Free CEH V12 : Certified Ethical Hacking Training - ITU Online
JULY SITEWIDE DEALS | UP TO 50% Off
Get Lifetime Training At 60% Off

Future proof your IT career with our LIFETIME IT training option.  Start today with over 2,500 hours of focused IT training.  Plus, you’ll receive all new and updated content for life at no additional cost.

Lock In At Our Lowest Price Ever: $14.99/month for 2,500+ hours of IT training.
Limited time only. Enroll now, cancel anytime!

FREE CEH v12
Certified Ethical Hacker Training

Join thousands of others who have taken our CEH training courses

4.6/5

Interested in learning Ethical Hacking?  We have the perfect course for you.  Dive into Ethical Hacking during our limited time free CEH course today. Start for free.  No credit card required.

This Free CEH Course Features

Total Hours
56  Training Hours
Free CEH v12 : Certified Ethical Hacking Training
322 On-demand Videos
Closed Caption

Closed Captions

Course Topics
20  Topics
Prep Questions
220 Prep Questions
Free CEH v12 : Certified Ethical Hacking Training

Certificate of Completion

CEH Certification V12

Free CEH v12 Course Content

Certified Ethical Hacker (CEH) v12 Course Content

Module 1 - Introduction To Ethical Hacking

  •    1.0 Introduction to CEH v12

  •    1.1 Elements of Security

  •    1.2 Cyber Kill Chain

  •    1.3 MITRE ATT&CK Framework

  •    1.3.1 Activity - Researching the MITRE ATTACK Framework

  •    1.4 Hacking

  •    1.5 Ethical Hacking

  •    1.6 Information Assurance

  •    1.7 Risk Management

  •    1.8 Incident Management

  •    1.9 Information Security Laws and Standards

  •    1.10 Introduction to Ethical Hacking Review

Module 2: Footprinting and Reconnaissance

  •    2.1 Footprinting Concepts

  •    2.2 OSINT Tools

  •    2.2.1 Activity - Conduct OSINT with OSR Framework

  •    2.2.2 Activity - OSINT with theHarvester

  •    2.2.3 Activity - Add API Keys to theHarvester

  •    2.2.4 Activity - Extract Document Metadata with FOCA

  •    2.2.5 Activity - Extract Document Metadata with FOCA

  •    2.3 Advanced Google Search

  •    2.3.1 Activity - Google Hacking

  •    2.4 Whois Footprinting

  •    2.4.1 Activity - Conducting Whois Research

  •    2.5 DNS Footprinting

  •    2.5.1 Activity - Query DNS with NSLOOKUP

  •    2.6 Website Footprinting

  •    2.6.1 Activity - Fingerprint a Webserver with ID Serve

  •    2.6.2 Activity - Extract Data from Websites

  •    2.6.3 Activity - Mirror a Website with HTTrack

  •    2.7 Email Footprinting

  •    2.7.1 Activity - Trace a Suspicious Email

  •    2.8 Network Footprinting

  •    2.9 Social Network Footprinting

  •    2.10 Footprinting and Reconnaissance Countermeasures

  •    2.11 Footprinting and Reconnaissance Review

Module 3: Scanning Networks

  •    3.1 Scanning Concepts

  •    3.2 Discovery Scans

  •    3.2.1 Activity - ICMP ECHO and ARP Pings

  •    3.2.2 Activity - Host Discovery with Angry IP Scanner

  •    3.3 Port Scans

  •    3.3.1 Activity - Port Scan with Angry IP Scanner

  •    3.4 Other Scan Types

  •    3.5 Scanning Tools

  •    3.5.1 Activity - Hping3 Packet Crafting

  •    3.5.2 Activity - Fingerprinting with Zenmap

  •    3.6 NMAP

  •    3.6.1 Activity - Nmap Basic Scans

  •    3.6.2 Activity - Host Discovery with Nmap

  •    3.6.3 - Activity - Nmap Version Detection

  •    3.6.4 Activity - Nmap Idle (Zombie) Scan

  •    3.6.5 Activity - Nmap FTP Bounce Scan

  •    3.6.6 - Activity - NMAP Scripts

  •    3.7 Firewall and IDS Evasion

  •    3.7.1 Activity - Nmap Advanced Scans

  •    3.8 Proxies

  •    3.9 Scanning Countermeasures

  •    3.10 Scanning Networks Review

Module 4: Enumeration

  •    4.1 Enumeration Overview

  •    4.2 SMB_NetBIOS_Enumeration

  •    4.2.1 Activity - Enumerate NetBIOS Information with Hyena

  •    4.3 File Transfer Enumeration

  •    4.4 WMI Enumeration

  •    4.4.1 - Activity - Enumerating WMI with Hyena

  •    4.5 SNMP Enumeration

  •    4.5.1 Activity - Enumerate WMI, SNMP and Other Information Using SoftPerfect

  •    4.6 LDAP Enumeration

  •    4.7 DNS Enumeration

  •    4.8 SMTP Enumeration

  •    4.8.1 Activity - Enumerate Email Users with SMTP

  •    4.9 Remote Connection Enumeration

  •    4.10 Website Enumeration

  •    4.10.1 Activity - Enumerate a Website with DirBuster

  •    4.11 Other Enumeration Types

  •    4.12 Enumeration Countermeasures and Review

Module 5: Vulnerability Analysis

  •    5.1 Vulnerability Scanning

  •    5.1.1 Vulnerability Scanning with OpenVAS

  •    5.2 Vulnerability Assessment

  •    5.3 Vulnerability Analysis Review

Module 6: System Hacking

  •    6.1 System Hacking Concepts

  •    6.2 Common OS Exploits

  •    6.3 Buffer Overflows

  •    6.3.1 Activity - Performing a Buffer Overflow

  •    6.4 System Hacking Tools and Frameworks

  •    6.4.1 Activity - Hack a Linux Target from Start to Finish

  •    6.5 Metasploit

  •    6.5.1 Activity - Get Started with Metasploit

  •    6.6 Meterpreter

  •    6.7 Keylogging and Spyware

  •    6.7.1 Activity - Keylogging with Meterpreter

  •    6.8 Netcat

  •    6.8.1 Activity - Using Netcat

  •    6.9 Hacking Windows

  •    6.9.1 Activity - Hacking Windows with Eternal Blue

  •    6.10 Hacking Linux

  •    6.11 Password Attacks

  •    6.11.1 Activity - Pass the Hash

  •    6.11.2 Activity - Password Spraying

  •    6.12 Password Cracking Tools

  •    6.13 Windows Password Cracking

  •    6.13.1 Activity - Cracking Windows Passwords

  •    6.13.2 Activity - Cracking Password Hashes with Hashcat

  •    6.14 Linux Password Cracking

  •    6.15 Other Methods for Obtaining Passwords

  •    6.16 Network Service Attacks

  •    6.16.1 Activity - Brute Forcing a Network Service with Medusa

  •    6.17 Post Exploitation

  •    6.18 Pivoting

  •    6.18.1 Activity - Pivoting Setup

  •    6.19 Maintaining Access

  •    6.19.1 Activity - Persistence

  •    6.20 Hiding Data

  •    6.20.1 Activity - Hiding Data Using Least Significant Bit Steganography

  •    6.21 Covering Tracks

  •    6.21.1 Activity - Clearing Tracks in Windows

  •    6.21.2 Activity - View and Clear Audit Policies with Auditpol

  •    6.22 System Hacking Countermeasures

  •    6.23 System Hacking Review

Module 7: Malware Threats

  •    7.1 Malware Overview

  •    7.2 Viruses

  •    7.3 Trojans

  •    7.3.1 Activity - Deploying a RAT

  •    7.4 Rootkits

  •    7.5 Other Malware

  •    7.6 Advanced Persistent Threat

  •    7.7 Malware Makers

  •    7.7.1 Activity - Creating a Malware Dropper and Handler

  •    7.8 Malware Detection

  •    7.9 Malware Analysis

  •    7.9.1 Activity - Performing a Static Code Review

  •    7.9.2 Activity - Analyzing the SolarWinds Orion Hack

  •    7.10 Malware Countermeasures

  •    7.11 Malware Threats Review

Module 8: Sniffing

  •    8.1 Network Sniffing

  •    8.2 Sniffing Tools

  •    8.2.1 Activity- Sniffing HTTP with Wireshark

  •    8.2.2 Activity - Capturing Files from SMB

  •    8.3 ARP and MAC Attacks

  •    8.3.1 Activity - Performing an MITM Attack with Ettercap

  •    8.4 Name Resolution Attacks

  •    8.4.1 Activity - Spoofing Responses with Responder

  •    8.5 Other Layer 2 Attacks

  •    8.6 Sniffing Countermeasures

  •    8.7 Sniffing Review

Module 9: Social Engineering

  •    9.1 Social Engineering Concepts

  •    9.2 Social Engineering Techniques

  •    9.2.1 Activity - Deploying a Baited USB Stick

  •    9.2.2 Activity - Using an O.MG Lightning Cable

  •    9.3 Social Engineering Tools

  •    9.3.1 Activity - Phishing for Credentials

  •    9.4 Social Media, Identity Theft, Insider Threats

  •    9.5 Social Engineering Countermeasures

  •    9.6 Social Engineering Review

Module 10: Denial-of-Service

  •    10.1 DoS-DDoS Concepts

  •    10.2 Volumetric Attacks

  •    10.3 Fragmentation Attacks

  •    10.4 State Exhaustion Attacks

  •    10.5 Application Layer Attacks

  •    10.5.1 Activity - Performing a LOIC Attack

  •    10.5.2 Activity - Performing a HOIC Attack

  •    10.5.3 Activity - Conducting a Slowloris Attack

  •    10.6 Other Attacks

  •    10.7 DoS Tools

  •    10.8 DoS Countermeasures

  •    10.9 DoS Review

Module 11: Session Hijacking

  •    11.1 Session Hijacking

  •    11.2 Compromising a Session Token

  •    11.3 XSS

  •    11.4 CSRF

  •    11.5 Other Web Hijacking Attacks

  •    11.6 Network-Level Session Hijacking

  •    11.6.1 Activity - Hijack a Telnet Session

  •    11.7 Session Hijacking Tools

  •    11.8 Session Hijacking Countermeasures

  •    11.9 Session Hijacking Review

Module 12: Evading IDS, Firewalls, and Honeypots

  •    12.1 Types of IDS

  •    12.2 Snort

  •    12.3 System Logs

  •    12.4 IDS Considerations

  •    12.5 IDS Evasion

  •    12.5.1 Activity - Fly Below IDS Radar

  •    12.6 Firewalls

  •    12.7 Packet Filtering Rules

  •    12.8 Firewall Deployments

  •    12.9 Split DNS

  •    12.10 Firewall Product Types

  •    12.11 Firewall Evasion

  •    12.11.1 Activity - Use Social Engineering to Bypass a Windows Firewall

  •    12.11.2 Activity - Busting the DOM for WAF Evasion

  •    12.12 Honeypots

  •    12.13 Honeypot Detection and Evasion

  •    12.13.1 Activity - Test and Analyze a Honey Pot

  •    12.14 Evading IDS, Firewalls, and Honeypots Review

Module 13: Hacking Web Servers

  •    13.1 Web Server Operations

  •    13.2 Hacking Web Servers

  •    13.3 Common Web Server Attacks

  •    13.3.1 Activity - Defacing a Website

  •    13.4 Web Server Attack Tools

  •    13.5 Hacking Web Servers Countermeasures

  •    13.6 Hacking Web Servers Review

Module 14: Hacking Web Applications

  •    14.1 Web Application Concepts

  •    14.2 Attacking Web Apps

  •    14.3 A01 Broken Access Control

  •    14.4 A02 Cryptographic Failures

  •    14.5 A03 Injection

  •    14.5.1 Activity - Command Injection

  •    14.6 A04 Insecure Design

  •    14.7 A05 Security Misconfiguration

  •    14.8 A06 Vulnerable and Outdated Components

  •    14.9 A07 Identification and Authentication Failures

  •    14.10 A08 Software and Data integrity Failures

  •    14.11 A09 Security Logging and Monitoring Failures

  •    14.12 A10 Server-Side Request Forgery

  •    14.13 XSS Attacks

  •    14.13.1 Activity - XSS Walkthrough

  •    14.13.2 Activity - Inject a Malicious iFrame with XXS

  •    14.14 CSRF

  •    14.15 Parameter Tampering

  •    14.15.1 Activity - Parameter Tampering with Burp

  •    14.16 Clickjacking

  •    14.17 SQL Injection

  •    14.18 Insecure Deserialization Attacks

  •    14.19 IDOR

  •    14.19.1 Activity - Hacking with IDOR

  •    14.20 Directory Traversal

  •    14.21 Session Management Attacks

  •    14.22 Response Splitting

  •    14.23 Overflow Attacks

  •    14.24 XXE Attacks

  •    14.25 Web App DoS

  •    14.26 Soap Attacks

  •    14.27 AJAX Attacks

  •    14.28 Web API Hacking

  •    14.29 Webhooks and Web Shells

  •    14.30 Web App Hacking Tools

  •    14.31 Hacking Web Applications Countermeasures

  •    14.32 Hacking Web Applications Review

Module 15: SQL Injection

  •    15.1 SQL Injection Overview

  •    15.2 Basic SQL Injection

  •    15.3 Finding Vulnerable Websites

  •    15.4 Error-based SQL Injection

  •    15.5 Union SQL Injection

  •    15.5.1 Activity - Testing SQLi on a Live Website - Part 1

  •    15.5.2 Activity - Testing SQLi on a Live Website - Part 2

  •    15.6 Blind SQL Injection

  •    15.7 SQL Injection Tools

  •    15.7.1 Activity - SQL Injection Using SQLmap

  •    15.8 Evading Detection

  •    15.9 Analyzing SQL Injection

  •    15.10 SQL Injection Countermeasures

  •    15.11 SQL Injection Review

Module 16: Hacking Wireless Networks

  •    16.1 Wireless Concepts

  •    16.2 Wireless Security Standards

  •    16.3 WI-FI Discovery Tools

  •    16.4 Common Wi-Fi Attacks

  •    16.5 Wi-Fi Password Cracking

  •    16.6 WEP Cracking

  •    16.6.1 Activity - Cracking WEP

  •    16.7 WPA,WPA2,WPA3 Cracking

  •    16.7.1 Activity - WPA KRACK Attack

  •    16.8 WPS Cracking

  •    16.9 Bluetooth Hacking

  •    16.10 Other Wireless Hacking

  •    16.10.1 Activity - Cloning an RFID badge

  •    16.10.2 Activity - Hacking with a Flipper Zero

  •    16.11 Wireless Security Tools

  •    16.12 Wireless Hacking Countermeasures

  •    16.13 Hacking Wireless Networks Review

Module 17: Hacking Mobile Platforms

  •    17.1 Mobile Device Overview

  •    17.2 Mobile Device Attacks

  •    17.3 Android Vulnerabilities

  •    17.4 Rooting Android

  •    17.5 Android Exploits

  •    17.5.1 Activity - Hacking Android

  •    17.5.2 Activity - Using a Mobile Device in a DDoS Campaign

  •    17.6 Android-based Hacking Tools

  •    17.7 Reverse Engineering an Android App

  •    17.8 Securing Android

  •    17.9 iOS Overview

  •    17.10 Jailbreaking iOS

  •    17.11 iOS Exploits

  •    17.12 iOS-based Hacking Tools

  •    17.13 Reverse Engineering an iOS App

  •    17.14 Securing iOS

  •    17.15 Mobile Device Management

  •    17.16 Hacking Mobile Platforms Countermeasures

  •    17.17 Hacking Mobile Platforms Review

Module 18: IoT AND OT Hacking

  •    18.1 IoT Overview

  •    18.2 IoT Infrastructure

  •    18.3 IoT Vulnerabilities and Threats

  •    18.3.1 Activity - Searching for Vulnerable IoT Devices

  •    18.4 IoT Hacking Methodology and Tools

  •    18.5 IoT Hacking Countermeasures

  •    18.6 OT Concepts

  •    18.7 IT-OT Convergence

  •    18.8 OT Components

  •    18.9 OT Vulnerabilities

  •    18.10 OT Attack Methodology and Tools

  •    18.11 OT Hacking Countermeasures

  •    18.12 IoT and OT Hacking Review

Module 19: Cloud Computing

  •    19.1 Cloud Computing Concepts

  •    19.2 Cloud Types

  •    19.3 Cloud Benefits and Considerations

  •    19.4 Cloud Risks and Vulnerabilities

  •    19.5 Cloud Threats and Countermeasures

  •    19.5.1 Activity - Hacking S3 Buckets

  •    19.6 Cloud Security Tools And Best Practices

  •    19.7 Cloud Computing Review

Module 20: Cryptography

  •    20.1 Cryptography Concepts

  •    20.2 Symmetric Encryption

  •    20.2.1 Activity - Symmetric Encryption

  •    20.3 Asymmetric Encryption

  •    20.3.1 Activity - Asymmetric Encryption

  •    20.4 Public Key Exchange

  •    20.5 PKI

  •    20.5.1 Activity - Generating and Using an Asymmetric Key Pair

  •    20.6 Digital Signatures

  •    20.7 Hashing

  •    20.7.1 Activity - Calculating Hashes

  •    20.8 Common Cryptography Use Cases

  •    20.9 Cryptography Tools

  •    20.10 Cryptography Attacks

  •    20.11 Cryptography Review

  •    20.12 Course Conclusion

Get Started Now

Get access to both the CompTIA A+ 1101 and 1102 courses now.  No credit card required.

Course Description

The CEH v12 training course is a comprehensive program designed to equip aspiring ethical hackers with the skills and knowledge they need to protect organizations from cyber threats. The course is divided into 20 modules, each focusing on a specific area of ethical hacking. Starting with an introduction to ethical hacking, the course covers a wide range of topics including elements of security, risk management, and information security laws. It delves into technical aspects such as footprinting, network scanning, and vulnerability analysis, providing hands-on activities for practical understanding. The course also explores advanced topics like system hacking, malware threats, and network sniffing, among others.

 

Beyond technical skills, the course also addresses the human element of cybersecurity by including modules on social engineering and hacking mobile platforms. It even extends into specialized areas like IoT and OT hacking, cloud computing, and cryptography, ensuring a well-rounded understanding of ethical hacking. Each module is designed to be interactive, featuring activities that simulate real-world scenarios, thereby enabling students to apply what they’ve learned in a practical context. With a focus on both theoretical knowledge and practical skills, this course prepares you for the challenges you’ll face in the ever-evolving landscape of cybersecurity.

Who Benefits From This Free CEH Training?

Good candidates for the CEH v12 training course are individuals who are interested in the field of cybersecurity and are looking to either begin or advance their careers in ethical hacking. Here are some specific groups who would benefit from this training:

  1. IT Professionals: Those already working in the IT sector can deepen their understanding of security issues and how to combat them.

  2. Cybersecurity Enthusiasts: Individuals who have a keen interest in cybersecurity but may not have formal training can gain foundational and advanced skills.

  3. Network Administrators: People responsible for managing and ensuring the security of networks can learn valuable skills to identify vulnerabilities and threats.

  4. System Administrators: Those who manage the day-to-day operations of organizational systems can benefit from understanding how these systems can be exploited and how to secure them.

  5. Security Officers: Individuals responsible for the overall security posture of an organization can gain insights into the latest hacking techniques and how to defend against them.

  6. Security Auditors: Professionals who need to conduct security assessments and audits can learn the techniques used by hackers to better identify vulnerabilities.

  7. Legal Professionals: Those working in legal departments dealing with cyber law can gain a technical understanding of what ethical hacking entails.

  8. Freelancers: Individuals who offer cybersecurity services on a freelance basis can use the skills gained to expand their service offerings.

  9. Students: Those studying computer science, information technology, or related fields can supplement their academic knowledge with practical skills in ethical hacking.

  10. Career Changers: Individuals looking to transition into a cybersecurity role from another field can use this course as a stepping stone.

  11. Government and Military Personnel: Those working in government or military roles related to national security can gain from understanding hacking techniques to better defend critical infrastructure.

The CEH v12 training is designed to be comprehensive and versatile, making it suitable for a wide range of candidates with varying levels of experience and expertise.