: Password Cracking, Password Attacks, Password-Cracking Tools, Vulnerability Exploitation, Metasploit Framework, Al-Powered Vulnerability Exploitation Tools, Buffer Overflow, Buffer Overflow Detection Tools, Active Directory (AD) enumeration, Privilege Escalation, Privilege Escalation Tools, Executing Applications, Keylogger, Spyware, Rootkits, Steganography, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Linux and Windows Post Exploitation, Covering Tracks, Clearing Logs, Track-Covering Tools.

 

MODULE 07: MALWARE THREATS

·      Learn about different types of malware (Trojan, viruses, worms, etc.), APT and fileless malware, malware analysis procedures, and malware countermeasures.

·      Hands-on Labs:

o  Gain Control over a Victim Machine using Trojan

o  Infect the Target System using a Virus

o  Perform Static and Dynamic Malware Analysis

·      Key topics covered: Malware, Advanced Persistent Threat Lifecycle, Trojan, Virus, Ransomware, Computer Worms, Fileless Malware, Al-based Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Malware Countermeasures, Anti-Trojan Software, Al-Powered Malware Detection and Analysis Tools.



MODULE 08: SNIFFING

·      Learn about packet-sniffing techniques and their uses for discovering network vulnerabilities, plus countermeasures to defend against sniffing attacks.

·      Hands-on Labs:

o  Perform MAC Flooding, ARP Poisoning, MITM and DHCP Starvation Attack

o  Spoof a MAC Address of a Linux Machine

o  Perform Network Sniffing using Various Sniffing Tools

o  Detect ARP Poisoning in a Switch-Based Network

·      Key topics covered: Network Sniffing, MAC Flooding, DHCP Starvation Attack, ARP Spoofing, ARP Spoofing/Poisoning Tools, MAC Spoofing, VLAN Hopping, STP Attack, DNS Poisoning Techniques, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools.

 

MODULE 09: SOCIAL ENGINEERING

·      Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.

·      Hands-on Labs:

o  Perform Social Engineering using Various Techniques

o  Detect a Phishing Attack

o  Social Engineering using Al

·      Key topics covered: Social Engineering, Types of Social Engineering, Human-based Social Engineering Techniques, Impersonation, Computer-based Social Engineering Techniques, Phishing, Phishing Tools, Perform Impersonation using Al, Identity Theft, Mobile-based Social Engineering Techniques, Social Engineering Countermeasures, Anti-Phishing Toolbar.

 

MODULE 10: DENIAL-OF-SERVICE

·      Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, plus the tools used to audit a target and devise DoS and DDoS countermeasures and protections.

·    Hands-on Labs:

o  Perform a DoS and DDoS attack on a Target Host

o  Detect and Protect Against DoS and DDoS Attacks

·   Key topics covered: DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Toolkits, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools, DoS/DDoS Protection Services.

 

MODULE 11: SESSION HIJACKING

·      Learn the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.

·      Hands-on Labs:

o  Perform Session Hijacking using various Tools

o  Detect Session Hijacking

·  Key topics covered: Session Hijacking, Application-Level Session Hijacking, Compromising Session IDs, Session Hijacking, Network-Level Session Hijacking, TCP/IP Hijacking, RST Hijacking, Blind Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Detection Tools, Approaches to Prevent Session Hijacking.

 

MODULE 12: EVADING IDS, FIREWALLS, AND HONEYPOTS

·      Learn about firewall, intrusion detection system (IDS), and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.

·      Hands-on Labs:

o  Perform Intrusion Detection using Various Tools

o  Deploy Honeypot to Detect Malicious Network Traffic

o  Bypass Firewall Rules using Tunneling

o  Bypass Antivirus

·      Key topics covered: Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Intrusion Detection Tools, Intrusion Prevention Tools, IDS/Firewall Evasion Types of Honeypots, Honeypot Tools, IDS/Firewall Evasion Countermeasures Techniques, NAC and Endpoint Security Evasion Techniques, IDS/Firewall Evading Tools, Honeypots, Types of Honeypots, Honeypot Tools, IDS/Firewall Evasion Countermeasures.

 

MODULE 13: HACKING WEB SERVERS

·      Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.

·      Hands-on Labs:

o  Perform Web Server Reconnaissance using Various Tools

o  Enumerate Web Server Information

o  Perform a Web Server Attack

o  Perform a Web Server Hacking using Al

·     Key topics covered: Web Server Architecture, Web Server Vulnerabilities, Web Server Attacks, DNS Server Hijacking, Web Cache Poisoning Attack, Web Server Footprinting/Banner Grabbing, Directory Brute Forcing, Vulnerability Scanning, Web Server Password Hacking, Web Server Attack Tools, Web Server Attack Countermeasures, Detecting Web Server Hacking Attempts, Web Server Security Tools.

 

MODULE 14: HACKING WEB APPLICATIONS

·      Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.

·      Hands-on Labs:

o  Perform Web Application Reconnaissance using Various Tools • Perform Web Spidering

o  Perform Web Application Vulnerability Scanning

o  Perform Web Application Attacks

o  Detect Web Application Vulnerabilities using Various Web Application Security Tools

o  Perform Web Application Hacking using Al

·      Key topics covered: Web Application, OWASP Top 10 Application Security Risks - 2021, Web Application Attacks, Footprint Web Infrastructure, Analyze Web Applications, Bypass Client-side Controls, Attack Access Controls, Attack Web Services, Web API, Webhooks, Web API Hacking Methodology, API Security Risks and Solutions, Web Application Security Testing, Web Application Fuzz Testing, Encoding Schemes, Web Application Attack Countermeasures, Web Application Security Testing Tools.


MODULE 15: SQL INJECTION

·      Learn about SQL injection attack techniques, evasion techniques, and SQL injection countermeasures.

·      Hands-on Labs:

o  Perform an SQL Injection Attack Against MSSQL to Extract Databases

o  Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools

o  Perform SQL Injection using Al Injection, Blind/Inferential SQL Injection, SQL Injection Methodology, Information Gathering and SQL.

·      Key topics covered: SQL Injection, Types of SQL injection, Error Based SQL Injection, Union SQL Injection Vulnerability Detection, Launch SQL Injection Attacks, Advanced SQL Injection, SQL Injection Tools, SQL Injection with Al, Evasion Techniques, SQL Injection Countermeasures, SQL Injection Detection Tools.

 

MODULE 16: HACKING WIRELESS NETWORKS

·      Learn about different types of encryption, threats, hacking methodologies, hacking tools, security tools, and countermeasures for wireless networks.

·      Hands-on Labs:

o  Footprint a Wireless Network

o  Perform Wireless Traffic Analysis

o  Crack a WPA2 Network

o  Create a Rogue Access Point

·      Key topics covered: Wireless Networks, Wireless Standards, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Discovery, Wireless Traffic Analysis, Launch of Wireless Attacks, Wi-Fi Encryption Cracking, Wireless Attack Countermeasures, Wi-Fi Security Auditing Tools.

 

MODULE 17: HACKING MOBILE PLATFORMS

·      Learn mobile platform attack vectors, Android and iOS hacking, mobile device management, mobile security guidelines, and security tools.

·      Hands-on Labs:

o  Hack an Android Device by Creating Binary Payloads

o  Exploit the Android Platform through ADB

o  Hack an Android Device by Creating APK File

o  Secure Android Devices using Various Android Security Tools

Key topics covered: OWASP Top 10 Mobile Risks - 2024, Anatomy of a Mobile Attack, App Sandboxing Issues, SMS Phishing Attack (SMiShing), Call Spoofing, OTP Hijacking/Two-Factor Authentication Hijacking, Camera/Microphone Capture Attacks, Android Rooting, Hacking Android Devices, Android Hacking Tools, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Risks and Solutions, Mobile Security Guidelines, Mobile Security Tools.

 

MODULE 18: LOT AND OT HACKING

·      Learn different types of Internet of Things (loT) and operational technology (OT) attacks, hacking methodologies, hacking tools, and countermeasures.

·      Hands-on Labs:

o  Gather Information using Online Footprinting Tools

o  Capture and Analyze loT Device Traffic

o  Perform loT Attacks

·      Key topics covered: loT Architecture, loT Technologies and Protocols, OWASP Top 10 loT Threats, loT Vulnerabilities, loT Threats, loT Attacks, loT Hacking Methodology, loT Hacking Tools, loT Security Tools, IT/OT Convergence (IIOT), OT Technologies and Protocols, OT Vulnerabilities, OT Threats, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools.

 

MODULE 19: CLOUD COMPUTING

·      Learn different cloud computing concepts, such as container technologies and serverless computing, various cloud computing threats, attacks, hacking methodologies, and cloud security techniques and tools.

·      Hands-on Labs:

o  Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools

o  Exploit Open S3 Buckets

o  Escalate IAM User Privileges by Exploiting Misconfigured User Policy

o  Perform vulnerability assessment on docker images

·      Key topics covered: Cloud Computing, Fog Computing, Edge Computing, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Cloud Computing Threats, Container Vulnerabilities, Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking Methodology, AWS Hacking, Microsoft Azure Hacking, Google Cloud Hacking, Container Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools.


MODULE 20: CRYPTOGRAPHY

·      Learn about encryption algorithms, cryptography tools, Public Key Infrastructure (PKI), email encryption, disk encryption, cryptography attacks, and cryptanalysis tools.

·      Hands-on Labs:

o  Encrypt the Information using Various Cryptography Tools

o  Create and Use Self-signed Certificates

o  Perform Email and Disk Encryption

o  Perform Cryptanalysis using Various Cryptanalysis Tools

o  Perform Cryptography using Al

·      Key topics covered: Cryptography, Ciphers, Symmetric Encryption Algorithms, Asymmetric Encryption Algorithms, Message Digest Functions, Quantum Cryptography, Cryptography Tools, Public Key Infrastructure (PKI), Signed Certificate, Digital Signature, Email Encryption, Disk Encryption, Blockchain, Cryptanalysis Methods, Cryptography Attacks, Attacks on Blockchain, Quantum Computing Attacks, Cryptanalysis Tools.

 

EXAM DETAILS

Certification is awarded when the knowledge exam is passed. In order to achieve CEH Master Level certification, an additional practical exam needs to be taken.

·      Knowledge exam

The Knowledge Exam will test your skills in:

o  Information security threats and attack vectors

o  Attack detention

o  Attack prevention

o  Procedures

o  Methodologies

 

Format: Multiple choice

Duration: 4 hours

Questions: 125

Delivery: Online via the ECC exam portal

Passing score: 60% to 85%

REGISTER NOW