Certified Ethical Hacker (CEH) v13
Unlock the secrets of cybersecurity with our Certified Ethical Hacker (CEH) v13 course, perfect for IT professionals and anyone interested in a cybersecurity career. Learn to identify system vulnerabilities, understand hacking techniques and implement effective countermeasures for a safer digital landscape.
Included In This Course
68 Hrs 56 Min
320 On-demand Videos
Closed Captions
21 Topics
100 Prep Questions
Certificate of Completion
Course Description for Certified Ethical Hacker (CEH) v13 Ethical Hacking and Cybersecurity Training
The Certified Ethical Hacker (CEH) v13 course is the gold standard for professionals who want to master the latest cybersecurity and ethical hacking techniques. Updated to reflect the newest threats, tools, and methodologies, this intensive training covers 21 comprehensive modules ranging from advanced footprinting and reconnaissance to cryptography, cloud security, IoT hacking, and artificial intelligence in cybersecurity. The CEH v13 curriculum aligns with current security practices and frameworks such as MITRE ATT&CK and the Cyber Kill Chain, ensuring participants gain real-world, job-ready skills.
Throughout the program, learners will engage with practical labs and hands-on activities, including vulnerability assessments with OpenVAS, password cracking with Hashcat, session hijacking, exploiting web and mobile applications, and hacking cloud platforms like AWS and Azure. By integrating offensive security skills with defensive countermeasures, this course provides an in-depth understanding of how to ethically hack systems while protecting organizational assets, making it one of the most respected and recognized certifications in cybersecurity.
What You Will Learn in CEH v13 Ethical Hacking Certification
By enrolling in the CEH v13 course, you will gain hands-on, advanced skills to identify, analyze, and mitigate cybersecurity threats. Here’s what you’ll master:
- Advanced footprinting, reconnaissance, and OSINT gathering techniques
- Scanning and enumeration tools, including Nmap and AI-enhanced scanning tools
- Vulnerability assessment and exploitation methodologies
- System hacking with tools like Metasploit and Meterpreter
- Social engineering, phishing, and insider threat exploitation
- Sniffing, spoofing, and man-in-the-middle attack techniques
- Web application and server hacking, including OWASP Top 10 vulnerabilities
- Wireless and mobile device hacking strategies
- IoT, OT, and cloud security attack vectors and defenses
- Cryptography principles and cryptanalysis techniques
- AI-powered cybersecurity tools and countermeasures
Exam Objectives for EC-Council CEH v13 Certification
The Certified Ethical Hacker (CEH) v13 is governed by the EC-Council. The exam objectives reflect the following skill areas, tested across multiple weighted sections:
- Information Security and Ethical Hacking Fundamentals (6%)
- Reconnaissance and Footprinting Techniques (12%)
- Scanning Networks and Enumeration (12%)
- System Hacking, Malware, and Advanced Threats (20%)
- Sniffing, Social Engineering, and Denial-of-Service Attacks (15%)
- Web and Mobile Application Hacking (15%)
- Cloud, IoT, and OT Hacking (10%)
- Cryptography and Security Countermeasures (10%)
The EC-Council requires candidates to demonstrate practical skills through scenario-based questions to prove their ethical hacking capabilities.
Who This Certified Ethical Hacker (CEH) v13 Training is For
This CEH v13 course is ideal for anyone pursuing a career in ethical hacking or cybersecurity, providing a comprehensive knowledge base suitable for various professional backgrounds.
- Cybersecurity analysts and security engineers
- Penetration testers and vulnerability assessors
- IT professionals seeking to move into ethical hacking roles
- System and network administrators wanting advanced security skills
- Law enforcement or military cybersecurity professionals
- Anyone interested in learning cybersecurity from a practical, hands-on perspective
Possible Jobs You Can Get With This Ethical Hacking Knowledge
Completing the CEH v13 certification opens the door to a wide range of career opportunities in cybersecurity and IT security:
- Certified Ethical Hacker (CEH)
- Penetration Tester
- Cybersecurity Analyst
- Red Team Operator
- Vulnerability Assessor
- Security Operations Center (SOC) Analyst
- Cybersecurity Consultant
- Incident Response Analyst
Average Industry Salaries for Certified Ethical Hackers and Cybersecurity Professionals
The financial benefits of gaining the CEH v13 certification can be significant, with salaries reflecting the growing demand for skilled cybersecurity experts:
- Certified Ethical Hacker: $85,000–$130,000 per year
- Penetration Tester: $90,000–$140,000 per year
- Cybersecurity Analyst: $80,000–$120,000 per year
- Red Team Operator: $100,000–$150,000 per year
- Cybersecurity Consultant: $95,000–$145,000 per year
Salaries may vary based on location, years of experience, and additional certifications.
Get Started Today — Become a Certified Ethical Hacker v13
Ready to future-proof your cybersecurity career? The CEH v13 training equips you with in-demand skills to ethically hack, secure systems, and defend against advanced cyber threats. Whether you are looking to launch your career or advance to the next level, this certification will give you a competitive edge recognized globally by employers. Don’t wait — join thousands of successful CEH professionals who have elevated their skills and advanced their careers with this industry-leading certification.
Enroll today and take your first step toward becoming a trusted ethical hacker!
Blogs of Interest Related to This Course
Proudly DisplayYour Achievement
Upon completion of your training, you’ll receive a personalized certificate of completion to help validate to others your new skills.
Certified Ethical Hacker (CEH) v13 Course Content
Module 1: Information Security and Ethical Hacking Overview
- 1.0 Introduction to CEH v13
- 1.1 Elements of Security
- 1.2 Cyber Kill Chain
- 1.3 MITRE ATT&CK Framework
- 1.3.1 ACTIVITY - Examining MITRE ATT&CK
- 1.4 Hacking
- 1.5 Ethical Hacking
- 1.6 Information Assurance
- 1.7 Risk Management
- 1.8 Incident Management
- 1.9 Information Security Laws and Standards
- 1.10 Using AI in Ethical Hacking
- 1.11 Information Security and Ethical Hacking Review
Module 2: Footprinting and Reconnaissance
- 2.1 Footprinting Concepts
- 2.2 OSINT Tools
- 2.2.1 ACTIVITY - Finding Internet-Connected Devices with Shodan
- 2.2.2 ACTIVITY - Performing OSINT with theHarvester
- 2.3 Advanced Google Search
- 2.3.1 ACTIVITY - Google Hacking
- 2.4 Whois Footprinting
- 2.4.1 ACTIVITY - Footprinting with WHOIS
- 2.5 DNS Footprinting
- 2.5.1 ACTIVITY - Enumerating DNS
- 2.6 Website Footprinting
- 2.7 Email Footprinting
- 2.8 Network Footprinting
- 2.8.1 ACTIVITY - Tracing a Network Path with Traceroute
- 2.9 Social Network Footprinting
- 2.10 Enhanced OSINT
- 2.11 Footprinting-and-Reconnaissance-Countermeasures
- 2.12 Footprinting and Reconnaissance Review
Module 3: Scanning Networks
- 3.1 Scanning Concepts
- 3.2 Discovery Scans
- 3.3 Port Scans
- 3.4 Other Scan Types
- 3.5 Scanning Tools
- 3.6 NMAP
- 3.6.1 ACTIVITY - Port Scanning and Fingerprinting with NMAP
- 3.7 Firewall and IDS Evasion
- 3.8 Proxies
- 3.9 AI Enhanced SCANNING Tools
- 3.10 Scanning counter-measures
- 3.11 Scanning Networks Review
Module 4: Enumeration
- 4.1 Enumeration Overview
- 4.2 SMB_NetBIOS_Enumeration
- 4.3 File Transfer Enumeration
- 4.4 WMI Enumeration
- 4.5 SNMP Enumeration
- 4.6 LDAP Enumeration
- 4.7 DNS Enumeration
- 4.8 SMTP Enumeration
- 4.8.1 ACTIVITY - SMTP Enumeration
- 4.9 Remote Connection Enumeration
- 4.10 Website Enumeration
- 4.10.1 ACTIVITY - Enumerating Website Directories
- 4.11 Local User and Active Directory Enumeration
- 4.12 Other Enumeration Types
- 4.13 Enumeration Using AI
- 4.14 Enumeration Countermeasures and Review
Module 5: Vulnerability Analysis
- 5.1 Vulnerability Scanning
- 5.1.1 ACTIVITY - Vulnerability Scanning with OpenVAS
- 5.2 Vulnerability Assessment
- 5.3 AI Assisted Vulnerability Assessment
- 5.4 Vulnerability Analysis Review
Module 6: System Hacking
- 6.1 System Hacking Concepts
- 6.2 Common Operating System Exploits
- 6.3 Buffer Overflows
- 6.4 System Hacking Tools and Frameworks
- 6.5 Metasploit
- 6.5.1 ACTIVITY - Hacking with Metasploit
- 6.6 Meterpreter
- 6.6.1 ACTIVITY - Having Fun with Meterpreter
- 6.7 Keylogging_and_Spyware-
- 6.8 Netcat
- 6.8.1 ACTIVITY - Using Netcat
- 6.9 Windows Exploitation
- 6.10 Windows Post- Exploitation
- 6.10.1 ACTIVITY - Windows Post Exploitation with Eternal Blue
- 6.10.2 ACTIVITY - Escalating Privilege with Token Passing
- 6.11 Linux Exploitation
- 6.11.1 ACTIVITY - Pwn a Linux Target from Start to Finish
- 6.12 Linux Post-Exploitation
- 6.13 Password Attacks
- 6.13.1 ACTIVITY - Pass-the-Hash
- 6.13.2 ACTIVITY - Password Spraying with Hydra
- 6.14 Password Cracking Tools
- 6.14.1 ACTIVITY - Password Cracking with Hashcat
- 6.14.2 ACTIVITY - Brute Forcing with Medusa
- 6.15 Windows Password Cracking
- 6.16 Attacking Network Services
- 6.16.1 ACTIVITY - Cracking Linux Passwords with John-the-Ripper
- 6.17 Other Methods for Obtaining Passwords
- 6.18 Network Service Attacks
- 6.19 Lateral Movement
- 6.19.1 ACTIVITY - Preparing to Pivot
- 6.19.2 ACTIVITY - Lateral Movement through Pivoting
- 6.20 Persistence
- 6.20.1 ACTIVITY - Creating a Persistent Netcat Back Door
- 6.20.2 ACTIVITY - APT Persistence
- 6.21 Hiding Data
- 6.21.1 ACTIVITY - Hiding Data with Steganography
- 6.22 Covering Tracks
- 6.22.1 ACTIVITY - Cover Tracks with Log Tampering
- 6.23 Side-Channel-Attacks
- 6.24 AI-Powered Vulnerability Exploitation Tools
- 6.25 System Hacking Countermeasures
- 6.26 System Hacking Review
Module 7: Malware Threats
- 7.1 Malware Overview
- 7.2 Viruses
- 7.3 Trojans
- 7.4 Rootkits
- 7.5 Other Malware
- 7.6 Advanced Malware Threats
- 7.7 Malware Makers
- 7.7.1 ACTIVITY - Creating a Malware Dropper and Handler
- 7.8 Malware Deployment
- 7.9 Malware Detection
- 7.10 Malware Analysis
- 7.10.1 ACTIVITY - Analyzing the SolarWinds Orion Hack
- 7.11 AI and Malware
- 7.12 Malware Countermeasures
- 7.13 Malware Threats Review
Module 8: Sniffing and Spoofing
- 8.1 Network Sniffing
- 8.2 Sniffing Tools
- 8.2.1 ACTIVITY - Intercepting Data with Wireshark
- 8.2.2 ACTIVITY - Capturing Files off the Network
- 8.3 MAC and ARP Attacks
- 8.3.1 ACTIVITY - Performing an MITM Attack with Ettercap
- 8.4 Name Resolution Attacks
- 8.4.1 ACTIVITY - Spoofing an Authentication Service with Responder
- 8.5 Other Layer 2 Attacks
- 8.6 Sniffing and Spoofing Countermeasures
- 8.7 Sniffing and Spoofing Review
Module 9: Social Engineering
- 9.1 Social Engineering Concepts
- 9.2 Social Engineering Techniques
- 9.3 Social Engineering Tools
- 9.3.1 ACTIVITY - Phishing for Credentials
- 9.3.2 ACTIVITY - OMG Cable Baiting
- 9.4 Social Media, Identity Theft, Insider Threats
- 9.5 Social Engineering and AI
- 9.6 Social Engineering Countermeasures
- 9.7 Social Engineering Review
Module 10: Denial-of-Service
- 10.1 DoS-DDoS Concepts
- 10.2 Volumetric Attacks
- 10.3 Fragmentation Attacks
- 10.4 State Exhaustion Attacks
- 10.5 Application Layer Attacks
- 10.5.1 ACTIVITY - Conducting a Slowloris DDoS Attack
- 10.6 Other Attacks
- 10.7 DoS Tools
- 10.7.1 ACTIVITY - Performing a HOIC DDoS Attack
- 10.8 DoS Countermeasures
- 10.9 DoS Review
Module 11: Session Hijacking
- 11.1 Session Hijacking
- 11.2 Compromising a Session Token
- 11.3 XSS
- 11.3.1 ACTIVITY - Web Session Hijacking with XSS
- 11.4 CSRF
- 11.5 Other Web Hijacking Attacks
- 11.6 Network-Level Session Hijacking
- 11.7 Session Hijacking Tools
- 11.8 Session Hijacking Countermeasures
- 11.9 Session Hijacking Review
Module12: Attack Detection and Prevention
- 12.1 Types of IDS
- 12.2 Snort
- 12.3 Logging and Monitoring
- 12.4 IDS Considerations
- 12.5 IDS Evasion
- 12.6 Firewalls
- 12.7 Packet Filtering Rules
- 12.8 Firewall Deployments
- 12.9 Split DNS
- 12.10 Firewall Product Types
- 12.11 Firewall Evasion
- 12.11.1 ACTIVITY - Busting the DOM for WAF Evasion
- 12.12 NAC and Endpoint Security
- 12.13 NAC and EDR Evasion
- 12.14 Honeypots
- 12.15 Evasion Countermeasures
- 12.16 Attack Detection and Prevention Review
Module 13: Hacking Web Servers
- 13.1 Web Server Operations
- 13.2 Hacking Web Servers
- 13.3 Common Web server Attacks
- 13.4 Webserver Attack Tools
- 13.5 AI and Webserver Attacks
- 13.6 Hacking Web Servers Countermeasures
- 13.7 Hacking Web Servers Review
Module 14: Hacking Web Applications
- 14.1 Web Application Concepts
- 14.2 Attacking Web Apps
- 14.3 A01 Broken Access Control
- 14.4 A02 Cryptographic Failures
- 14.5 A03 Injection
- 14.5.1 ACTIVITY - Command Injection
- 14.6 A04 Insecure Design
- 14.7 A05 Security Misconfiguration
- 14.8 A06 Vulnerable and Outdated Components
- 14.9 A07 Identification and Authentication Failures
- 14.10 A08 Software and Data integrity Failures
- 14.11 A09 Security Logging and Monitoring Failures
- 14.12 A10 Server-Side Request Forgery
- 14.13 XSS Attacks
- 14.14 CSRF
- 14.15 Parameter Tampering
- 14.15.1 ACTIVITY - Parameter Tampering with Burp Suite
- 14.16 Clickjacking
- 14.16.1 ACTIVITY - Clickjacking with XSS and iFrame Injection
- 14.17 SQL Injection
- 14.17.1 ACTIVITY - Using SQL Injection to Steal Sensitive Data
- 14.18 Insecure Deserialization Attacks
- 14.19 IDOR
- 14.19.1 ACTIVITY - IDOR Abuse with Burp Suite
- 14.20 Directory Traversal
- 14.20.1 ACTIVITY - Directory Traversal
- 14.21 Session Management Attacks
- 14.22 Response Splitting
- 14.23 Overflow Attacks
- 14.24 XXE Attacks
- 14.25 Web App DoS
- 14.26 Soap Attacks
- 14.27 AJAX Attacks
- 14.28 Web API Hacking
- 14.29 Webhooks and Web Shells
- 14.30 Web App Hacking Tools
- 14.31 AI and Web Application Attacks
- 14.32 Hacking Web Applications Countermeasures
- 14.33 Hacking Web Applications Review
Module 15: SQL Injection
- 15.1 SQL Injection Overview
- 15.2 Basic SQL Injection
- 15.3 Finding Vulnerable Websites
- 15.4 Error-based SQL Injection
- 15.5 Union SQL Injection
- 15.5.1 ACTIVITY - SQLi on a Live Website - Part 1
- 15.5.2 ACTIVITY - SQLi on a Live Website - Part 2
- 15.6 Blind SQL Injection
- 15.7 SQL Injection Tools
- 15.8 Evading Detection
- 15.9 Analyzing SQL Injection
- 15.10 SQL Injection Countermeasures
- 15.11 SQL Injection Review
Module 16: Hacking Wireless Networks
- 16.1 Wireless Concepts
- 16.2 Wireless Security Standards
- 16.3 WI-FI Discovery Tools
- 16.4 Common Wi-Fi Attacks
- 16.5 Wi-Fi Password Cracking
- 16.6 WEP Cracking
- 16.7 WPA,WPA2,WPA3 Cracking
- 16.7.1 ACTIVITY - WPA2 KRACK Attack
- 16.8 WPS Cracking
- 16.9 Bluetooth Hacking
- 16.10 Other Wireless Hacking
- 16.11 Wireless Security Tools
- 16.12 Wireless Hacking Countermeasures
- 16.13 Hacking Wireless Networks Review
Module 17: Hacking Mobile Platforms
- 17.1 Mobile Platform Overview
- 17.2 Mobile Device Attacks
- 17.3 Android Overview
- 17.4 Rooting Android
- 17.5 Android Exploits
- 17.5.1 ACTIVITY - Pwn a Mobile Device
- 17.6 Android-based Hacking Tools
- 17.7 Reverse Engineering an Android App
- 17.8 Securing Android
- 17.9 iOS Overview
- 17.10 Jailbreaking iOS
- 17.11 IOS Exploits
- 17.12 iOS-based Hacking Tools
- 17.13 Reverse Engineering an iOS App
- 17.14 Securing iOS
- 17.15 Mobile Device Management
- 17.16 Hacking Mobile Platforms Countermeasures
- 17.17 Hacking Mobile Platforms Review
Module 18: IoT Hacking & OT Hacking
- 18.1 IoT Overview
- 18.2 IoT Infrastructure
- 18.3 IoT Vulnerabilities and Threats
- 18.4 IoT Hacking Methodology and Tools
- 18.4.1 ACTIVITY - Card Cloning with Flipper Zero
- 18.5 IoT Hacking Countermeasures
- 18.6 OT Concepts
- 18.7 IT-OT Convergence
- 18.8 OT Components
- 18.9 OT Vulnerabilities
- 18.10 OT Attack Methodology and Tools
- 18.11 OT Hacking Countermeasures
- 18.12 IoT and OT Hacking Review
Module 19: Cloud Computing
- 19.1 Cloud Computing Concepts
- 19.2 Cloud Types
- 19.3 Cloud Benefits and Considerations
- 19.4 Cloud Risks and Vulnerabilities
- 19.5 AWS Hacking
- 19.5.1 ACTIVITY - AWS S3 Bucket Hacking
- 19.6 Azure Cloud Hacking
- 19.7 Google Cloud Hacking
- 19.8 Container Hacking
- 19.9 Cloud Threat Countermeasures
- 19.10 Cloud Computing Review
Module 20: Cryptography
- 20.1 Cryptography Concepts
- 20.2 Symmetric Encryption
- 20.2.1 ACTIVITY - Symmetric Encryption
- 20.3 Asymmetric Encryption
- 20.3.1 ACTIVITY - Asymmetric Encryption
- 20.4 Public Key Exchange
- 20.5 PKI
- 20.5.1 ACTIVITY - Generating and Using an Asymmetric Key Pair
- 20.6 Digital Signatures
- 20.7 Hashing
- 20.7.1 ACTIVITY - Calculating Hashes
- 20.8 Common Encryption Use Cases
- 20.9 Cryptography Tools
- 20.10 Cryptography Attacks
- 20.11 Cryptography Review
- 20.12 Course Conclusion
Module 21: Challenge Lab
- 21.1-ACTIVITY-Challenge-Lab-Introduction
- 21.2-ACTIVITY-Flag 1 - Port Authority, Please!
- 21.3-ACTIVITY-Flag 2 - Moo-ve Fast and Break Things
- 21.4-ACTIVITY-Flag 3 - Pixels, Packets & Patient X
- 21.5-ACTIVITY-Flag 4 - Hexes and Hashes
- 21.6-ACTIVITY-Flag 5 - APT & the PowerShell Symphony
- 21.7-ACTIVITY-Flag 6 - Script Kiddie's Revenge
- 21.8-ACTIVITY-Flag 7 - Oh Mannie, You Shouldn't Have!
- 21.9-ACTIVITY-Report
Add a review
Currently, we are not accepting new reviews
| 5 star | 82% | |
| 4 star | 17% | |
| 3 star | 1% | |
| 2 star | 0% | |
| 1 star | 0% |
1-5 of 81 reviews
Subscribe To All-Access
Lock In $16.99 / Month Forever
Access this course and over 3,000 hours of focused IT training. Start your first month for only $1.00. Then lock in only $16.99 / month for life.
- Get Every Course
- Free Updates / New Content Added
- 3,000+ Hours of Training
- Price Lock Guarantee
- Games / Flashcards
- 21,000+ Practice Questions
$49.99 $16.99 Monthly
OR
$49.00
good
Smooth delivery and easy access to LMS. Good to see that the LMS offers progress tracking. Would be great if badges were offered on completion of courses to share via Credly to future employers.