Become a Certified Ethical Hacker

CERTIFIED PROFESSIONALS IN 150 COUNTRIES
CERTIFIED PROFESSIONALS IN 150 COUNTRIES

Become a Certified Ethical Hacker

CEH Course Key Details

CEH is world’s only ethical hacking certification with a unique 4 phase learning framework:

Gain Skills

(Windows 11, Windows Servers, Linux, Ubuntu, Android)

Gain Experience

ANAB (ANSI) ISO/IEC
17024 Accredited
C|EH Knowledge Exam
C|EH Practical Exam

Gain Recognition

Gain Respect

CERTIFIED ETHICAL HACKER v12 PROGRAM

The Certified Ethical Hacker (CEH v12) is a core training program for an information security professional, also referred to as a white-hat hacker, who systematically attempts to inspect network infrastructure with the consent of its owner to find security vulnerabilities which a malicious hacker could potentially exploit. The online ethical hacking course helps you asess the security posture of an organization by identifying vulnerabilities in the network and system infrastructure to determine if unauthorized access is possible. The Certified Ethical Hacker program is the most comprehensive Ethical Hacking program in the world. It is the core program within our Vulnerability Assessment and Penetration Testing (VAPT) track.

This program will train you on the most advanced hacking tools and techniques used by black and grey hat hackers alike to break into an organization to assess, document, and remediate vulnerabilities from a vendor-neutral perspective. CEH v12 will put you in the driver’s seat of an interactive, hands-on learning environment that challenges you to test the integrity of systems and networks by hacking them!

CEH’s 5 Phases of Ethical Hacking

Course Outline

Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered:
Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR
Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-on Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform footprinting on the target network using search engines, web services, and social networking sites
  • Perform website, email, whois, DNS, and network footprinting on the target network
Key topics covered:
Footprinting, Advanced Google Hacking Techniques, Deep and Dark Web Footprinting, Competitive Intelligence Gathering, Website Footprinting, Website Mirroring, Email Footprinting, Whois Lookup, DNS Footprinting, Traceroute Analysis, Footprinting Tools
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform host, port, service, and OS discovery on the target network
  • Perform scanning on the target network beyond IDS and Firewall
Key topics covered:
Network Scanning, Host Discovery Techniques, Port Scanning Techniques, Service Version Discovery, OS Discovery, Banner Grabbing, OS Fingerprinting, Packet Fragmentation, Source Routing, IP Address Spoofing, Scanning Tools
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration
Key topics covered:
Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, Enumeration Tools
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform Vulnerability Research using Vulnerability Scoring Systems and Databases
  • Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
Key topics covered:
Vulnerability, Vulnerability Research, Vulnerability Assessment, Vulnerability-Management Life Cycle, Vulnerability Classification, Vulnerability-Management Life Cycle, Vulnerability Assessment Tools, Vulnerability Assessment Reports
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.
Hands-on Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform an Active Online Attack to Crack the System’s Password
  • Perform Buffer Overflow Attack to Gain Access to a Remote System
  • Escalate Privileges using Privilege Escalation Tools
  • Escalate Privileges in Linux Machine
  •  Hide Data using Steganography
  • Clear Windows and Linux Machine Logs using Various Utilities
  • Hiding Artifacts in Windows and Linux Machines
Key topics covered:
Password Cracking, Password Attacks, Wire Sniffing, Password-Cracking Tools, Vulnerability Exploitation, Buffer Overflow, Privilege Escalation, Privilege Escalation Tools, Keylogger, Spyware, Anti-Keyloggers, Anti-Spyware, Rootkits, Anti-Rootkits, Steganography, Steganography Tools, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Post Exploitation, Clearing Logs, Covering Tracks, Track-Covering Tools
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
  • Gain Control over a Victim Machine using Trojan
  • Infect the Target System using a Virus
  • Perform Static and Dynamic Malware Analysis
Key topics covered:
Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform MAC Flooding, ARP Poisoning, MITM and DHCP Starvation Attack
  • Spoof a MAC Address of Linux Machine
  • Perform Network Sniffing using Various Sniffing Tools
  • Detect ARP Poisoning in a Switch-Based Network
Key topics covered:
Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform Social Engineering using Various Techniques
  • Spoof a MAC Address of Linux Machine
  • Detect a Phishing Attack
  • Audit Organization’s Security for Phishing Attacks
Key topics covered:
Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform a DoS and DDoS attack on a Target Host
  • Detect and Protect Against DoS and DDoS Attacks
Key topics covered:
DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform Session Hijacking using various Tools
  • Detect Session Hijacking
Key topics covered:
Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools
Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures. Hands-on Lab Exercises: Over 7 hands-on exercises with real-life simulated targets to build skills on how to: Bypass Windows Firewall Bypass Firewall Rules using Tunneling Bypass Antivirus Key topics covered: Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Honeypot, Intrusion Detection Tools, Intrusion Prevention Tools, IDS Evasion Techniques, Firewall Evasion Techniques, Evading NAC and Endpoint Security, IDS/Firewall Evading Tools, Honeypot Detection Tools
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures. Hands-on Lab Exercises: Over 8 hands-on exercises with real-life simulated targets to build skills on how to: Perform Web Server Reconnaissance using Various Tools Enumerate Web Server Information Crack FTP Credentials using a Dictionary Attack Key topics covered: Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-on Lab Exercises:
Over 15 hands-on exercises with real-life simulated targets to build skills on how to:
    • Perform Web Application Reconnaissance using Various Tools
    • Perform Web Spidering
    • Perform Web Application Vulnerability Scanning
    • Perform a Brute-force Attack
    • Perform Cross-site Request Forgery (CSRF) Attack
    • Identify XSS Vulnerabilities in Web Applications
    • Detect Web Application Vulnerabilities using Various Web Application Security Tools
Key topics covered:
Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform an SQL Injection Attack Against MSSQL to Extract Databases
  • Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools
Key topics covered:
SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.
Hands-on Lab Exercises:
Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
  • Footprint a Wireless Network
  • Perform Wireless Traffic Analysis
  • Crack a WEP, WPA, and WPA2 Networks
  • Create a Rogue Access Point to Capture Data Packets
Key topics covered:
Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Hack an Android Device by Creating Binary Payloads
  • Exploit the Android Platform through ADB
  • Hack an Android Device by Creating APK File
  • Secure Android Devices using Various Android Security Tools
Key topics covered:
Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
  • Gather Information using Online Footprinting Tools
  • Capture and Analyze IoT Device Traffic
Key topics covered:
IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools
Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools
  • Exploit Open S3 Buckets
  • Escalate IAM User Privileges by Exploiting Misconfigured User Policy
Key topics covered:
Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • Calculate MD5 Hashes
  • Perform File and Text Message Encryption
  • Create and Use Self-signed Certificates
  • Perform Email and Disk Encryption
  • Perform Cryptanalysis using Various Cryptanalysis Tools
Key topics covered:
Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching
Get in Depth information of CEH course: Download CEH Brochure Now!
C|EH Certification holders qualify for over 80,000+ Cybersecurity jobs (Source:LinkedIn)
C|EH is ANSI 17024 compliant and listed as a baseline certification on the United States Department of Defense (DoD) 8570/8140 Directive, the British NCSC, and other national defense agencies.
The average salary for a C|EH in the United States is $110,000

Multiple Modes of Learning

iLearn (Self-Study)

This solution is an asynchronous, self-study environment in a video-streaming format.

iWeek (Live Online)

This solution is an online, live training course led by an instructor. Fill the form speak to our career advisor for the training details.

Master Class

Don’t miss the opportunity to learn from world-class instructors and collaborate with top infosecurity professionals. Fill the form speak to our career advisor for the training details.

Training Partner (In Person)

This solution offers in-person training so that you can get the benefit of collaborating with your peers. Find Training centers near your location now.

Exam

Prove Your Skills and Abilities With Online, Practical Examinations.

CEH-Master_Track

Certified Ethical Hacker (CEH v12) Certification

The CEH v12 exam is a 4-hour exam with 125 multiple-choice questions. This knowledge-based exam will test your skills in information security threats and attack vectors, attack detection, attack prevention, procedures, methodologies, and more!

CEH Practical Certification

CEH Practical is a 6-hour, rigorous exam that requires you to demonstrate the skills and abilities in various ethical hacking techniques such as:

This is the next step to become a CEH Master after you have achieved your CEH certification. With the CEH Practical, you will have a limited amount of time to complete 20 challenges testing your skills and proficiency in a performance-based cyber range. This exam is NOT a simulation and incorporates a live corporate network of VM’s and applications with solutions to uncover vulnerabilities.

C|EH Master

Upon Completing the CEH (Master) program, consisting of CEH and CEH (Practical), the CEH (Master) designation is awarded. Once you have achieved both the CEH and CEH Practical certifications, you are now a CEH Master. CEH Masters have shown proficiency at a master level in the Knowledge, Skills, and abilities of Ethical Hacking with a total 6-hours of testing to prove their competency. Top 10 performers in both CEH and CEH Practical exams will be showcased on the CEH Master, Global Ethical Hacking Leader Board.

About the Exam

Exam Details C|EH MCQ(Exam) C|EH (Practical)
Number of Questions/ Practical Challenges 125 20
Test Duration 4 Hours 6 Hours
Test Format Multiple Choice Questions iLabs Cyber Range
Test Delivery ECC EXAM, VUE
Availability Aspen – iLabs
Exam Prefix 312-50(ECC EXAM), 312-50(VUE)

Testimonials

Discover Why C|EH Trusted By Organization Across The World!

For more than 15 years, EC-Council’s Cybersecurity programs have empowered cybersecurity professionals around the world to exercise their training and expertise to combat cyberattacks. The Hall of Fame celebrates those individuals who have excelled, achieved, and fostered a spirit of leadership among their colleagues and peers within the cyber community.

1 in
Every 2
Professionals Received Promotions After C|EH
97%
of Professionals Found C|EH Labs to Accurately Mimic Real-world Cyber Threats.
97%
of Professionals Stated That Skills Acquired in C|EH Helped Safeguard Their Organizations.
97%
Choose C|EH for Career Growth

FAQs – Worlds No. 1 Ethical hacking Course Online (CEH)

The Ethical Hacking and Countermeasures course prepares candidates for the CEH exam offered by EC-Council. The course focuses on hacking techniques and technologies from an offensive perspective. This advanced security course is regularly updated to reflect the latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.
EC-Council believes in giving back to the security community as it has partaken of it. When you are a Certified Ethical Hacker, you are more than a security auditor or a vulnerability tester or a penetration tester alone. You are exposed to security checklists that will help you audit the organization’s information assets, tools which will check for vulnerabilities that can be exploited and above all a methodology to assess the security posture of your organization by doing a penetration test against it. In short, the knowledge you will acquire has practical value in making your workplace a more secure and efficient one.
Consider this: A security defense course educates candidates regarding proper configuration, firewalls, or rather pre-emptive security. CEH takes the alternative approach – defense in depth by attacking the systems. This is in sharp contrast to courses that teach defensive tactics alone. CEH imparts offensive tactics supplemented with defensive countermeasures. This ensures that the CEH professional can have a holistic security perspective of the organization.

Hacking techniques represent ways and means by which computer programs can be made to behave in ways they are not meant to. These techniques extend beyond the technology domain and can be applied to test security policies and procedures. Hacking technologies are used to refer to those tools and automated programs that can be used by perpetrators against an organization to incur critical damage. As technology advances, the skills required to execute a hack are much lesser as pre-compiled programs are available to effect havoc with simple point and click.

Retake exam requests can only be purchased by writing to [email protected], should a candidate fail the exam.  You can also read more about the retake policy Here
The CEH exam voucher code is valid for 1 year from the date of receipt.
Sessions should be booked at least 3 days in advance of the desired exam date. Note: All exam sessions are proctored by EC-Council Certification department.

Accreditations, Recognitions & Endorsements