Certified Ethical Hacker – CEH
The Certified Ethical Hacker (CEH v13) course equips cybersecurity professionals with the latest tools, techniques, and methodologies used by hackers to lawfully assess the security of systems. Covering emerging threats like IoT hacking, AI-based attacks, and cloud vulnerabilities, this hands-on course prepares learners to defend against evolving cyber risks. With immersive labs and expert guidance, CEH v13 provides a globally recognized certification that is trusted by leading organizations worldwide. Perfect for those aiming to excel in ethical hacking, penetration testing, and cybersecurity roles.
Overview
The Certified Ethical Hacker (CEH v13) course at Cyberfox Train is designed to equip you with the latest skills and techniques used by ethical hackers and cybersecurity professionals. This course focuses on how to think and act like a hacker to identify potential vulnerabilities and threats before they can be exploited by malicious actors.
Through hands-on labs, real-world simulations, and comprehensive modules, you will gain in-depth knowledge of ethical hacking methodologies, tools, and strategies that are essential for safeguarding an organization’s digital assets. Covering everything from penetration testing, vulnerability assessments, and network defense, the CEH v13 course will prepare you for a successful career in cybersecurity.
With this certification, you will be equipped to not only detect and defend against cyber threats but also proactively secure systems and applications.
CEH v13 Course Objectives
By the end of the Certified Ethical Hacker (CEH v13) course at Cyberfox Train, participants will be able to:
- Understand Ethical Hacking Fundamentals: Gain a thorough understanding of core ethical hacking concepts, techniques, and practices.
- Identify Vulnerabilities and Threats: Learn how to identify security vulnerabilities in a network or system and understand how hackers exploit them.
- Conduct Penetration Testing: Develop the ability to perform comprehensive penetration testing to uncover and fix security flaws.
- Master Tools of the Trade: Learn to use advanced hacking tools, including Nmap, Metasploit, Burp Suite, and Wireshark, among others.
- Perform Network Scanning and Enumeration: Understand how to scan, enumerate, and assess network and system security.
- Understand Various Types of Cyber Attacks: Familiarize yourself with different types of attacks, such as social engineering, malware, wireless network attacks, and web-based attacks.
- Defend Against Cyber Threats: Gain skills in implementing effective security measures to defend against cyber attacks, including mitigation techniques for various attack vectors.
- Grasp Modern Security Technologies: Get insights into emerging technologies such as cloud computing, mobile security, and IoT security, and how to protect them.
- Prepare for the CEH Exam: Successfully prepare for the CEH v13 certification exam with practice exams, mock scenarios, and practical labs.
- Adopt a Hacker’s Mindset: Learn how to think like a hacker in order to defend against evolving cybersecurity threats.
This course will provide you with the necessary skills and certification to pursue a career in ethical hacking and cybersecurity.
Why CEH v13?
The Certified Ethical Hacker (CEH v13) certification is one of the most recognized and respected credentials in the cybersecurity field. Here’s why you should consider it:
- Industry-Recognized Certification: CEH v13 is globally recognized and valued by employers as a benchmark for ethical hacking proficiency and cybersecurity expertise.
- Latest Cybersecurity Threats: Version 13 covers the latest vulnerabilities, threats, and attack vectors, ensuring you’re equipped to tackle current cybersecurity challenges.
- Hands-On Learning: CEH v13 provides extensive practical lab exercises and real-world scenarios, helping you master ethical hacking techniques through hands-on practice.
- Comprehensive Skill Set: The course covers a broad range of topics, from network security and vulnerability assessment to penetration testing, cloud computing security, and emerging technologies.
- Hackers’ Mindset: By thinking like a hacker, you’ll be able to anticipate potential cyber threats and implement effective security measures to mitigate risks.
- Career Advancement: With CEH v13 certification, you stand out as a qualified professional in cybersecurity, opening doors to roles such as penetration tester, cybersecurity analyst, and security consultant.
- Compliance and Legal Knowledge: CEH v13 also covers legal and regulatory aspects of ethical hacking, ensuring you work within the boundaries of the law while protecting an organization’s data.
- Enhanced Job Prospects: With a shortage of skilled cybersecurity professionals, obtaining a CEH certification can significantly improve your job prospects and earning potential.
Choosing CEH v13 ensures you are prepared for the evolving world of cybersecurity, providing you with the knowledge and skills to protect organizations from sophisticated cyber threats.
CEH v13 Course Outline
Module 01: Introduction to Ethical Hacking: Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered:
- Elements of Information Security
- Cyber Kill Chain Methodology
- MITRE ATT&CK Framework
- Hacker Classes
- Ethical Hacking
- Information Assurance (IA)
- Risk Management
- Incident Management
- PCI DSS
- HIPPA
- SOX
- GDPR
Module 02: Footprinting and Reconnaissance: Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-On Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform foot printing on the target network using search engines, web services, and social networking sites
- Perform website, email, whois, DNS, and network foot printing on the target network
Module 03: Scanning Networks: Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Hands-On Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform host, port, service, and OS discovery on the target network
- Perform scanning on the target network beyond IDS and firewall
Module 04: Enumeration: Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, plus associated countermeasures.
Hands-On Lab Exercises:
- Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration
Module 05: Vulnerability Analysis: Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform vulnerability research using vulnerability scoring systems and databases
- Perform vulnerability assessment using various vulnerability assessment tools
Module 06: System Hacking: Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks.
Hands-On Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an active online attack to crack the system’s password
- Escalate privileges using privilege escalation tools
- Escalate privileges in Linux machine
- Hide data using steganography
- Clear Windows and Linux machine logs using various utilities
- Hiding artifacts in Windows and Linux machines
Module 07: Malware Threats: Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
Hands-On Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Gain control over a victim machine using malware
- Infect the target system using a virus
- Perform static and dynamic malware analysis
Key topics covered:
- Malware, Components of Malware
- APT
- Trojan
- Types of Trojans
- Exploit Kits
- Virus
- Virus Lifecycle
- Types of Viruses
- Ransomware
- Computer Worms
- Fileless Malware
- Malware Analysis
- Static Malware Analysis
- Dynamic Malware Analysis
- Virus Detection Methods
- Trojan Analysis
- Virus Analysis
- Fileless Malware Analysis
- Anti-Trojan Software
- Antivirus Software
- Fileless Malware Detection Tools
Module 08: Sniffing: Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.
Hands-On Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack
- Spoof a MAC address of Linux machine
- Perform network sniffing using various sniffing tools
- Detect ARP poisoning in a switch-based network
Key topics covered:
- Network Sniffing
- Wiretapping
- MAC Flooding
- DHCP Starvation Attack
- ARP Spoofing Attack
- ARP Poisoning
- ARP Poisoning Tools
- MAC Spoofing
- STP Attack
- DNS Poisoning
- DNS Poisoning Tools
- Sniffing Tools
- Sniffer Detection Techniques
- Promiscuous Detection Tools
Module 09: Social Engineering: Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-On Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform social engineering using Various Techniques
- Spoof a MAC address of a Linux machine
- Detect a phishing attack
- Audit an organization’s security for phishing attacks
Key topics covered:
- Social Engineering
- Types of Social Engineering
- Phishing
- Phishing Tools
- Insider Threats/Insider Attacks
- Identity Theft
Module 10: Denial-of-Service: Learn about different Denial-of-Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform a DoS and DDoS attack on a target host
- Detect and protect against DoS and DDoS attacks
Key topics covered:
- DoS Attack, DDoS Attack
- Botnets
- DoS/DDoS Attack Techniques
- DoS/DDoS Attack Tools
- DoS/DDoS Attack Detection Techniques
- DoS/DDoS Protection Tools
Module 11: Session Hijacking: Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-On Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform session hijacking using various tools
- Detect session hijacking
Key topics covered:
- Session Hijacking
- Types of Session Hijacking
- Spoofing
- Application-Level Session Hijacking
- Man-in-the-Browser Attack
- Client-side Attacks
- Session Replay Attacks
- Session Fixation Attack
- CRIME Attack
- Network Level Session Hijacking
- TCP/IP Hijacking
- Session Hijacking Tools
- Session Hijacking Detection Methods
- Session Hijacking Prevention Tools
Module 12: Evading IDS, Firewalls, and Honeypots: Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.
Hands-On Lab Exercises:
Over 7 hands-on exercises with real-life simulated targets to build skills on how to:
- Bypass Windows Firewall
- Bypass firewall rules using tunneling
- Bypass antivirus
Module 13: Hacking Web Servers: Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.
Hands-On Lab Exercises:
Over 8 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform web server reconnaissance using various tools
- Enumerate web server information
- Crack FTP credentials using a dictionary attack
Key topics covered:
- Web Server Operations
- Web Server Attacks
- DNS Server Hijacking
- Website Defacement
- Web Cache Poisoning Attack
- Web Server Attack Methodology
- Web Server Attack Tools
- Web Server Security Tools
- Patch Management
- Patch Management Tools
Module 14: Hacking Web Applications: Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-On Lab Exercises:
Over 15 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform web application reconnaissance using various tools
- Perform web spidering
- Perform web application vulnerability scanning
- Perform a brute-force attack
- Perform Cross-Site Request Forgery (CSRF) Attack
- Identify XSS vulnerabilities in web applications
- Detect web application vulnerabilities using various web application security tools
Key topics covered:
- Web Application Architecture
- Web Application Threats
- OWASP Top 10 Application Security Risks – 2021
- Web Application Hacking Methodology
- Web API
- Webhooks and Web Shell
- Web API Hacking Methodology
- Web Application Security
Module 15: SQL Injection: Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
Hands-On Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an SQL injection attack to extract database information
- Detect SQL injection vulnerabilities using various SQL injection detection tools
Key topics covered:
- SQL Injection
- Types of SQL injection
- Blind SQL Injection
- SQL Injection Methodology
- SQL Injection Tools
- Signature Evasion Techniques
- SQL Injection Detection Tools
Module 16: Hacking Wireless Networks: Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools
Hands-On Lab Exercises:
Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
- Foot Print a wireless network
- Perform wireless traffic analysis
- Crack WEP, WPA, and WPA2 networks
- Create a rogue access point to capture data packets
Key topics covered:
- Wireless Terminology
- Wireless Networks
- Wireless Encryption
- Wireless Threats
- Wireless Hacking Methodology
- Wi-Fi Encryption Cracking
- WEP/WPA/WPA2 Cracking Tools
- Bluetooth Hacking
- Bluetooth Threats
- Wi-Fi Security Auditing Tools
- Bluetooth Security Tools
Module 17: Hacking Mobile Platforms: Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Hack an Android device by creating binary payloads
- Exploit the Android platform through ADB
- Hack an Android device by creating APK file
- Secure Android devices using various Android security tools
Key topics covered:
- Mobile Platform Attack Vectors
- OWASP Top 10 Mobile Risks
- App Sandboxing
- SMS Phishing Attack (SMiShing)
- Android Rooting
- Hacking Android Devices
- Android Security Tools
- Jailbreaking iOS
- Hacking iOS Devices
- iOS Device Security Tools
- Mobile Device Management (MDM)
- OWASP Top 10 Mobile Controls
- Mobile Security Tools
Module 18: IoT Hacking: Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.
Hands-On Lab Exercises:
Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
- Gather information using Online foot printing tools
- Capture and analyze IoT device traffic
Key topics covered:
- IoT Architecture
- IoT Communication Models
- OWASP Top 10 IoT Threats
- IoT Vulnerabilities
- IoT Hacking Methodology
- IoT Hacking Tools
- IoT Security Tools
- IT/OT Convergence (IIOT)
- ICS/SCADA
- OT Vulnerabilities
- OT Attacks
- OT Hacking Methodology
- OT Hacking Tools
- OT Security Tools
Module 19: Cloud Computing: Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform S3 Bucket enumeration using various S3 bucket enumeration tools
- Exploit open S3 buckets
- Escalate IAM user privileges by exploiting misconfigured user policy
Key topics covered:
- Cloud Computing
- Types of Cloud Computing Services
- Cloud Deployment Models
- Fog and Edge Computing
- Cloud Service Providers
- Container
- Docker
- Kubernetes
- Serverless Computing
- OWASP Top 10 Cloud Security Risks
- Container and Kubernetes Vulnerabilities
- Cloud Attacks
- Cloud Hacking
- Cloud Network Security
- Cloud Security Controls
- Cloud Security Tools
Module 20: Cryptography: In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
Hands-On Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Calculate MD5 hashes
- Perform file and text message encryption
- Create and use self-signed certificates
- Perform email and disk encryption
- Perform cryptanalysis using various cryptanalysis tools
Key topics covered:
- Cryptography
- Encryption Algorithms
- MD5 and MD6 Hash Calculators
- Cryptography Tools
- Public Key Infrastructure (PKI)
- Email Encryption
- Disk Encryption
- Cryptanalysis
- Cryptography Attacks
- Key Stretching
Requirements
- Basic understanding of network essentials, core concepts including server and network components
Features
- Updated Content on Latest Threats: CEH v13 covers the most current security threats, vulnerabilities, and attack vectors, ensuring learners are equipped with up-to-date knowledge.
- Hands-on Labs: Over 40 immersive labs designed to reinforce learning by allowing participants to simulate real-world scenarios using EC-Council’s cyber range platform.
- Focus on Emerging Attack Vectors: Emphasizes modern attack vectors such as IoT (Internet of Things) hacking, cloud security, AI-powered attacks, and advanced malware analysis.
- Learn from Certified Instructors: Industry-expert instructors guide participants through ethical hacking techniques, including both theoretical and practical aspects.
- Comprehensive Coverage of Hacking Tools: Exposure to over 500 hacking tools that are commonly used by professionals in penetration testing and ethical hacking.
- Global Recognition: CEH is one of the most recognized and valued certifications in the field of cybersecurity and is endorsed by various governments and enterprises worldwide.
- Interactive Learning Experience: CEH v13 features an interactive learning environment that includes scenario-based learning, group exercises, and simulated attacks.
- Focus on Defensive and Offensive Techniques: Learners gain a holistic understanding of both defensive and offensive security practices, enabling them to protect systems effectively while understanding a hacker's mindset.
- Preparation for Real-world Challenges: The course prepares participants to tackle real-world security challenges, making them job-ready for positions like ethical hackers, penetration testers, and cybersecurity analysts.
Target audiences
- IT Professionals: Individuals working in IT infrastructure roles such as system administrators, network engineers, and IT security professionals who want to enhance their security knowledge.
- Cybersecurity Enthusiasts: Anyone with a strong interest in cybersecurity who wants to learn about ethical hacking and security practices.
- Penetration Testers: Professionals interested in improving their penetration testing skills and understanding the latest hacking tools and techniques.
- Security Officers & Analysts: Information security officers, auditors, and security analysts looking to improve their ability to detect and prevent security breaches.
- Risk Management Professionals: Individuals responsible for managing risk and implementing cybersecurity measures in organizations.
- IT Managers and Directors: Professionals in leadership positions who need to understand the hacker’s mindset to better protect their organizations from cyberattacks.
- Government and Military Personnel: Professionals working in governmental or defense sectors who need to be equipped with the latest cybersecurity knowledge to protect critical infrastructure.
- Aspiring Ethical Hackers: Individuals looking to build a career in ethical hacking, cybersecurity, or vulnerability assessment.