Become a Web Application Hacking Expert (WAHS) With Certified Ethical Hacker (CEH)

Become a Web Application Hacking Expert With C|EH

To celebrate our 20th anniversary, we are thrilled to announce that our Certified Ethical Hacker (C|EH) course now comes bundled with our popular Web Application Hacking and Security (W|AHS) course at no additional cost.

Become a Certified Ethical Hacker


"*" indicates required fields


We care about your data privacy. We will only collect your data via this form if you agree to our terms of use. If you do not agree to the collection of your data, we will not be able to send you the information you have requested.

Let’s Celebrate Together!

This holiday, up your game with the C|EH & Web Application Hacking and Security courses

You may take the Certified Ethical Hacker course via any modality: through our network of global training partners, iClass (online learning) or self study.

Develop your professional career by learning the intricacies of web application hacking and security with our 100% hands-on course. Hack your way into our Cyber Range to sharpen your web application hacking skills.


Demanded by Employers.

Respected by Peers.

The Certified Ethical Hacker (C|EH) provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act so you will be better positioned to set up your security infrastructure and defend against attacks. By providing an understanding of system weaknesses and vulnerabilities, the C|EH course helps students learn to protect their organizations and strengthen their security controls in order to minimize the risk of a malicious attack.

What You’ll Learn

C|EHv11 is more advanced, more robust, and more comprehensive than ever before.

Module 01 Introduction to Ethical Hacking
Module 02 Footprinting and Reconnaissance
Module 03 Scanning Networks
Module 04 Enumeration
Module 05 Vulnerability Analysis
Module 06 System Hacking
Module 07 Malware Threats
Module 08 Sniffing
Module 09 Social Engineering
Module 10 Denial-of-Service
Module 11 Session Hijacking
Module 12 Evading IDS, Firewalls, and Honeypots
Module 13 Hacking Web Servers
Module 14 Hacking Web Applications
Module 15 SQL Injection
Module 16 Hacking Wireless Networks
Module 17 Hacking Mobile Platforms
Module 18 IoT Hacking
Module 19 Cloud Computing
Module 20 Cryptography

The value of C|EH lies in its practical application. In 18 domains, students are exposed to business risks and the potential damages that can occur due to negligence. Students will be able to make informed decisions regarding the level of risk a company can face if it chooses to address a security concern.

What sets C|EHv11 apart from the rest:

Mapped to NICE 2.0

Focus on Emerging Attack Vectors

Modern Exploit Technologies

Hands-On Hacking Challenges

Modern Case Studies and Current Events

Enhanced Focus on Malware Analysis

Live Cyber Range (no simulation)

Greater Focus on Cloud and IoT

Thousands of Hacking Techniques, Tricks, and Tools


The Complete Hands-On Guide to Web Application Hacking and Security

EC-Council’s Web Application Hacking and Security (W|AHS) is a specialization certification that enables the cybersecurity workforce to learn, hack, test, and secure web applications from existing and emerging security threats in the industry verticals.

100% Performance Based Course!

No Death by Powerpoint!

Learn by Doing!

Step by Step Video Instruction

What You’ll Learn

Gain comprehensive knowledge on OWASP Top 10 Vulnerabilities:

Advanced Web Application Penetration Testing
Advanced SQL Injection (SQLi)
Reflected, Stored, and DOM-Based XSS
Cross-Site Request Forgery (CSRF)
Server-Side Request Forgery (SSRF)
Security Misconfigurations
Directory Browsing/Bruteforcing
CMS Vulnerability Scanning
Network Scanning
Auth Bypass
Web App Enumeration
Dictionary Attack
Insecure Direct Object Reference Prevention (IDOR)
Broken Access Control
Local File Inclusion (LFI)
Remote File Inclusion (RFI)
Arbitrary File Download & Upload
Command Injection
Remote Code Execution
File Tampering
Privilege Escalation
Log Poisoning
Weak SSL Ciphers
Cookie Modification
Source Code Analysis
& More…
What sets W|AHS apart from the rest:

100% Hands-On, Challenge-Based Learning

Complete Walkthrough Instruction

Break the Code (Cyber Range)

24 incredible Web Application Hacking Challenges

4 Levels of Complexity to “Covering 18 Attack Vectors”

Comprehensive Knowledge on OWASP Top 10

Real-Time Leaderboard to Track Progress

Latest Techniques, Tricks, and Tools

Note: Please check the host system requirements and virtual machine resource requirements for accessing Cyber Range.

Download Program Guide


"*" indicates required fields


We care about your data privacy. We will only collect your data via this form if you agree to our terms of use. If you do not agree to the collection of your data, we will not be able to send you the information you have requested.

Why Is Mastery of Web Application Hacking Important?

of data breaches could be traced
back to web application attacks

43,986 Exploits
18,000 CVEs
Published in 2020

– Verizon DBIR Report 2020

Most of the work we do on a day-to-day basis use cloud-based apps that are vulnerable to cyber attacks.

There are currently 43,986 exploits (and growing) in the Google Hacking Database and the total number of Common Vulnerabilities and Exposures (CVE) is at a record high with more than18,000 published in 2020 alone!

Now, with so many published vulnerabilities, it is important to learn to defend and secure your web applications. Traditional protections like firewalls alone do not secure web applications. Defenders need a deep understanding of the most critical security risks to web applications. And what better way to learn to defend than to perform the attacks?

An exciting career awaits a C|EH:

Average Salary

An average salary of
$95,000 in the U.S.

– Payscale

Different Job Roles

Eligibility for
20+cybersecurity job roles


Build the Ultimate Career in Ethical Hacking

Register for Certified Ethical Hacker and Recieve a 100% off Coupon for the Web Application Hacking and Security Course*

*Access to W|AHS Course Only
W|AHS Validity: 1-year access to iVideo and 3-month access to BTC Lab from the date of activation
W|AHS Certification Exam: Available at a Fraction of the Cost.

Watch How C|EH Transforms Lives

Trusted by Fortune 500 Companies


To access the BTC cyber range

Host System Requirement

Minimum Hardware Requirements for the Host OS:

CPU: Intel i3 (3.6 GHz per core) 64-bit/AMD Ryzen 3 (3.6 GHz per core)
HDD: 60 GB available space
Peripherals: External or integrated webcam

Software Requirements for the Host OS:

Operating system: Windows 8.1 x64 or later, or MAC OSX Virtualization software: Any latest solution such as VMware player,VMware Workstation 8.0, VMware Fusion 7.0 or later, Hyper-V, VirtualBox Browser: Any modern browser such as Chrome, Firefox, Internet Explorer Internet: A stable internet connection with a minimum of 5mbps download and 1mbps upload speeds. It is recommended to use a hard-wired connection instead of wireless.

Virtual Machine Resource Requirement

Your virtual machine should be able to run penetration testing Linux distribution such as Parrot Security/Kali Linux or your own penetration testing toolkit.

VPN Software: The virtual machine should be installed with OpenVPN Connect client software. You can download it at The Parrot Security/Kali Linux distros come pre-installed with the OpenVPN client.