Become a
Certified Ethical Hacker (C|EH)


Become a
Certified Ethical Hacker (C|EH)

Cybersecurity Incidents Are Exploding.
So are Cyber Jobs !

Build Your Career with the Most in-Demand Ethical Hacking Certification Program in the World,
Certified Ethical Hacker (CEH)

The Encyclopedia of Ethical Hacking

How C|EH v12 Empowers You:

A Revolutionary Way to Learn Ethical Hacking

Our exclusive Learn | Practice | Certify | Compete framework covers not only a comprehensive training program to prepare you for the CEH certification exam, but also the industry’s most robust, in-depth, hands-on lab experience of any cybersecurity program available. CEH v12 will teach you the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organizations.

Learn Ethical Hacking Course

Gain Skills

(Windows 11, Windows Servers, Linux, Ubuntu, Android)

Complete CEH Exam & Certified

Gain Experience

C|EH Knowledge Exam
C|EH Practical Exam
Engage with ethical hacking course

Gain Recognition

Ethical hacking certification by EC-Council

Gain Respect

Select Your Course Kit

While all CEH course kits have complete access to eCourseware and include an exam voucher, a few additional features and learning materials can be added to build deeper expertise and gain practical experience. This means that there is a C|EH package to suit everyone’s learning requirements.

Certified Ethical Hacking Elite

Learn, Certify
Engage & Compete

Exam Voucher*
Next Version eCourseware
6 Months of Official Labs
C|EH Engage
Global C|EH Challenges
Exam Preparation
C|EH Practical Exam
Ethical Hacking Video Library


Exam Retakes**


Certified Ethical Hacking Pro

Learn, Certify & Engage

Exam Voucher*
Next Version eCourseware
6 Months of Official Labs
C|EH Engage
Global C|EH Challenges
Exam Preparation
C|EH Practical Exam
Ethical Hacking Video Library


Exam Retakes**


Certified Ethical Hacker

Learn & Certify

Exam Voucher*
Next Version of eCourseware
6 Months of Official Labs
C|EH Engage
Global C|EH Challenges
Exam Preparation
C|EH Practical Exam
Ethical Hacking Video Library


Exam Retakes**


*Exam Vouchers: New to CEH, EC-Council now includes a free retake voucher for EVERY courseware package: 1 exam retake for standard C|EH courseware, 3 retakes for C|EH Pro, and unlimited retakes for C|EH Elite. Candidates may activate this benefit through the EC-Council student portal (ASPEN).

**Exam Retakes: This benefit provides candidates with the respective exam voucher on the ECC EXAM portal but excludes proctor administration fees which will apply for each attempt of the examination. Applicable to CEH Exam only. Please contact your training provider for details.


#Maximum 4 exam retakes allowed per year as per exam policy.

Program Information

Program Information

What's New in C|EH
Course Outline

CEH Course Syllabus/Outline

20 Modules that help you master the foundations of
Ethical Hacking and prepare to challenge the CEH certification exam.

Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered:
Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR
Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-on Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform footprinting on the target network using search engines, web services, and social networking sites
  • Perform website, email, whois, DNS, and network footprinting on the target network
Key topics covered:
Footprinting, Advanced Google Hacking Techniques, Deep and Dark Web Footprinting, Competitive Intelligence Gathering, Website Footprinting, Website Mirroring, Email Footprinting, Whois Lookup, DNS Footprinting, Traceroute Analysis, Footprinting Tools
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform host, port, service, and OS discovery on the target network
  • Perform scanning on the target network beyond IDS and Firewall
Key topics covered:
Network Scanning, Host Discovery Techniques, Port Scanning Techniques, Service Version Discovery, OS Discovery, Banner Grabbing, OS Fingerprinting, Packet Fragmentation, Source Routing, IP Address Spoofing, Scanning Tools
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration
Key topics covered:
Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, Enumeration Tools
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform Vulnerability Research using Vulnerability Scoring Systems and Databases
  • Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
Key topics covered:
Vulnerability, Vulnerability Research, Vulnerability Assessment, Vulnerability-Management Life Cycle, Vulnerability Classification, Vulnerability-Management Life Cycle, Vulnerability Assessment Tools, Vulnerability Assessment Reports
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.
Hands-on Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform an Active Online Attack to Crack the System’s Password
  • Perform Buffer Overflow Attack to Gain Access to a Remote System
  • Escalate Privileges using Privilege Escalation Tools
  • Escalate Privileges in Linux Machine
  •  Hide Data using Steganography
  • Clear Windows and Linux Machine Logs using Various Utilities
  • Hiding Artifacts in Windows and Linux Machines
Key topics covered:
Password Cracking, Password Attacks, Wire Sniffing, Password-Cracking Tools, Vulnerability Exploitation, Buffer Overflow, Privilege Escalation, Privilege Escalation Tools, Keylogger, Spyware, Anti-Keyloggers, Anti-Spyware, Rootkits, Anti-Rootkits, Steganography, Steganography Tools, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Post Exploitation, Clearing Logs, Covering Tracks, Track-Covering Tools
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
  • Gain Control over a Victim Machine using Trojan
  • Infect the Target System using a Virus
  • Perform Static and Dynamic Malware Analysis
Key topics covered:
Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform MAC Flooding, ARP Poisoning, MITM and DHCP Starvation Attack
  • Spoof a MAC Address of Linux Machine
  • Perform Network Sniffing using Various Sniffing Tools
  • Detect ARP Poisoning in a Switch-Based Network
Key topics covered:
Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform Social Engineering using Various Techniques
  • Spoof a MAC Address of Linux Machine
  • Detect a Phishing Attack
  • Audit Organization’s Security for Phishing Attacks
Key topics covered:
Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform a DoS and DDoS attack on a Target Host
  • Detect and Protect Against DoS and DDoS Attacks
Key topics covered:
DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform Session Hijacking using various Tools
  • Detect Session Hijacking
Key topics covered:
Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools

Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.

Hands-on Lab Exercises:
Over 7 hands-on exercises with real-life simulated targets to build skills on how to:

Bypass Windows Firewall
Bypass Firewall Rules using Tunneling
Bypass Antivirus

Key topics covered:
Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Honeypot, Intrusion Detection Tools, Intrusion Prevention Tools, IDS Evasion Techniques, Firewall Evasion Techniques, Evading NAC and Endpoint Security, IDS/Firewall Evading Tools, Honeypot Detection Tools

Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.

Hands-on Lab Exercises:

Over 8 hands-on exercises with real-life simulated targets to build skills on how to:

Perform Web Server Reconnaissance using Various Tools
Enumerate Web Server Information
Crack FTP Credentials using a Dictionary Attack
Key topics covered:
Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools

Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-on Lab Exercises:
Over 15 hands-on exercises with real-life simulated targets to build skills on how to:
    • Perform Web Application Reconnaissance using Various Tools
    • Perform Web Spidering
    • Perform Web Application Vulnerability Scanning
    • Perform a Brute-force Attack
    • Perform Cross-site Request Forgery (CSRF) Attack
    • Identify XSS Vulnerabilities in Web Applications
    • Detect Web Application Vulnerabilities using Various Web Application Security Tools
Key topics covered:
Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform an SQL Injection Attack Against MSSQL to Extract Databases
  • Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools
Key topics covered:
SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.
Hands-on Lab Exercises:
Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
  • Footprint a Wireless Network
  • Perform Wireless Traffic Analysis
  • Crack a WEP, WPA, and WPA2 Networks
  • Create a Rogue Access Point to Capture Data Packets
Key topics covered:
Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Hack an Android Device by Creating Binary Payloads
  • Exploit the Android Platform through ADB
  • Hack an Android Device by Creating APK File
  • Secure Android Devices using Various Android Security Tools
Key topics covered:
Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
  • Gather Information using Online Footprinting Tools
  • Capture and Analyze IoT Device Traffic
Key topics covered:
IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools
Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
  • Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools
  • Exploit Open S3 Buckets
  • Escalate IAM User Privileges by Exploiting Misconfigured User Policy
Key topics covered:
Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
  • Calculate MD5 Hashes
  • Perform File and Text Message Encryption
  • Create and Use Self-signed Certificates
  • Perform Email and Disk Encryption
  • Perform Cryptanalysis using Various Cryptanalysis Tools
Key topics covered:
Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching
Who is it for?

Who is it for?

  • Mid-Level Information Security Auditor
  • Cybersecurity Auditor
  • Security Administrator
  • IT Security Administrator
  • Cyber Defense Analyst
  • Vulnerability Assessment Analyst
  • Warning Analyst
  • Information Security Analyst 1
  • Security Analyst L1
  • Infosec Security Administrator
  • Cybersecurity Analyst Level 1, Level 2, & Level 3
  • Network Security Engineer
  • SOC Security Analyst
  • Security Analyst
  • Network Engineer
  • Senior Security Consultant
  • Information Security Manager
  • Senior SOC Analyst
  • Solution Architect
  • Cybersecurity Consultant


Making an informed decision is difficult, and that’s where the EC-Council’s CEH brochure comes to your rescue. The Certified Ethical Hacker (CEH) credential is the most trusted ethical hacking certification that employers worldwide value. And for good reasons. The comprehensive curriculum covers the fundamentals of ethical hacking, footprinting and reconnaissance, scanning, enumeration, vulnerability threats, social engineering, SQL injection, and much more. When you successfully achieve the CEH certification, you will be equipped with every skill you need to uncover vulnerabilities and secure the systems, networks, applications, databases, and critical data from malicious hackers. This is only an overview of CEH and what you will learn. For complete information, download the brochure now.

Is This Course For Me?

We have helped over 250,000 people answer this question over the past 20 years and we are excited to help you with this big decision! Choosing the right credential can seem like a difficult task, here are some things you should consider:

Is C|EH v12 for Beginners

CEH is a great place to start your career in Cyber Security, but you are required to have some requisite knowledge before getting into CEH. It’s recommended you have a minimum of 2 Years IT Security experience before attempting the C|EH. If you don’t have the experience and you are just getting started on this path, we recommend taking our Free Cyber Security Essentials Series, find more here.Here you can learn the foundations required to pursue mid-level certifications like CND, CEH, or CHFI.

What does a C|EH do?

Certified Ethical Hackers are hired by organization’s either on contract or as full-time employees to help improve the organizations security posture. C|EH is a required baseline certification for many different job roles, but the function of ethical hacking itself involves a methodical practice of identifying, evaluating, testing, and reporting on vulnerabilities in an organization. Ethical Hacking is a broad practice that covers many different technologies, but by systematically applying the methodologies taught in the C|EH program, ethical hackers can evaluate nearly any application or infrastructure they are tasked with, identify potential vulnerabilities, and provide recommendations on how those vulnerabilities can be remediated. In the case of military organizations, ethical hackers are highly trained in offensive and defensive activities and possess the critical skill sets and tactics to evaluate target systems and defend their own organization’s assets in real time.

Is C|EH worth pursuing?

While this is very much a personal decision for most, holding a C|EH certification communicates to your potential or current employer that you possess the baseline knowledge and skills to be an effective and productive member of the security team. The field of cybersecurity is rapidly growing with projected Job opportunity growth of 33%, according to U.S. Department of Labor, globally there is an insufficient supply of qualified people creating amazing opportunities for Certified Ethical Hackers in nearly every industry. To read more about the impact of C|EH on many of our Hall of Fame Ethical Hackers, read our Hall of Fame report here

Is C|EH a good certification?

We know not all certifications are created equal, and deciding to get certified is an investment for you in both time and money. For over 20 years, EC-Council has worked to build the best Ethical Hacking Certification on the market, the Certified Ethical Hacker. As a certification body, we ensure the topics covered in our examinations as well as the training that prepares you directly relates to the job roles and skills employers need. Our ANSI 17024 accredited examination goes through rigorous job task analysis, careful curation of exam domains, extensive work to build world-class training and hands-on components to provide candidates with an intensive hands-on experience throughout the program. C|EH is recognized by various governments around the world including the United States Department of Defense, GCHQ in the UK, and various others. EC-Council employs full-time content teams that work all year long on program design and maintenance ensuring each C|EH student receives the most up to date, relevant information as they pursue the certification. Currently on Version 12, C|EH version releases are paced every 12-18 months, depending on major trends in the market, new tools, vulnerabilities, operating systems, and much more.

How much money does a certified ethical hacker make?

Considering the global need and lack of qualified talent in the workforce, cybersecurity professionals are paid exceptionally well in most cases. As of August 2022, a simple search in for United States based positions show that Certified Ethical Hackers make an average of $103,866 per year, with the 90th percentile earning above $130,000. Experience, education levels, and other certifications provide even more value in most cases, but it is common to see starting salaries for Ethical Hackers that stretch well into six figures. We recommend searching your local job boards, viewing local salary information, and talking to potential employers to assess your own value in the market. C|EH has been ranked in the top 5 highest paid cybersecurity certifications for the last 10 years and continues to grow worldwide.

Currently in its 12th version, C|EH is a very well-known certification in the cybersecurity space. A simple search for global job ads on LinkedIn (as of August 2022) shows over 32,000 available jobs requesting candidates with a C|EH Certification representing over 72% market share in job ads placed by employers combined across Career Builder, LinkedIn, Dice, Indeed, Monster, and Naukri, while being compared to other certifications like SANS GPEN, OSCP, and Pentest+.

Is C|EH in demand?

Like the question above, is C|EH a popular certification, C|EH is the most in demand cybersecurity certification globally representing the majority share of job ads requesting certified candidates. C|EH is also recognized as a baseline certification by the United States Department of Defense for its cyber workforce. C|EH is also the backend content for over 1,200 colleges and universities across the globe running computer Science and cybersecurity degree programs.

Why Should I consider getting the C|EH?

Knowledge, skills, opportunity, respect, proof… These are all words that circle the C|EH for many of our certified members. The knowledge and Skills attained through the program are second to none covering the widest possible set of domains in cybersecurity, while the Certification itself shows employers you are qualified for the job and serious about proving it. Holding Industry recognized, ANSI accredited Certifications proves to your current or prospective employer that a third party (EC-Council) has evaluated your knowledge and skills and conferred a certification to you based on your accomplishments in the program. C|EH opens many doors as the practice of Ethical Hacking serves as the backbone to a variety of specialized roles in cybersecurity. With very reasonably priced training and certification, available globally, C|EH is a small, short-term investment of your time and money with the potential of a lifetime of high-value returns.

After I get certified, does EC-Council help with job placement?

While EC-Council is not a staffing agency or recruiter, we are tied with many employers seeking Certified Ethical Hackers. Our on-staff advisors are always available to work with you one-on-one to provide recommendations and guidance on how to find the best opportunity that matches your ambition. EC-Council employs nearly 1,000 full-time employees across the world, all dedicated to providing you with the best experience in training, certification, and skill development. Our committed advisors are only a phone call away and happy to talk to you about your career ambitions and help guide you in any way we can. We suggest filling out the form on this page to get connected with an advisor and we will be happy to reach out, or give us a call any time. We are here to help.

How much does the Certified Ethical Hacker (C|EH) Cost?

Certified Ethical Hacker (C|EH) pricing, varies depending on a few factors. First and foremost, you should choose whether you want self-paced online, live online, or in-person training. To see the C|EH certification price & exam cost, please click here. Alternatively, we welcome you to click here and speak with one of our career advisors and find the C|EH costing and/or funding options that are available for you. We are excited you are considering a change and our team is happy to help find the best C|EH price fit for you, your budget, and your schedule.

Which certification is best for hacking?

The C|EH program helps you understand hackers by getting you into their mindset. After all, to be a hacker, you need to think like a hacker. There are both unethical and ethical hackers: unethical hackers engage in illegal or unlawful activities, while ethical hackers use their hacking knowledge to protect organizations and their assets. The official C|EH course is the world’s #1 ethical hacking certification. If you want to become one of the world’s best ethical hackers, the C|EH is recommended by experienced professionals, organizations in both the private and public sector, industry leaders and experts, and hiring managers.

Which is the World’s #1 Ethical Hacking Course?

The Certified Ethical Hacker Certification (C|EH) is the world’s #1 ethical hacking certification. In the recent 2023 C|EH Hall of Fame Survey Report, which collected responses from thousands of cybersecurity professionals, we discovered many key findings about the C|EH’s real-life impact and how the program has benefitted its many graduates

Here are a few of our findings:

  • Over 50% of the professionals received promotions after completing the C|EH program.
  • 97% of the professionals stated that they skills they acquired during the C|EH program helped safeguard their organizations.
  • 95% of the respondents chose the C|EH for career growth.
  • 93% of the professionals stated that C|EH skills improved their organizational security.
  • 97% of the professionals found that C|EH labs accurately mimic real-world cyber threats.

Do click here to read more findings:

Is C|EH hard to pass?

The C|EH Exam is an ANSI 17024 exam which means it goes through extensive external validation to ensure the examination itself is fair for the knowledge and experience level of our certification challengers. With the recommendation of 2 years’ experience in  IT Security or 0fficial training, candidates attempting the exam need to possess strong knowledge in computing systems, networks, and a variety of other IT topics. The examination itself uses Cut-Scores to determine pass/fail results and cut scores are carefully set by psychometricians who regularly evaluate test question performance and average pass/fail results throughout the life of the program. Reviews from our certification members with limited experience or background have rated our exam as difficult, while more seasoned IT and IT security professionals rate the exam as moderately challenging even after official training. You may review the exam domains and the exam blueprint here to learn more

How do I get certified?

Anyone wishing to take the C|EH Examination must first be deemed eligible to take the exam. We offer two paths to eligibility:

1. Attend official training through our online learning provided by iClass, through an Authorized Training Center (ATC) located in 140+ countries around the world, or at a college or university that is also an official EC-Council Academia Partner. All candidates attending official training at an official EC-Council partner if deemed eligible to attend the training will have direct access to the examination which can be proctored at the training center, online using EC-Council’s remote proctoring service, or at over 4,500 VUE testing centers across the world.

2. Eligibility Application – If you possess the experience and don’t feel training is necessary in the domains of the exam, you may wish to skip the training and go straight to challenging the exam. If you do not attend official training, you will need to apply for exam eligibility here. After the application is processed and approved, EC-Council will work directly with you to determine the best delivery method for the exam, and you may then challenge the 4-hour certification exam as scheduled.

What are the pass rates for C|EH?

While EC-Council doesn’t publish pass rates for the exam, typical pass rates globally range from 60%-80%. We offer a variety of test preparation materials and official training to help you ensure you are ready to challenge the exam when the time comes.

Can I skip training and just get certified?

Yes, candidates who wish to bypass the official training and jump straight to the exam may apply for eligibility. If eligibility is granted, you may directly challenge the examination. See “How do I get certified?” in the FAQ above for the eligibility guidelines and application process.

I watched some videos on YouTube about C|EH. Does that prepare me to take the exam?

While we recognize there are some great resources on YouTube, many informative and entertaining topics are available there, EC-Council does not publish its official training on YouTube, nor do our authorized partners. There are many self-published videos that claim to prepare you for the C|EH Exam, and while they may provide valuable information, these are not a substitute for Official C|EH Training and will not be accepted as a method of study when it comes to applying for exam eligibility.

How do I know if I am ready to take the C|EH exam?

The most common path students take to prepare for C|EH is official training. The certified EC-Council instructors utilize official EC-Council training materials carefully designed to take you through the various domains covered on the certification exam. Accompanying the training materials, C|EH also includes over 50% hands-on activities in a live Cyber Range where you will practice and apply the knowledge and skills learned in the course against live virtual systems in the controlled environment. Students also receive official exam Prep test banks where you can practice with mock exam questions broken up by domain to assess your level of readiness for the certification. We strongly recommend utilizing these resources to prepare, however if you choose the direct eligibility route, review the domains covered in the exam and the exam blueprint, based on your own knowledge and experience levels, you can self-assess your competency in each area and decide if you are ready to attempt the exam. Students in official C|EH training from V12 on receive free retakes based on the package they enroll into, and retake exams are available for others if required for a fee.

What score do I need to pass the exam?

EC-Council’s official exam retake policy is available here

What if I don't pass on my first attempt?

The CEH exam is a 4-hour, scenario-based examination with multiple choice questions. Each question is carefully weighted to the domain and objective and carries its own cut score. The C|EH exam itself has multiple exam forms that rotate along with rotating questions in each exam form. Because the questions and forms rotate, each exam has a cumulative cut score that is calculated as the aggregate of all question cut scores. This rotation creates multiple variations of passing scores based on the exam form you receive; typical passing cut scores range from 65% to 80% providing the most equitable and fair approach to exam performance per ANSI 17024 testing standards. Cut Scores and your achieved score will be shown on your exam transcript available immediately after completing the examination.

Do I have to maintain my certification?

Yes, all legitimate professional certifications have a recertification and maintenance process. The requirements are published under our EC-Council Continuing Education (ECE) Policy available here

I'm currently studying C|EH at a university; how do I request my certification exam?

Depending on which program you are in, your options may vary, but we are here to help! If you are studying through EC-Council University, simply login to your myeccu account and connect with your counselor. If you are studying at an EC-Council Academia Partner, speak with your professor and ask if the university has included certification in the student resources, if not, you can write to [email protected] and connect directly with our student services team.

How long does it take to become a C|EH?

The total time it takes to become a C|EH can vary by student, but the typical answer is 5 days. C|EH official training is structured as 5-day Bootcamp style training with testing typically delivered at the end of the 5th day as a 4-hour exam. Students who follow an on-demand or self-paced course through iClass or decide to defer their testing date may take longer to achieve certification.

What does C|EH Cover?

The C|EH program and C|EH exam cover a variety of topics that center around the Tactics and Procedures required to be a tactical cybersecurity professional. Focusing on the entire kill-chain process, C|EH covers a variety of topics from foot printing and reconnaissance, to scanning, gaining access, maintaining access, and covering your tracks. This 5-phase ethical hacking process applies to a variety of scenarios including traditional on-premises networks, cloud, hybrid, IoT systems, and stretches across a variety of topologies and application environments. Students will learn a variety of tools and techniques across this evaluation process as well as how hackers will utilize the same TTPs to hack into organizations.

Are there any prerequisites for C|EH?

There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them. (Example: C|EH will teach the process of host evaluation leading to enumeration, in this process trainees will scan downrange targets using common scanning techniques such as Nmap which will respond with a list of ports, enumerating those ports and the services running on them can be used to expose common vulnerabilities and weaknesses in systems. The C|EH program will not teach you what a port is, that is essential knowledge you must have to be successful in the class.) If you do not possess the foundational skills in IT and Networking, we recommend starting with our free cybersecurity Essentials Series found here

I see C|EH as part of a track. How does that work?

While the C|EH program and certification stand on their own are  not required to be taken in the sequence of a track, we have many students that are focused on a specific specialization such as digital forensics, threat intelligence, penetration testing, or executive leadership. To support those specializations, EC-Council has published a series of certification tracks that focus on stacking the competencies required to excel in those specializations. To view the available tracks and see what types of careers they lead into, Download our Cyber Career Track guide.

What do I get as a student in C|EH?

Students attending official training for C|EH, either through our online division iClass, or in person at an authorize training center will receive the most comprehensive ethical hacking program on the market. The training resources stretch well beyond what you may be used to in a typical bootcamp style course as C|EH not only supports you in the training program but also supports you after training and well into your career as a C|EH. Our new framework in C|EH, Learn, Certify, Engage, Compete provides you with all the courseware, documentation, cheat sheets, and hands-on labs hosted in our Cyber Range to complete the 5 days of training. Students also receive exam vouchers to attempt the certification exam and free retakes in the event you aren’t successful on your first attempt. To help prepare you for the exam, you will also receive exam prep where you can practice in a mock exam environment. Supporting you post certification; we have designed our Engage practice range with a mock organization where you will take place (on your own time and at your own pace) in a complete ethical hacking engagement. Starting with your initial scanning and recon exercise, you will foot print the target network, identify vulnerabilities and follow the entire process learned in C|EH as you assess the target organization, leading all the way up to full exploitation of the targets where you will hack into web servers, IoT devices, as well as IT and OT systems. After you complete your first engagement against the target organization, you will move onto Compete, where you can take part in monthly Global Hacking Competitions available exclusively to Certified Ethical Hackers. With new competition scenarios each month, you will be able to test your skills in malware analysis and ransomware, SCADA, and ICS environments as you hack your way into a Power Grid System or potentially take over a water treatment facility, Hack into Web Applications as we focus on web server vulnerabilities, and much more. To further support your continuous learning and skill development, Students of the Official C|EH training program also receive our curated Ethical Hacking Video Libraries through CodeRed where you will have access to focused titles, 2 to 4 hour courses delivered online in topics like Python for Pen testers, Opensource intelligence, Wireshark for Ethical Hackers, Ethical Hacking with Nmap, Windows Penetration Testing Essentials, Next Gen Firewalls, Applied Secure Smart City, Burp Suite: Web App Pen Testing, and more. The C|EH training program was designed to support you as you learn the ethical hacking practice, provide you with hands-on labs and challenges, expose you to your first ethical hacking engagement, hone your skills through competition, and support your continuous learning with specially curated titles directly related to the ethical hacking space.

Is C|EH a hands-on program?

Yes! Every concept taught in C|EH is backed up by hands on labs hosted in our Cyber Range. The training itself is divided roughly 50/50 into lecture & discussion (50%) and hands-on labs (50%). Additional hands-on practice is available in our labs with objective based CTF style flags to challenge your critical thinking and applied knowledge, then reinforced with our practice range, followed by 12 months of live competitions all executed in our Cyber Range 100% hands-on and applied. We believe strongly you can’t really learn to hack by reading a book, you must practice, if you are considering C|EH, roll your sleeves up and get ready for an intensive hands-on program where you will practice and hone your trade craft as an ethical hacker!

What will I learn in C|EH?

Like the question above “What does CEH Cover” Security professionals attending this program will learn the professional practice of ethical hacking. You will get hands-on with the Cyber Kill chain, you will learn how to evaluate target systems for vulnerabilities, misconfiguration and weaknesses, you’ll learn how to find the weakest link in an organization through concepts like social engineering, most of all, you will learn how hackers operate, what tactics they use, and how to apply those tactics in a professional setting to identify weaknesses in your organization and apply remediation strategies before your organization becomes the next victim of a cyberattack or breach.

Where can I find training?

Training is available globally through EC-Council iClass ( as well as through the world’s largest network of Authorized Training Centers. EC-Council has over 900 Authorized training centers covering 145 countries. If you are seeking credit bearing programs at a college or university, EC-Council University offers bachelor’s and master’s programs in cybersecurity that incorporate C|EH into the curriculum, and we also have a network of over 1,200 colleges and universities that teach C|EH as a part of their degree programs using our official Academia Courseware and Labs. Look for the Authorized Training Center Logo, or the Official Academia Partner Logo when selecting your training location.

Can I take C|EH online?

Yes! C|EH is available Online in both Instructor Led self-paced learning and live Instructor led. Visit Here for more information.

What is the difference between live training and on-demand, self-paced training from EC-Council iClass?

iClass, EC-Council’s official eLearning division provides two primary forms of training, Masterclass and iLearn.

Masterclass provides student with a Live Online, Instructor led class schedule with set times where our award-winning instructors will guide you through the C|EH training module by module incorporating hands on lab time, breakout sessions for discussions and a live presentation of all course materials.

iLearn is EC-Councils On-Demand training option. We have hand selected the best instructors, flown them to our Albuquerque based studio and produced professional pre-recorded video lectures and lab walkthroughs that can be accessed through your iClass student account any time, 24x7x365.

Is self-paced training the same as self-study?

No, while most students elect to attend official training receiving the professional guidance of a certified instructor, others prefer to simply study on their own without official training. Materials are available for purchase on the EC-Council Store if you wish to simply study on your own, this is what we label as self-study. Any student electing the self-study route will need to apply for exam eligibility as they did not attend official training.

How do I verify my C|EH materials?

Getting certified is about validating your knowledge, CEH is trusted by employers across the globe as a baseline cyber security certification. Certified Ethical Hackers hold a variety of job titles and roles because the ethical hacking process is fundamental to many cyber security operations. While some organizations have Ethical Hackers in their job role framework, it often takes on other forms with specialization such as Network Defender, Penetration Tester, Secure Coder, Cloud Security Engineer, Security Architect, Auditor, and even opens doors into leadership roles.

What is an ATC?

Authorized Training Centers are typically computer training centers, consulting groups, and education companies who have partnered with EC-Council to offer official training leading to the C|EH Certification. ATCs must apply with EC-Council where we individually evaluate each potential partner and their business practice. Once approved, ATC’s must maintain certified instructors (CEIs) also vetted by EC-Council for certification and teaching experience, then the ATC is provided access to heavily discounted Training Materials, Cyber Ranges, Practice Ranges, and Competition passes for their students. ATCs compete each year across the globe to be recognized in our Circle of Excellence award ceremonies where the top trainers, and top training centers receive awards and recognition for their accomplishments in affecting the cybersecurity workforce. Organizations who carry the ATC logo with EC-Council run official training programs to standards that are upheld and monitored closely ensuring you have a great experience when you enroll in a C|EH training program. If your training center is not an ATC and claims to train you in C|EH, beware, we see very high failure rates on exams, frustrated students, outdated content, and a general lack of professionalism with organizations who do not go through the proper channels to run official, authorized programs. Often, students must fight for refunds from these types of centers and end up attending training either through our own iClass division, or at one of our ATCs where they will get the C|EH training and certification experience, they were originally seeking.

Are C|EH instructors good? What is a CEI?

To ensure instructors understand the subject matter they teach and provide a great experience to our Certification candidates, EC-Council implemented a Certified EC-Council Instructor (CEI) program. Many CEIs are industry practitioners who also teach, but the CEI program is a way of ensuring the instructors carry an active C|EH credential and have sufficient experience teaching/instructing. To see the CEI requirements these instructors must meet, feel free to review our CEI application process Click here 

If I take official training, do I still need to apply for the exam?

No. Attending Official training is one of the two ways to become eligible to take the C|EH exam. If you have completed Official Training through EC-Council or through one of our Authorized Training centers, you will not need to apply for exam eligibility, you will not need to pay the $100 Application Fee, and you will not have to wait for reference checks to be approved. Authorized Training Centers have the contracted right to deliver exams to you directly after completing your official training. If the training center you have gone to advises you in any other way, please give us a call and we will help to sort out the confusion, or validate your training was at an Authorized Training Center.

I'm ready! Can I get started with C|EH today?

Yes, the fastest way to get started with C|EH is through our iClass program. Visit Here and get started right away.

How much does the training cost?

C|EH Training is available all over the world in a variety of different formats, from online self-paced, online live, in person bootcamps at ATCs and incorporated into education programs at colleges and universities. The program cost by region and by format can vary. C|EH Training is normally very affordable and with broad availability, you as the potential student have many options you can evaluate. We are more than happy to help guide you through this process, feel free to contact us to validate a price, validate the status of an ATC, or receive pricing for online training programs. The fastest way to reach a team local to you is to fill out the form on this page and we will reach out to you shortly thereafter.

Are there funding options available?

Funding options are tied to the organization providing the training as well as funding options for the region you are in. EC-Council and many of its partners have a variety of options for funding your training including payment plans, discount plans, even military and tuition assistance programs with your employers

Can I get a C|EH through EC-Council University?

Yes! If you enroll as a student in ECCU and are pursuing your bachelors or master’s degree, many of the courses align to industry certifications throughout the program. CIS 404 Hacker Techniques, Tools, and Incident Handling maps to the Certified Ethical Hacker exam. Students who complete this course through ECU will be eligible to attempt the C|EH Exam. For more information, visit Here

What is the difference between education and training when it comes to C|EH?

Delivery formats in education, specifically academic education and training can vary greatly. While the content students go through is the same, the delivery formats vary greatly. If you are pursuing a degree at ECCU or one of our Academia partners, you will likely be enrolled into a course that is delivered over a semester, often lasting between 8 and 12 weeks following a traditional academic format. Students will go through lectures with lab time, participate in threaded discussions, complete mid-term and final assessments and receive college credit for the course, then independently pursue certification by taking the examination. This is a great option if you are looking for a more engaged experience with your school where they can focus on the academic elements of the program and often more rigorous progression assessments. Training, on the other hand, is often run in a condensed bootcamp. C|EH is an intensive 5-day program delivered in person or online where the instructor will take you through intensive lectures followed by hands-on practice of the concepts taught. This five-day format is referred to by many as the “firehose” training approach. You will be exposed to the entire domain set of the C|EH program over 5 days with 2.5 days mixed throughout the course of hands-on practice, demonstration, and challenges. Frequently, our ATCs will host examination at the end of the 5-day program late in the afternoon resulting in 5 days of training, 4 hours of certification all in one week. You then have access after the course for 2 years to courseware and 6 months for the hands-on labs. With C|EH v12, you also have post course access to the Engage Practice Range, the Global C|EH Competitions, and the CodeRed learning libraries for continuous education.

Is C|EH Accredited?

Accreditations measure the capability of the certification body from various aspects including program design, management, content, delivery, policy, discipline, financial viability, relevance of training, demand, and more. C|EH is accredited by ANAB, the ANSI National Accreditation Board under ANSI ISO/IEC 17024 and is also accredited by the American Council on Education (ACE) under ACE ID ECCL-0002 as credit bearing and transferrable for three elective credits.

Does the U.S. military recognize C|EH?

C|EH is recognized by the United States Army Ignited program as eligible for military benefit reimbursement. C|EH is approved by the U.S. Department of Veterans Affairs as an approved credential for reimbursement utilizing post 9/11 GI Bill funds, and it is also recognized across the various military forces in their enlisted and officer ranks meeting the requirements of over 320 distinct job roles with military funding and reimbursement eligibility unique to each branch of military.

Does the Department of Defense recognize C|EH?

Yes, C|EH is approved by the US DoD under Directive 8140 as meeting the baseline requirements for 4 out of the 5 Cyber Security Service Provider Roles (CSSP) roles, CSSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder, and CSSP Auditor as mentioned in the 8140 Information Assurance Workforce Improvement Program. Available here

What other Government bodies recognize C|EH?

(UK’s intelligence, security, and cyber agency) Approves EC-Council Training as meeting CYBOK requirements.

Can I get college credit taking C|EH?

If you are taking the program at ECU, or in a college or University that is an Official Academia Partner, your course will be credit bearing. In the vent you are attending bootcamp training for C|EH, computer training centers typically do not offer college credits, however, with the ACE Accreditation from the American Council on Education, C|EH is already ACE Accredited with a recommended college credit equivalent to 3 elective credits at a bachelor’s level. Many schools will accept the ACE Accreditation and consider awarding those credits to you upon enrollment. ECU will also evaluate your transcript and upon application to the University, award the three credits for your achieved certification.

Discover Why CEH Certification Trusted By Organization Across The World!

For more than 15 years, EC-Council’s Cybersecurity programs have empowered cybersecurity professionals around the world to exercise their training and expertise to combat cyberattacks. The Hall of Fame celebrates those individuals who have excelled, achieved, and fostered a spirit of leadership among their colleagues and peers within the cyber community.

1 in
Every 2
Professionals Received Promotions After C|EH
of Professionals Found C|EH Labs to Accurately Mimic Real-world Cyber Threats.
of Professionals Stated That Skills Acquired in C|EH Helped Safeguard Their Organizations.
Choose C|EH for Career Growth

Why People Love C|EH

Accreditations, Recognitions and Endorsements