Certified Ethical Hacker
Career Path
Learn to combat the bad actors in this Certified Ethical Hacker career path training. This advanced training series teaches you the skills needed to detect vulnerabilities and weaknesses in computer systems and networks, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.
This Ethical Hacker Career Path Features
Closed Captions
Certificate of Completion
Embark on a journey to mastering ethical hacking with our in-depth training series! Tailored for those aiming to become Certified Ethical Hackers, this series offers a blend of theoretical knowledge and practical skills. Whether you’re looking to enhance your cybersecurity expertise, delve into advanced penetration testing, or achieve EC-Council’s CEH certification, our expert-led courses have you covered. Perfect for IT security professionals, system administrators, and anyone passionate about defending cyberspace. Enroll today and equip yourself with the tools and techniques to thrive in the ever-evolving landscape of ethical hacking!
The Role of A Certified Ethical Hacker
Certified Ethical Hackers play a crucial role in safeguarding information systems by simulating cyber attacks to identify vulnerabilities.Â
Â
Their duties typically include:
Â
- Conducting Vulnerability Assessments: Scanning systems and networks to identify and report security vulnerabilities.
- Performing Penetration Testing: Simulating cyber attacks on systems, networks, and applications to evaluate their security.
- Analyzing Security Policies: Reviewing and suggesting improvements to existing security policies and procedures.
- Ensuring Compliance with Security Standards: Ensuring systems comply with security standards like ISO 27001, HIPAA, or PCI-DSS.
- Reporting and Documentation: Documenting the findings from security assessments and suggesting remediation strategies.
- Developing Security Solutions: Creating and implementing security solutions to defend against cyber threats.
- Educating and Training Staff: Conducting training sessions for staff on security awareness and best practices.
- Staying Updated with Latest Threats: Keeping abreast of the latest cybersecurity trends, threats, and countermeasures.
- Incident Handling and Response: Responding to and investigating security breaches or incidents.
- Collaborating with IT Teams: Working closely with IT teams to ensure secure network architecture and system configurations.
Your Learning Path
Start Here
1Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50) Course Content
24 Hours 03 Minutes 113 Videos 30 Prep Questions
This course lays the essential groundwork for aspiring ethical hackers, introducing the fundamental concepts of cybersecurity and ethical hacking. It provides the necessary base upon which more advanced skills are built, ensuring a solid understanding of the ethical and legal aspects of hacking.
Module 1 - CEH v11 Foundations Course Introduction
1.1 About this course: CEH Foundations
1.2 About the Instructor
Module 2 - CEH v11 Introduction To Networking
2.1 Networking Overview
2.2 Network Scope
2.3 Network Addressing
2.4 Activity - Examining Network Addressing
Module 3 - CEH v11 Lan Components
3.1 Protocols, Ports, Sockets
3.2 Network Topologies
3.3 LAN Devices
3.4 LAN Devices Part 2
3.5 VLANs
3.6 Activity - Examining Ports and Sockets
3.7 Activity - Examining Switches and VLANs
Module 4 - CEH v11 Routing and Network Access
4.1 Routers
4.2 Layer 3 Switches
4.3 Modems and Remote Access
4.4 Firewalls and Proxies
4.5 Activity - Examining Routing
4.6 Activity - Examining VLAN Routing
4.7 Activity - Examining Firewall Rules
Module 5 - CEH v11 Intrusion Detection and Network Layers
5.1 IDS and IPS
5.2 OSI Model
5.3 TCP-IP
5.4 Activity - Examining Network Layers
Module 6 - CEH v11 Networking Protocols and Addressing
6.1 Layer 4 Protocols
6.2 Layer 3 Protocols
6.3 Layer 2 Protocols
6.4 IP Addressing
6.5 Subnetting
6.6 DHCP
6.7 Activity - Examining TCP
6.8 Activity - Examining UDP
6.9 Activity - Examining IP
6.10 Activity - Examining ICMP
6.11 Activity - Examining ARP
Module 7 - CEH v11 Network Services
7.1 DNS
7.2 DNS Records
7.3 NTP
7.4 Authentication
7.5 Biometrics
7.6 Activity - Examining DNS
7.7 Activity - Examining DNS Records
Module 8 - CEH v11 Access Control
8.1 Local Authentication
8.2 Directory Service Authentication
8.3 Extending Authentication
8.4 Authorization
8.5 Activity - Testing Access Control
Module 9 - CEH v11 Intro to Linux
9.1 Linux Overview
9.2 Linux File System
9.3 Linux Core Commands
9.4 Linux Search and Read Commands
9.5 Activity - Exploring Linux
9.6 Activity - Using Linux Core Commands
9.7 Activity - Using Linux Search Commands
9.8 Activity - Using Linux Read Commands
Module 10 - CEH v11 Configuring Linux
10.1 Linux File Permissions
10.2 Linux Special Permissions
10.3 Linux Configuration
10.4 Linux Packages
10.5 Linux User Management
Module 11 - CEH v11 Practicing Linux Configuration
11.1 Activity - Setting Linux Permissions
11.2 Activity - Setting Linux Special Permissions
11.3 Activity - Managing Packages in Kali Linux
11.4 Activity - Managing Users and Groups in Linux
Module 12 - CEH v11 Managing Linux
12.1 Linux Job Scheduling
12.2 Linux File, Directory, and Download Commands
12.3 Linux System Commands
12.4 Linux Network Management
12.5 Linux Firewall
Module 13 - CEH v11 Practicing Linux Management
13.1 Activity - Scheduling Tasks in Linux
13.2 Activity - Using Linux File, Directory, and Download Commands
13.3 Activity - Using Linux Edit and Archive Commands
13.4 Activity - Compiling Malicious Code
13.5 Activity - Using Linux Process and System Commands
13.6 Activity - Using Linux Disk, Hardware, and Network Commands
Module 14 - CEH v11 Intro to Windows
14.1 Windows Overview
14.2 Windows Registry
14.3 Windows Security
Module 15 - CEH v11 Windows Commands
15.1 Windows Commands
15.2 Windows Admin Commands
15.3 Windows Network Commands
15.4 Windows Run Line Commands
15.5 Windows PowerShell
Module 16 - CEH v11 Practicing Windows Commands
16.1 Activity - Using Windows Built-in Commands
16.2 Activity - Using Windows Task Commands
16.3 Activity - Using Windows Admin Commands
16.4 Activity - Using Windows Network Commands
16.5 Activity - Using Windows PowerShell
16.6 Networking and OS Penetration Testing
16.7 Review
Module 17 - CEH v11 Intro to Hacking
17.1 Information Security Overview
17.2 Hacking Concepts
17.3 Ethical Hacking Concepts
17.4 Penetration Testing
17.5 Penetration Testing Part 2
17.6 Activity - Performing a Static Code Review
Module 18 - CEH v11 Information Security
18.1 Cyber Kill Chain Concepts
18.2 Activity - Performing Weaponization
18.3 Information Security
18.4 Security Policies
18.5 Security Controls
18.6 Access Control
Module 19 - CEH v11 Protecting Data
19.1 Data Protection
19.2 Backup Sites
19.3 Vulnerability Management
19.4 SIEM
19.5 Risks
Module 20 - CEH v11 Managing Risk
20.1 Risk Management
20.2 Incident Handling
20.3 Information Security Laws and Standards
20.4 Activity - Assessing Risk
20.5 Ethical Hacking Penetration Testing
20.6 Review
20.7 Conclusion
2Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50) Course Content
22 Hours 15 Minutes 180 Videos 34 Prep Questions
Building on the foundations, this course dives into the core practices of ethical hacking, focusing on penetration testing and vulnerability assessment techniques. It equips learners with practical skills to identify and exploit system weaknesses, a critical step in developing real-world cybersecurity expertise.
Module 21 - CEH v11 Ethical Hacker Course Intro
21.1 About this course - Ethical Hacker
21.2 About the Instructor
Module 22 - CEH v11 Intro to Footprinting
22.1 Footprinting Concepts
22.2 Footprinting Methodology
22.3 OSINT Tools
22.4 Advanced Google Search
22.5 Whois Footprinting
22.6 Activity - Performing a Whois Lookup
Module 23 - CEH v11 Footprinting Network Services
23.1 DNS Footprinting
23.2 Website Footprinting
23.3 Email Footprinting
23.4 Network Footprinting
23.5 Footprinting through Social Networking Sites
Module 24 - CEH v11 Defend Against Footprinting
24.1 Competitive Intelligence Gathering
24.2 Footprinting Countermeasures
24.3 Footprinting Penetration Testing
24.4 Review
Module 25 - CEH v11 Intro to Scanning
25.1 Scanning Concepts
25.2 ICMP Discovery Scans
25.3 Other Discovery Scans
Module 26 - CEH v11 Port Scanning
26.1 Ports
26.2 TCP Flags and Handshakes
26.3 TCP Scan Types
26.4 Other Scanning Techniques
Module 27 - CEH v11 Vulnerability Scanning
27.1 Banner Grabbing
27.2 Vulnerability Scanning
27.3 SSDP Scanning
Module 28 - CEH v11 NMAP
28.1 Nmap
28.2 Common Nmap Scans
28.3 Nmap Options
28.4 Nmap Stealth Scans
28.5 Hping and Other Scanners
Module 29 - CEH v11 Firewalls and Intrusion Detection
29.1 Firewall Types
29.2 Firewall Features
29.3 Firewall Features Part 2
29.4 Firewall Configurations
29.5 Intrusion Detection and Prevention
Module 30 - CEH v11 Evading Detection
30.1 Firewall and IDS Evasion
30.2 Firewall and IDS Evasion Part 2
30.3 Firewalking
30.4 Probing a Firewall
30.5 Probing a Firewall Part 2
Module 31 - CEH v11 Proxies and VPNs
31.1 Proxies
31.2 VPNs
31.3 Tor
31.4 Scanning Countermeasures
31.5 Scanning Penetration Testing
31.6 Review
Module 32 - CEH v11 Accessing Vulnerability
32.1 Vulnerability Assessment Overview
32.2 Vulnerability Scoring Systems
32.3 Vulnerability Assessment Tools
Module 33 - CEH v11 Vulnerability Research
33.1 Scanner Output and Reports
33.2 Vulnerability Research
33.3 Review
Module 34 - CEH v11 Intro to Enumeration
34.1 Enumeration Concepts
34.2 Enumeration Techniques and Tools
34.3 Service and Application Enumeration
34.4 SMB and NetBIOS Enumeration
Module 35 - CEH v11 Service Enumeration
35.1 SNMP Enumeration
35.2 LDAP Enumeration
35.3 DNS Enumeration
35.4 SMTP Enumeration
35.5 NTP Enumeration
Module 36 - CEH v11 Advanced Enumeration
36.1 Remote Connection Enumeration
36.2 File Transfer Enumeration
36.3 VoIP Enumeration
36.4 IPSEC Enumeration
36.5 IPv6 Enumeration
36.6 BGP Enumeration
Module 37 - CEH v11 Command Line Enumeration
37.1 Windows Command Line Enumeration
37.2 Linux Command Line Enumeration
37.3 Linux Command Line Enumeration Part 2
Module 38 - CEH v11 Defending Against Enumeration
38.1 Enumeration Countermeasures
38.2 Enumeration Countermeasures Part 2
38.3 Enumeration Penetration Testing
38.4 Review
Module 39 - CEH v11 Intro to System Hacking
39.1 System Hacking Concepts
39.2 System Hacking Tools and Frameworks
39.3 Searchsploit
39.4 Compiling and Running Exploits
Module 40 - CEH v11 System Hacking with Metasploit
40.1 Metasploit
40.2 Metasploit Search
40.3 Metasploit Exploits and Payloads
40.4 Metasploit Meterpreter
40.5 Metasploit Connectivity
40.6 Metasploit Impersonation and Migration
Module 41 - CEH v11 Further Attacking a Compromised System
41.1 Netcat
41.2 Pivoting
41.3 Netcat Relays
41.4 Metasploit Post Exploitation Modules
41.5 Common Operating System Exploits
Module 42 - CEH v11 Hacking an Operating System
42.1 Hacking Windows
42.2 Hacking Linux
42.3 Network Service Exploits
42.4 Password Attacks
Module 43 - CEH v11 Password Cracking Overview
43.1 Dictionary Attack
43.2 Brute Force Attack
43.3 Password Spraying
43.4 Rainbow Tables
Module 44 - CEH v11 Performing Password Attacks
44.1 Network Service Password Attacks
44.2 Password Cracking Tools
44.3 Online Password Cracking Sites
44.4 Windows Password Cracking
44.5 Linux Password Cracking
44.6 Other Methods for Obtaining Passwords
Module 45 - CEH v11 Using Exploits
45.1 Keylogging
45.2 Spyware
45.3 Rootkits
45.4 Buffer Overflows
45.5 Privilege Escalation
45.6 Hiding Files
Module 46 - CEH v11 Hiding Information
46.1 Alternate Data Streams
46.2 Steganography
46.3 Creating and Maintaining Remote Access
46.4 Hiding Evidence
Module 47 - CEH v11 Covering Tracks
47.1 Covering Tracks in Windows
47.2 Covering Tracks in Linux
47.3 System Hacking Counter-Measures
47.4 System Hacking Penetration Testing
47.5 Review
Module 48 - CEH v11 Malware Overview
48.1 Intro to Malware
48.2 Virus Overview
48.3 Virus Types
48.4 Self-Hiding Viruses
48.5 Worms
48.6 Trojans
48.7 Trojan Types
48.8 RATS
Module 49 - CEH v11 Hacking With Malware
49.1 Ransomware
49.2 Botnets
49.3 Covert Channel Trojans
49.4 Banking Trojans
49.5 Rootkits
Module 50 - CEH v11 Creating Malware
50.1 Other Malware
50.2 Malware Makers
50.3 Dropper and Stage Creation
50.4 Exploit Kits
Module 51 - CEH v11 Detecting Malware
51.1 Malware Detection
51.2 Malware Detection Part 2
51.3 Malware Analysis
Module 52 - CEH v11 Defending Against Malware
52.1 Malware Reverse Engineering
52.2 Malware Countermeasures
52.3 Malware Penetration Testing
52.4 Review
Module 53 - CEH v11 Sniffing
53.1 Sniffing Concepts
53.2 Types of Sniffing
53.3 Sniffing Protocols
53.4 Sniffing Tools
Module 54 - CEH v11 Spoofing and MITM
54.1 ARP
54.2 ARP Spoofing
54.3 MITM
54.4 MAC Attacks
54.5 MAC Spoofing
54.6 DHCP Attacks
Module 55 - CEH v11 Defending Against Poisoning and Sniffing
55.1 Name Resolution Poisoning
55.2 VLAN Hopping
55.3 Sniffing Counter Measures
55.4 Sniffing Penetration Testing
55.5 Review
Module 56 - CEH v11 Social Engineering
56.1 Social Engineering Concepts
56.2 Social Engineering Techniques
56.3 Social Engineering Examples
56.4 Social Engineering Tools
Module 57 - CEH v11 Defending Against Social Engineering
57.1 Social Media
57.2 Identity Theft
57.3 Insider Threats
57.4 Social Engineering Countermeasures
57.5 Social Engineering Penetration Testing
57.6 Review
Module 58 - CEH v11 Denial-of-Service
58.1 DoS-DDoS Concepts
58.2 Volumetric Attacks
58.3 Fragmentation Attacks
58.4 State Exhaustion Attacks
58.5 Application Layer Attacks
Module 59 - CEH v11 Advanced DoS Attacks
59.1 Protocol Attacks
59.2 Other Attacks
59.3 Botnets
Module 60 - CEH v11 Defending Against Denial-of-Service
60.1 DoS-DDoS Attack Tools
60.2 DoS-DDoS Countermeasures
60.3 Dos Penetration Testing
60.4 Review
3Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50) Course Content
24 Hours 01 Minutes 189 Videos 36 Prep Questions
This advanced course takes learners deeper into the world of ethical hacking, covering sophisticated attack strategies and defense mechanisms. It's designed to refine the skills of participants, preparing them for complex security challenges and enhancing their problem-solving abilities in cybersecurity.
Module 61 - CEH v11 Advanced Ethical Hacker Course Intro
61.1 About This Course: Advanced Ethical Hacker
61.2 About the Instructor
Module 62 - CEH v11 Session Hjacking
62.1 Session Hijacking Concepts
62.2 Token-based Authentication
62.3 Compromising a Session Token
62.4 XSS
62.5 CSRF
62.6 Other Attacks
Module 63 - CEH v11 Defending Against Hijacking
63.1 Network Level Hijacking
63.2 Session Hijacking Tools
63.3 Session Hijacking Countermeasures
63.4 Session Penetration Hijacking
63.5 Review
Module 64 - CEH v11 Implementing Intrusion Detection
64.1 IDS-IPS
64.2 Snort
64.3 Snort Rules
64.4 Syslog
Module 65 - CEH v11 Testing Intrusion Detection
65.1 WIPS
65.2 IDS Considerations
65.3 IDS Tools
65.4 IDS Evasion
65.5 IDS-Firewall Evasion Tools
65.6 IDS Scenerios
Module 66 - CEH v11 Implementing Firewalls
66.1 Firewalls
66.2 Packet Filtering Rules
66.3 Firewall Deployments
66.4 Traffic Flow through Firewalls
66.5 Split DNS
Module 67 - CEH v11 Testing Firewallls
67.1 Firewall Tools
67.2 Firewall Evasion
67.3 Firewall Scenarios
Module 68 - CEH v11 Implementing Honeypots
68.1 Honeypots
68.2 Honeypot Detection
68.3 IDS-Firewall Evasion Countermeasures
68.4 IDS-Firewall Honeypot Penetration Testing
68.5 Review
Module 69 - CEH v11 Attacker Webserver
69.1 Webserver Security Overview
69.2 Common Webservers
69.3 Webserver Attacks
69.4 Misconfiguration Attack Examples
Module 70 - CEH v11 Webserver Defense
70.1 Webserver Attack Tools
70.2 Attack Countermeasures
70.3 Webserver Penetration Testing
70.4 Review
Module 71 - CEH v11 Intro To Web Apps
71.1 Web Application Concepts
71.2 Attacking Web Apps
Module 72 - CEH v11 OWASP Top 5 Web App Vulnerabilities
72.1 A01 - Broken Access Control
72.2 A02 - Cryptographic Failures
72.3 A03 - Injection
72.4 A04 - Insecure Design
72.5 A05 - Security Misconfiguration
Module 73 - CEH v11 OWASP Additional Web App Vulnerabilities
73.1 A06 - Vulnerable and Outdated Components
73.2 A07 - Identification and Authentication Failures
73.3 A08 - Software and Data Integrity Failures
73.4 A09 - Security Logging and Monitoring
73.5 A10 - Server Side Request Forgery
Module 74 - CEH v11 Common Web App Attacks
74.1 XSS Attacks
74.2 CSRF
74.3 Parameter Tampering
74.4 Clickjacking
74.5 SQL Injection
Module 75 - CEH v11 Unauthorized Access Through Web Apps
75.1 Insecure Deserialization Attacks
75.2 IDOR
75.3 Directory Traversal
75.4 Session Management Attacks
75.5 Response Splitting
Module 76 - CEH v11 Web App Overflow Attacks
76.1 Denial of Service
76.2 Overflow Attacks
76.3 XXE Attacks
76.4 Soap Attacks
76.5 Ajax Attacks
Module 77 - CEH v11 Defending Web Apps
77.1 Web App Hacking Tools
77.2 Web Hacking Countermeasures
77.3 Web Application Penetration Testing
77.4 Review
Module 78 - CEH v11 Intro To SQL Injection
78.1 SQL Overview
78.2 SQL Injection Concepts
78.3 Basic SQL Injection
Module 79 - CEH v11 Performing SQL Injection
79.1 Finding Vulnerable Websites
79.2 Error-based SQL Injection
79.3 Union SQL Injection
79.4 Blind SQL Injection
79.5 SQL Injection Scenarios
79.6 Evading Detection
Module 80 - CEH v11 Defending Against SQL Injection
80.1 SQL Injection Tools
80.2 SQL Injection Countermeasures
80.3 Safe Coding Examples
80.4 SQL Wildcards
80.5 SQL Injection Penetration Testing
80.6 Review
Module 81 - CEH v11 Wireless Networking Overview
81.1 Wireless Concepts
81.2 Wireless Signal Encoding
81.3 Wi-Fi Standards
81.4 Wi-Fi Antennas
81.5 Wireless Authentication
Module 82 - CEH v11 Wi-Fi Security
82.1 Wi-Fi Security Standards
82.2 Wireless Network Troubleshooting Tools
82.3 Wi-Fi Discovery Tools
82.4 Sniffing Wi-Fi
Module 83 - CEH v11 Hacking Wi-Fi
83.1 Wi-Fi Attack Types
83.2 Wi-Fi Rogue Access Point Attacks
83.3 Wi-Fi Denial of Service Attacks
83.4 Wi-Fi Password Cracking Attacks
83.5 WEP Cracking
Module 84 - CEH v11 Advanced Wireless Attacks
84.1 WPA-WPA2 Cracking
84.2 WPA3 Attacks
84.3 WPS Cracking
84.4 Wi-Fi Attack Tools for Mobile Devices
84.5 Bluetooth Hacking
84.6 Other Wireless Hacking
Module 85 - CEH v11 Defending Wireless Networks
85.1 Wireless Hacking Countermeasures
85.2 Wireless Security Tools
85.3 Wireless Penetration Testing
85.4 Review
Module 86 - CEH v11 Mobile Platform Overview
86.1 Mobile Platform Overview
86.2 Mobile Device Vulnerabilities
86.3 Mobile Device Attacks
Module 87 - CEH v11 Hacking Android
87.1 Android
87.2 Android Vulnerabilities
87.3 Rooting Android
87.4 Android Exploits
87.5 Android Hacking Tools
87.6 Reverse Engineering an Android App
87.7 Securing Android
Module 88 - CEH v11 Hacking iOS
88.1 iOS
88.2 iOS Vulnerabilities
88.3 Jailbreaking iOS
88.4 iOS Exploits
88.5 iOS Hacking Tools
88.6 Securing iOS
Module 89 - CEH v11 Mobile Platform Defense
89.1 Mobile Device Management
89.2 BYOD
89.3 Mobile Security Guidelines and Tools
89.4 Mobile Device Penetration Testing
89.5 Review
Module 90 - CEH v11 IoT Hacking
90.1 loT Concepts
90.2 loT Infrastructure
90.3 Fog Computing
90.4 loT Vulnerabilities
90.5 loT Threats
Module 91 - CEH v11 IoT Defense
91.1 IoT Hacking Methodologies and Tools
91.2 IoT Hacking Methodolgies and Tools Part 2
91.3 Hacking Countermeasures
91.4 IoT Penetration Testing
91.5 OT Concepts
91.6 Industrial IoT
Module 92 - CEH v11 Operational Technology Overview
92.1 IT-OT Convergence
92.2 ICS
92.3 SCADA
92.4 DCS
92.5 RTU
92.6 PLC
92.7 Addition OT Components
Module 93 - CEH v11 Hacking OT
93.1 OT Variables
93.2 Well-known OT attacks
93.3 OT Attack Methodology and Basic Tools
93.4 OT Reconnaissance
93.5 OT Penetration and Control
Module 94 - CEH v11 Defending OT
94.1 OT Attack Tools
94.2 OT Hacking Countermeasures
94.3 OT Penetration Testing
94.4 Review
Module 95 - CEH v11 Attacking The Cloud
95.1 Cloud Computing Concepts
95.2 Virtualization
95.3 Cloud Types
95.4 Cloud Benefits and Considerations
95.5 Cloud Risks and Vulnerablilities
Module 96 - CEH v11 Cloud Defense
96.1 Cloud Threats and Countermeasures
96.2 Cloud Security Tools
96.3 Cloud Security Best Practices
96.4 Cloud Penetration Testing
96.5 Review
Module 97 - CEH v11 Cryptography Overview
97.1 Cryptography Concepts
97.2 Symetric Encryption
97.3 Asymmetric Encryption
97.4 Public Key Exchange
97.5 PKI
Module 98 - CEH v11 Protecting Data With Crytography
98.1 Digital Certificates
98.2 Digital Signatures
98.3 Hashing
98.4 Email Encryption
98.5 Network Communication Encryption
Module 99 - CEH v11 Protecting Data at Home and in Transit
99.1 Disk Encryption
99.2 VPN Encryption
99.3 Cryptography Tools
Module 100 - CEH v11 Pentesting Cryptography
100.1 Cryptography Attacks
100.2 Cryptography Penetration Testing
100.3 Review
100.4 Conclusion
4Certified Ethical Hacker (CEH) v12 Course Content
56 Hours 21 Minutes 322 Videos 220 Prep Questions
The latest in the series, this course integrates the newest technologies, tools, and trends in ethical hacking. It ensures that learners are up-to-date with current cybersecurity challenges, making them well-prepared and versatile in addressing evolving threats and vulnerabilities in the cyber landscape.
Module 1 - Introduction To Ethical Hacking
1.0 Introduction to CEH v12
1.1 Elements of Security
1.2 Cyber Kill Chain
1.3 MITRE ATT&CK Framework
1.3.1 Activity - Researching the MITRE ATTACK Framework
1.4 Hacking
1.5 Ethical Hacking
1.6 Information Assurance
1.7 Risk Management
1.8 Incident Management
1.9 Information Security Laws and Standards
1.10 Introduction to Ethical Hacking Review
Module 2: Footprinting and Reconnaissance
2.1 Footprinting Concepts
2.2 OSINT Tools
2.2.1 Activity - Conduct OSINT with OSR Framework
2.2.2 Activity - OSINT with theHarvester
2.2.3 Activity - Add API Keys to theHarvester
2.2.4 Activity - Extract Document Metadata with FOCA
2.2.5 Activity - Extract Document Metadata with FOCA
2.3 Advanced Google Search
2.3.1 Activity - Google Hacking
2.4 Whois Footprinting
2.4.1 Activity - Conducting Whois Research
2.5 DNS Footprinting
2.5.1 Activity - Query DNS with NSLOOKUP
2.6 Website Footprinting
2.6.1 Activity - Fingerprint a Webserver with ID Serve
2.6.2 Activity - Extract Data from Websites
2.6.3 Activity - Mirror a Website with HTTrack
2.7 Email Footprinting
2.7.1 Activity - Trace a Suspicious Email
2.8 Network Footprinting
2.9 Social Network Footprinting
2.10 Footprinting and Reconnaissance Countermeasures
2.11 Footprinting and Reconnaissance Review
Module 3: Scanning Networks
3.1 Scanning Concepts
3.2 Discovery Scans
3.2.1 Activity - ICMP ECHO and ARP Pings
3.2.2 Activity - Host Discovery with Angry IP Scanner
3.3 Port Scans
3.3.1 Activity - Port Scan with Angry IP Scanner
3.4 Other Scan Types
3.5 Scanning Tools
3.5.1 Activity - Hping3 Packet Crafting
3.5.2 Activity - Fingerprinting with Zenmap
3.6 NMAP
3.6.1 Activity - Nmap Basic Scans
3.6.2 Activity - Host Discovery with Nmap
3.6.3 - Activity - Nmap Version Detection
3.6.4 Activity - Nmap Idle (Zombie) Scan
3.6.5 Activity - Nmap FTP Bounce Scan
3.6.6 - Activity - NMAP Scripts
3.7 Firewall and IDS Evasion
3.7.1 Activity - Nmap Advanced Scans
3.8 Proxies
3.9 Scanning Countermeasures
3.10 Scanning Networks Review
Module 4: Enumeration
4.1 Enumeration Overview
4.2 SMB_NetBIOS_Enumeration
4.2.1 Activity - Enumerate NetBIOS Information with Hyena
4.3 File Transfer Enumeration
4.4 WMI Enumeration
4.4.1 - Activity - Enumerating WMI with Hyena
4.5 SNMP Enumeration
4.5.1 Activity - Enumerate WMI, SNMP and Other Information Using SoftPerfect
4.6 LDAP Enumeration
4.7 DNS Enumeration
4.8 SMTP Enumeration
4.8.1 Activity - Enumerate Email Users with SMTP
4.9 Remote Connection Enumeration
4.10 Website Enumeration
4.10.1 Activity - Enumerate a Website with DirBuster
4.11 Other Enumeration Types
4.12 Enumeration Countermeasures and Review
Module 5: Vulnerability Analysis
5.1 Vulnerability Scanning
5.1.1 Vulnerability Scanning with OpenVAS
5.2 Vulnerability Assessment
5.3 Vulnerability Analysis Review
Module 6: System Hacking
6.1 System Hacking Concepts
6.2 Common OS Exploits
6.3 Buffer Overflows
6.3.1 Activity - Performing a Buffer Overflow
6.4 System Hacking Tools and Frameworks
6.4.1 Activity - Hack a Linux Target from Start to Finish
6.5 Metasploit
6.5.1 Activity - Get Started with Metasploit
6.6 Meterpreter
6.7 Keylogging and Spyware
6.7.1 Activity - Keylogging with Meterpreter
6.8 Netcat
6.8.1 Activity - Using Netcat
6.9 Hacking Windows
6.9.1 Activity - Hacking Windows with Eternal Blue
6.10 Hacking Linux
6.11 Password Attacks
6.11.1 Activity - Pass the Hash
6.11.2 Activity - Password Spraying
6.12 Password Cracking Tools
6.13 Windows Password Cracking
6.13.1 Activity - Cracking Windows Passwords
6.13.2 Activity - Cracking Password Hashes with Hashcat
6.14 Linux Password Cracking
6.15 Other Methods for Obtaining Passwords
6.16 Network Service Attacks
6.16.1 Activity - Brute Forcing a Network Service with Medusa
6.17 Post Exploitation
6.18 Pivoting
6.18.1 & 6.18.2 Activity - Pivoting Setup and Attack
6.19 Maintaining Access
6.19.1 Activity - Persistence
6.20 Hiding Data
6.20.1 Activity - Hiding Data Using Least Significant Bit Steganography
6.21 Covering Tracks
6.21.1 Activity - Clearing Tracks in Windows
6.21.2 Activity - View and Clear Audit Policies with Auditpol
6.22 System Hacking Countermeasures
6.23 System Hacking Review
Module 7: Malware Threats
7.1 Malware Overview
7.2 Viruses
7.3 Trojans
7.3.1 Activity - Deploying a RAT
7.4 Rootkits
7.5 Other Malware
7.6 Advanced Persistent Threat
7.7 Malware Makers
7.7.1 Activity - Creating a Malware Dropper and Handler
7.8 Malware Detection
7.9 Malware Analysis
7.9.1 Activity - Performing a Static Code Review
7.9.2 Activity - Analyzing the SolarWinds Orion Hack
7.10 Malware Countermeasures
7.11 Malware Threats Review
Module 8: Sniffing
8.1 Network Sniffing
8.2 Sniffing Tools
8.2.1 Activity- Sniffing HTTP with Wireshark
8.2.2 Activity - Capturing Files from SMB
8.3 ARP and MAC Attacks
8.3.1 Activity - Performing an MITM Attack with Ettercap
8.4 Name Resolution Attacks
8.4.1 Activity - Spoofing Responses with Responder
8.5 Other Layer 2 Attacks
8.6 Sniffing Countermeasures
8.7 Sniffing Review
Module 9: Social Engineering
9.1 Social Engineering Concepts
9.2 Social Engineering Techniques
9.2.1 Activity - Deploying a Baited USB Stick
9.2.2 Activity - Using an O.MG Lightning Cable
9.3 Social Engineering Tools
9.3.1 Activity - Phishing for Credentials
9.4 Social Media, Identity Theft, Insider Threats
9.5 Social Engineering Countermeasures
9.6 Social Engineering Review
Module 10: Denial-of-Service
10.1 DoS-DDoS Concepts
10.2 Volumetric Attacks
10.3 Fragmentation Attacks
10.4 State Exhaustion Attacks
10.5 Application Layer Attacks
10.5.1 Activity - Performing a LOIC Attack
10.5.2 Activity - Performing a HOIC Attack
10.5.3 Activity - Conducting a Slowloris Attack
10.6 Other Attacks
10.7 DoS Tools
10.8 DoS Countermeasures
10.9 DoS Review
Module 11: Session Hijacking
11.1 Session Hijacking
11.2 Compromising a Session Token
11.3 XSS
11.4 CSRF
11.5 Other Web Hijacking Attacks
11.6 Network-Level Session Hijacking
11.6.1 Activity - Hijack a Telnet Session
11.7 Session Hijacking Tools
11.8 Session Hijacking Countermeasures
11.9 Session Hijacking Review
Module 12: Evading IDS, Firewalls, and Honeypots
12.1 Types of IDS
12.2 Snort
12.3 System Logs
12.4 IDS Considerations
12.5 IDS Evasion
12.5.1 Activity - Fly Below IDS Radar
12.6 Firewalls
12.7 Packet Filtering Rules
12.8 Firewall Deployments
12.9 Split DNS
12.10 Firewall Product Types
12.11 Firewall Evasion
12.11.1 Activity - Use Social Engineering to Bypass a Windows Firewall
12.11.2 Activity - Busting the DOM for WAF Evasion
12.12 Honeypots
12.13 Honeypot Detection and Evasion
12.13.1 Activity - Test and Analyze a Honey Pot
12.14 Evading IDS, Firewalls, and Honeypots Review
Module 13: Hacking Web Servers
13.1 Web Server Operations
13.2 Hacking Web Servers
13.3 Common Web Server Attacks
13.3.1 Activity - Defacing a Website
13.4 Web Server Attack Tools
13.5 Hacking Web Servers Countermeasures
13.6 Hacking Web Servers Review
Module 14: Hacking Web Applications
14.1 Web Application Concepts
14.2 Attacking Web Apps
14.3 A01 Broken Access Control
14.4 A02 Cryptographic Failures
14.5 A03 Injection
14.5.1 Activity - Command Injection
14.6 A04 Insecure Design
14.7 A05 Security Misconfiguration
14.8 A06 Vulnerable and Outdated Components
14.9 A07 Identification and Authentication Failures
14.10 A08 Software and Data integrity Failures
14.11 A09 Security Logging and Monitoring Failures
14.12 A10 Server-Side Request Forgery
14.13 XSS Attacks
14.13.1 Activity - XSS Walkthrough
14.13.2 Activity - Inject a Malicious iFrame with XXS
14.14 CSRF
14.15 Parameter Tampering
14.15.1 Activity - Parameter Tampering with Burp
14.16 Clickjacking
14.17 SQL Injection
14.18 Insecure Deserialization Attacks
14.19 IDOR
14.19.1 Activity - Hacking with IDOR
14.20 Directory Traversal
14.21 Session Management Attacks
14.22 Response Splitting
14.23 Overflow Attacks
14.24 XXE Attacks
14.25 Web App DoS
14.26 Soap Attacks
14.27 AJAX Attacks
14.28 Web API Hacking
14.29 Webhooks and Web Shells
14.30 Web App Hacking Tools
14.31 Hacking Web Applications Countermeasures
14.32 Hacking Web Applications Review
Module 15: SQL Injection
15.1 SQL Injection Overview
15.2 Basic SQL Injection
15.3 Finding Vulnerable Websites
15.4 Error-based SQL Injection
15.5 Union SQL Injection
15.5.1 Activity - Testing SQLi on a Live Website - Part 1
15.5.2 Activity - Testing SQLi on a Live Website - Part 2
15.6 Blind SQL Injection
15.7 SQL Injection Tools
15.7.1 Activity - SQL Injection Using SQLmap
15.8 Evading Detection
15.9 Analyzing SQL Injection
15.10 SQL Injection Countermeasures
15.11 SQL Injection Review
Module 16: Hacking Wireless Networks
16.1 Wireless Concepts
16.2 Wireless Security Standards
16.3 WI-FI Discovery Tools
16.4 Common Wi-Fi Attacks
16.5 Wi-Fi Password Cracking
16.6 WEP Cracking
16.6.1 Activity - Cracking WEP
16.7 WPA,WPA2,WPA3 Cracking
16.7.1 Activity - WPA KRACK Attack
16.8 WPS Cracking
16.9 Bluetooth Hacking
16.10 Other Wireless Hacking
16.10.1 Activity - Cloning an RFID badge
16.10.2 Activity - Hacking with a Flipper Zero
16.11 Wireless Security Tools
16.12 Wireless Hacking Countermeasures
16.13 Hacking Wireless Networks Review
Module 17: Hacking Mobile Platforms
17.1 Mobile Device Overview
17.2 Mobile Device Attacks
17.3 Android Vulnerabilities
17.4 Rooting Android
17.5 Android Exploits
17.5.1 Activity - Hacking Android
17.5.2 Activity - Using a Mobile Device in a DDoS Campaign
17.6 Android-based Hacking Tools
17.7 Reverse Engineering an Android App
17.8 Securing Android
17.9 iOS Overview
17.10 Jailbreaking iOS
17.11 iOS Exploits
17.12 iOS-based Hacking Tools
17.13 Reverse Engineering an iOS App
17.14 Securing iOS
17.15 Mobile Device Management
17.16 Hacking Mobile Platforms Countermeasures
17.17 Hacking Mobile Platforms Review
Module 18: IoT AND OT Hacking
18.1 IoT Overview
18.2 IoT Infrastructure
18.3 IoT Vulnerabilities and Threats
18.3.1 Activity - Searching for Vulnerable IoT Devices
18.4 IoT Hacking Methodology and Tools
18.5 IoT Hacking Countermeasures
18.6 OT Concepts
18.7 IT-OT Convergence
18.8 OT Components
18.9 OT Vulnerabilities
18.10 OT Attack Methodology and Tools
18.11 OT Hacking Countermeasures
18.12 IoT and OT Hacking Review
Module 19: Cloud Computing
19.1 Cloud Computing Concepts
19.2 Cloud Types
19.3 Cloud Benefits and Considerations
19.4 Cloud Risks and Vulnerabilities
19.5 Cloud Threats and Countermeasures
19.5.1 Activity - Hacking S3 Buckets
19.6 Cloud Security Tools And Best Practices
19.7 Cloud Computing Review
Module 20: Cryptography
20.1 Cryptography Concepts
20.2 Symmetric Encryption
20.2.1 Activity - Symmetric Encryption
20.3 Asymmetric Encryption
20.3.1 Activity - Asymmetric Encryption
20.4 Public Key Exchange
20.5 PKI
20.5.1 Activity - Generating and Using an Asymmetric Key Pair
20.6 Digital Signatures
20.7 Hashing
20.7.1 Activity - Calculating Hashes
20.8 Common Cryptography Use Cases
20.9 Cryptography Tools
20.10 Cryptography Attacks
20.11 Cryptography Review
20.12 Course Conclusion
Training Path Description
The Certified Ethical Hacker Career Path training series is a comprehensive program designed to equip aspiring cybersecurity professionals with the skills and knowledge required to become proficient ethical hackers. This series is structured into four distinct courses, each focusing on different aspects and levels of ethical hacking, ensuring a well-rounded and in-depth understanding of the field.
Â
The first course, “Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50),” lays the groundwork for your journey into ethical hacking. It covers the basic principles of cybersecurity, network defense strategies, and the ethical considerations of hacking. This foundational course is crucial for understanding the responsibilities and legal framework of an ethical hacker, providing a solid base for more advanced studies.
Â
Moving to the second course, “Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50),” participants delve deeper into the practical aspects of ethical hacking. This course focuses on the methodologies used in penetration testing and vulnerability assessments, teaching students how to identify and exploit weaknesses in various systems and networks. It’s an essential step for those looking to apply their foundational knowledge in real-world scenarios.
Â
The third course, “Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50),” takes the skills learned in the previous courses to a higher level. It covers advanced techniques and tools used in ethical hacking, including sophisticated attack vectors and countermeasure strategies. This course is designed for those who want to specialize in ethical hacking and gain expertise in handling complex security challenges.
Â
Finally, the series culminates with “Certified Ethical Hacker (CEH) v12,” which integrates the latest developments and emerging threats in cybersecurity. This course ensures that students are up-to-date with the newest technologies and techniques in ethical hacking, making them well-prepared to tackle current and future cybersecurity challenges. Upon completion of this series, participants will be well-equipped to pursue a career as a Certified Ethical Hacker, with a comprehensive understanding of how to protect systems and networks from malicious attacks.
Who Is This Ethical Hacker Training For?
The Certified Ethical Hacker Career Path training series is beneficial for a wide range of individuals and teams, including:
Â
IT Security Professionals: Those already working in IT security who want to enhance their skills in ethical hacking and cybersecurity.
System and Network Administrators: Professionals responsible for managing and securing network systems.
Cybersecurity Consultants: Experts who advise organizations on cybersecurity strategies and need to stay updated with hacking techniques.
Penetration Testers: Specialists in testing the security of systems and applications against cyber attacks.
Incident Response Teams: Teams that handle cybersecurity breaches and need to understand hacker methodologies to better defend against them.
Risk Assessment Professionals: Individuals responsible for assessing and mitigating cybersecurity risks in an organization.
Computer Forensics Analysts: Experts who investigate cybercrimes and require knowledge of hacking techniques for better analysis.
Aspiring Cybersecurity Students: Students or recent graduates looking to enter the cybersecurity field with a specialized skill set in ethical hacking.
Software Developers: Developers who need to understand security vulnerabilities to build more secure software.
Government and Law Enforcement Agencies: Personnel involved in cybersecurity and cybercrime units who need to understand how hackers operate.
Corporate IT Teams: In-house IT teams in corporations that need to safeguard their company’s data and infrastructure from cyber threats.
Compliance and Security Officers: Professionals ensuring that organizations comply with cybersecurity laws and regulations.
This training is particularly valuable for anyone looking to specialize in cybersecurity, enhance their current skill set, or transition into a role that requires knowledge of ethical hacking and information security.
Frequently Asked Questions
What prerequisites are required for the Certified Ethical Hacker Career Path training series?
This training series typically requires a basic understanding of networking, systems, and IT security concepts. Prior experience in IT or cybersecurity can be beneficial, but beginners with a strong interest in the field may also enroll.
How long does it take to complete the entire training series?
The duration can vary depending on the individual’s pace of learning and prior knowledge. Generally, it might take several weeks to months to thoroughly cover all the material and gain a deep understanding of each course.
Is this training series suitable for someone with no prior experience in cybersecurity?
While having some background in IT or cybersecurity is advantageous, the series starts with foundational concepts, making it accessible to motivated individuals with no prior experience. However, such individuals may need to dedicate additional time to grasp the basics.
What kind of certification will I receive upon completing the series?
Upon successful completion of the series and passing any required exams, participants will be eligible to receive the Certified Ethical Hacker (CEH) certification from the EC-Council, which is recognized globally. ITU provides you with a Certificate of Completion but students are reponsible to scheduling and paying for any addition exam costs associated with the EC-Council.
Are there any hands-on opportunities or practical exercises included in the training?
Yes, the training series includes practical exercises and hands-on labs to provide real-world experience in ethical hacking techniques. This practical approach is crucial for understanding how to apply theoretical knowledge in actual cybersecurity scenarios.
