Explore our course

Course description

  • What are the course objectives?

    Simplilearn’s CEH v10 Certified Ethical Hacker training (earlier CEH v9) and certification course provide hands-on classroom training to help you master the same techniques that hackers use to penetrate network systems and leverage them ethically to protect your own infrastructure. The extensive course focuses on 20 of the most popular security domains to provide a practical approach to essential security systems. Your will learn to assess computer system security by using penetration testing techniques; scan, test and hack secure systems and applications, and gain hands-on experience with sniffing, phishing and exploitation tactics. This course will prepare you for the EC-Council Certified Ethical Hacker exam 312-50.

    In the latest CEH v10 EC-Council has introduced the following changes:
    • CEH practical exam
    • Increased focus on Cloud attack vectors, AI and Machine Learning
    • Upgraded Vulnerability Assessment material
    • A module on the Internet of Things(IoT) Security

  • Why is this certification so desirable?

    The EC-Council CEH v10 certification verifies your advanced security skillsets to thrive in the worldwide information security domain. Many IT departments have made CEH certification a compulsory qualification for security-related posts, making it a go-to certification for security professionals. And CEH-certified professionals typically earn 44 percent higher salaries than their non-certified peers.
     
    CEH certification opens up numerous career advancement opportunities, preparing you for a role as a computer network defense (CND) analyst, CND infrastructure support, CND incident responder, CND auditor, forensic analyst, intrusion analyst, security manager and other related high-profile roles.

  • What skills will you learn?

    Simplilearn’s CEH certification training course will expand your knowledge of network, web and mobile app security and prepare you to identify threats and vulnerabilities. This course will help you:
    • Grasp the step-by-step methodology and tactics that hackers use to penetrate network systems
    • Understand the finer nuances of trojans, backdoors and countermeasures
    • Get a better understanding of IDS, firewalls, honeypots and wireless hacking
    • Master advanced hacking concepts, including mobile device and smart phone hacking, writing virus codes, exploit writing & reverse engineering and corporate espionage,
    • Gain expertise on advanced concepts such as advanced network packet analysis, securing IIS & Apache web servers, Windows system administration using Powershell, and hacking SQL and Oracle databases
    • Cover the latest developments in mobile and web technologies including Andriod, iOS, BlackBerry, Windows Phone and HTML 5
    • Learn advanced log management for information assurance and allow you to manage information security with more clarity

  • Who should take this course?

    The Certified Ethical Hacker certification is best suited for:
    • Network security officers and practitioners
    • Site administrators
    • IS/IT specialist, analyst or manager
    • IS/IT auditor or consultant
    • IT operations manager
    • IT security specialist, analyst, manager, architect or administrator
    • IT security officer, auditor or engineer
    • Network specialist, analyst, manager, architect, consultant or administrator
    • Technical support engineer
    • Senior systems engineer
    • Systems analyst or administrator

Tools Covered

Network security Tools
back track NMAP PROJECT
Password Cracking Tools
AIRCRACK-NG John the Ripper THC-Hydra
Penetration testing Tools
metasploit
Sniffing Tools
BETTERCAP WIRESHARK
SQL Injection Tools
sqlmap sqlninja
Web application security Tools
OWASP w3af

Course preview

  • Module 01- Introduction to Ethical Hacking
    • Lesson 01 - Information Security Overview 22:30
      • 1 Demo of Aspen and iLabs22:30
      • 2 Internet is Integral Part of Business and Personal Life - What Happens Online in 60 Seconds
      • 3 Essential Terminology
      • 4 Elements of Information Security
      • 5 The Security, Functionality, and Usability Triangle
    • Lesson 02 - Information Security Threats and Attack Vectors 01:56
      • 1 Motives, Goals, and Objectives of Information Security Attacks
      • 2 Top Information Security Attack Vectors
      • 3 Information Security Threat Categories
      • 4 Types of Attacks on a System01:56
      • 5 Information Warfare
    • Lesson 06 - Penetration Testing Concepts
      • 1 Penetration Testing
      • 2 Why Penetration Testing
      • 3 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
      • 4 Blue Teaming/Red Teaming
      • 5 Types of Penetration Testing
      • 6 Phases of Penetration Testing
      • 7 Security Testing Methodology
    • Lesson 03 - Hacking Concepts 01:29
      • 1 What is Hacking01:29
      • 2 Who is a Hacker?
      • 3 Hacker Classes
      • 4 Hacking Phases
    • Lesson 04 - Ethical Hacking Concepts
      • 1 What is Ethical Hacking?
      • 2 Why Ethical Hacking is Necessary
      • 3 Scope and Limitations of Ethical Hacking
      • 4 Skills of an Ethical Hacker
    • Lesson 05 - Information Security Controls
      • 1 Information Assurance (IA)
      • 2 Information Security Management Program
      • 4 Enterprise Information Security Architecture (EISA)
      • 5 Network Security Zoning
      • 6 Defense in Depth
      • 7 Information Security Policies
      • 8 Physical Security
      • 10 What is Risk?
      • 11 Threat Modeling
      • 12 Incident Management
      • 13 Security Incident and Event Management (SIEM)
      • 14 User Behavior Analytics (UBA)
      • 15 Network Security Controls
      • 16 Identity and Access Management (IAM)
      • 17 Data Leakage
      • 18 Data Backup
      • 19 Data Recovery
      • 20 Role of AI/ML in Cyber Security
    • Lesson 07 - Information Security Laws and Standards
      • 1 Payment Card Industry Data Security Standard (PCI-DSS)
      • 2 ISO/IEC 27001:2013
      • 3 Health Insurance Portability and Accountability Act (HIPAA)
      • 4 Sarbanes Oxley Act (SOX)
      • 5 The Digital Millennium Copyright Act (DMCA)
      • 6 Federal Information Security Management Act (FISMA)
      • 7 Cyber Law in Different Countries
  • Module 02- Footprinting and Reconnaissance
    • Lesson 01 - Footprinting Concepts 01:04
      • 1 What is Footprinting?01:04
      • 2 Objectives of Footprinting
    • Lesson 02 - Footprinting through Search Engines
      • 1 Footprinting through Search Engines
      • 2 Footprinting using Advanced Google Hacking Techniques
      • 3 Information Gathering Using Google Advanced Search and Image Search
      • 4 Google Hacking Database
      • 5 VoIP and VPN Footprinting through Google Hacking Database
    • Lesson 03 - Footprinting through Web Services
      • 1 Finding Company’s Top-level Domains (TLDs) and Sub-domains
      • 2 Finding the Geographical Location of the Target
      • 3 People Search on Social Networking Sites and People Search Services
      • 4 Gathering Information from LinkedIn
      • 5 Gather Information from Financial Services
      • 6 Footprinting through Job Sites
      • 7 Monitoring Target Using Alerts
      • 8 Information Gathering Using Groups, Forums, and Blogs
      • 9 Determining the Operating System
      • 10 VoIP and VPN Footprinting through SHODAN
    • Lesson 04 - Footprinting through Social Networking Sites
      • 1 Collecting Information through Social Engineering on Social Networking Sites
    • Lesson 05 - Website Footprinting
      • 1 Website Footprinting
      • 2 Website Footprinting using Web Spiders
      • 3 Mirroring Entire Website
      • 4 Extracting Website Information from https://archive.org
      • 5 Extracting Metadata of Public Documents
      • 6 Monitoring Web Pages for Updates and Changes
    • Lesson 06- Email Footprinting
      • 1 Tracking Email Communications
      • 2 Collecting Information from Email Header
      • 3 Email Tracking Tools
    • Lesson 07- Competitive Intelligence
      • 1 Competitive Intelligence Gathering
      • 2 Competitive Intelligence - When Did this Company Begin? How Did it Develop?
      • 3 Competitive Intelligence - What Are the Company's Plans?
      • 4 Competitive Intelligence - What Expert Opinions Say About the Company
      • 5 Monitoring Website Traffic of Target Company
      • 6 Tracking Online Reputation of the Target
    • Lesson 08- Whois Footprinting
      • 1 Whois Lookup
      • 2 Whois Lookup Result Analysis
      • 3 Whois Lookup Tools
      • 4 Finding IP Geolocation Information
    • Lesson 09- DNS Footprinting
      • 1 Extracting DNS Information
      • 2 DNS Interrogation Tools
    • Lesson 10- Network Footprinting
      • 1 Locate the Network Range
      • 2 Traceroute
      • 3 Traceroute
      • 4 Traceroute Tools
    • Lesson 11- Footprinting through Social Engineering
      • 1 Footprinting through Social Engineering
      • 2 Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
    • Lesson 12- Footprinting Tools
      • 1 Maltego
      • 2 Recon-ng
      • 3 FOCA
      • 4 Recon-Dog
      • 5 OSRFramework
      • 6 Additional Footprinting Tools
    • Lesson 13- Countermeasures
      • 1 Footprinting Countermeasures
    • Lesson 14- Footprinting Pen Testing
      • 1 Footprinting Pen Testing
      • 2 Footprinting Pen Testing Report Templates
  • Module 03- Scanning Networks
    • Lesson 01 - Network Scanning Concepts
      • 1 Overview of Network Scanning
      • 2 TCP Communication Flags
      • 3 TCP/IP Communication
      • 4 Creating Custom Packet Using TCP Flags
      • 5 Scanning in IPv6 Networks
    • Lesson 02 - Scanning Tools
      • 1 Nmap
      • 2 Hping2 / Hping3
      • 3 Scanning Tools
      • 4 Scanning Tools for Mobile
    • Lesson 03- Scanning Techniques
      • 1 Scanning Technique
      • 2 Port Scanning Countermeasures
    • Lesson 04- Scanning Beyond IDS and Firewall
      • 1 IDS/Firewall Evasion Techniques
    • Lesson 05- Banner Grabbing
      • 1 Banner Grabbing
      • 2 How to Identify Target System OS
      • 3 Banner Grabbing Countermeasures
    • Lesson 06- Draw Network Diagrams
      • 1 Draw Network Diagrams
      • 2 Network Discovery and Mapping Tools
      • 3 Network Discovery Tools for Mobile
    • Lesson 07- Scanning Pen Testing
      • 1 Scanning Pen Testing
  • Module 04- Enumeration
    • Lesson 01 - Enumeration Concepts
      • 1 What is Enumeration?
      • 2 Techniques for Enumeration
      • 3 Services and Ports to Enumerate
    • Lesson 02 - NetBIOS Enumeration
      • 1 NetBIOS Enumeration
      • 2 NetBIOS Enumeration Tool
      • 3 Enumerating User Accounts
      • 4 Enumerating Shared Resources Using Net View
    • Lesson 03 - SNMP Enumeration
      • 1 SNMP (Simple Network Management Protocol) Enumeration
      • 4 SNMP Enumeration Tools
      • 2 Working of SNMP
      • 3 Management Information Base (MIB)
    • Lesson 04 - LDAP Enumeration
      • 1 LDAP Enumeration
      • 2 LDAP Enumeration Tools
    • Lesson 05 - NTP Enumeration
      • 1 NTP Enumeration
      • 2 NTP Enumeration Commands
      • 2 NTP Enumeration Tools
    • Lesson 06 - SMTP Enumeration and DNS Enumeration
      • 1 SMTP Enumeration
      • 2 SMTP Enumeration Tools
      • 3 DNS Enumeration Using Zone Transfer
    • Lesson 08 - Enumeration Countermeasures
      • 1 Enumeration Countermeasures
    • Lesson 07 - Other Enumeration Techniques
      • 1 IPsec Enumeration
      • 2 VoIP Enumeration
      • 3 RPC Enumeration
      • 4 Unix/Linux User Enumeration
    • Lesson 09 - Enumeration Pen Testing
      • 1 Enumeration Pen Testing
    • Module 05- Vulnerability Analysis
      • Lesson 05- Vulnerability Assessment Reports
        • 1 Vulnerability Assessment Reports
        • 2 Analyzing Vulnerability Scanning Report
  • Module 05- Vulnerability Analysis
    • Lesson 01- Vulnerability Assessment Concepts
      • 1 Vulnerability Research
      • 2 Vulnerability Classification
      • 3 What is Vulnerability Assessment?
      • 4 Types of Vulnerability Assessment
      • 5 Vulnerability-Management Life Cycle
    • Lesson 02- Vulnerability Assessment Solutions
      • 1 Comparing Approaches to Vulnerability Assessment
      • 2 Working of Vulnerability Scanning Solutions
      • 3 Types of Vulnerability Assessment Tools
      • 4 Characteristics of a Good Vulnerability Assessment Solution
      • 5 Choosing a Vulnerability Assessment Tool
      • 6 Criteria for Choosing a Vulnerability Assessment Tool
      • 7 Best Practices for Selecting Vulnerability Assessment Tools
    • Lesson 03- Vulnerability Scoring Systems
      • 1 Common Vulnerability Scoring System (CVSS)
      • 2 Common Vulnerabilities and Exposures (CVE)
      • 3 National Vulnerability Database (NVD)
      • 4 Resources for Vulnerability Research
    • Lesson 04- Vulnerability Assessment Tools
      • 1 Vulnerability Assessment Tools
      • 2 Vulnerability Assessment Tools for Mobile
    • Lesson 05- Vulnerability Assessment Reports
      • 1 Vulnerability Assessment Reports
      • 2 Analyzing Vulnerability Scanning Report
  • Module 06- System Hacking
    • Lesson 01- System Hacking Concepts
      • 1 CEH Hacking Methodology (CHM)
      • 2 System Hacking Goals
    • Lesson 02- Cracking Passwords
      • 1 Password Cracking
      • 2 Types of Password Attacks
      • 3 Password Recovery Tools
      • 4 Microsoft Authentication
      • 5 How Hash Passwords Are Stored in Windows SAM?
      • 6 NTLM Authentication Process
      • 7 Kerberos Authentication
      • 8 Password Salting
      • 9 Tools to Extract the Password Hashes
      • 10 Password Cracking Tools
      • 11 How to Defend against Password Cracking
      • 12 How to Defend against LLMNR/NBT-NS Poisoning
    • Lesson 03- Escalating Privileges
      • 1 Privilege Escalation
      • 2 Privilege Escalation Using DLL Hijacking
      • 3 Privilege Escalation by Exploiting Vulnerabilities
      • 4 Privilege Escalation Using Dylib Hijacking
      • 5 Privilege Escalation using Spectre and Meltdown Vulnerabilities
      • 6 Other Privilege Escalation Techniques
      • 7 How to Defend Against Privilege Escalation
    • Lesson 04- Executing Applications
      • 1 Executing Applications
      • 2 Keylogger
      • 3 Spyware
      • 4 How to Defend Against Keyloggers
      • 5 How to Defend Against Spyware
    • Lesson 05- Hiding Files
      • 1 Rootkits
      • 2 NTFS Data Stream
      • 3 What is Steganography?
    • Lesson 06- Covering Tracks
      • 1 Covering Tracks
      • 2 Disabling Auditing: Auditpol
      • 3 Clearing Logs
      • 4 Manually Clearing Event Logs
      • 5 Ways to Clear Online Tracks
      • 6 Covering BASH Shell Tracks
      • 7 Covering Tracks on Network
      • 8 Covering Tracks on OS
      • 9 Covering Tracks Tools
    • Lesson 07- Penetration Testing
      • 1 Password Cracking
      • 2 Privilege Escalation
      • 3 Executing Applications
      • 4 Hiding Files
      • 5 Covering Tracks
  • Module 07- Malware Threats
    • Lesson 01- Malware Concepts
      • 1 Introduction to Malware
      • 2 Different Ways a Malware can Get into a System
      • 3 Common Techniques Attackers Use to Distribute Malware on the Web
      • 4 Components of Malware
    • Lesson 02- Trojan Concepts
      • 1 What is a Trojan?
      • 2 How Hackers Use Trojans
      • 3 Common Ports used by Trojans
      • 4 How to Infect Systems Using a Trojan
      • 5 Trojan Horse Construction Kit
      • 6 Wrappers
      • 7 Crypters
      • 8 How Attackers Deploy a Trojan
      • 9 Exploit Kits
      • 10 Evading Anti-Virus Techniques
      • 11 Types of Trojans
    • Lesson 03- Virus and Worm Concepts
      • 1 Introduction to Viruses
      • 2 Stages of Virus Life
      • 3 Working of Viruses
      • 4 Indications of Virus Attack
      • 5 How does a Computer Get Infected by Viruses
      • 6 Virus Hoaxes
      • 7 Fake Antiviruses
      • 8 Ransomware
      • 9 Types of Viruses
      • 10 Creating Virus
      • 11 Computer Worms
      • 12 Worm Makers
    • Lesson 04- Malware Analysis
      • 1 What is Sheep Dip Computer?
      • 2 Anti-Virus Sensor Systems
      • 3 Introduction to Malware Analysis
      • 4 Malware Analysis Procedure: Preparing Testbed
      • 5 Static Malware Analysis
      • 6 Dynamic Malware Analysis
      • 7 Virus Detection Methods
      • 8 Trojan Analysis: ZeuS/Zbot
      • 9 Virus Analysis: WannaCry
    • Lesson 05- Countermeasures
      • 1 Trojan Countermeasures
      • 2 Backdoor Countermeasures
      • 3 Virus and Worms Countermeasures
    • Lesson 06- Anti-Malware Software
      • 1 Anti-Trojan Software
      • 2 Antivirus Software
    • Lesson 07- Malware Penetration Testing
      • 1 Malware Penetration Testing
  • Module 08- Sniffing
    • Lesson 01- Sniffing Concepts
      • 1 Network Sniffing
      • 2 Types of Sniffing
      • 3 How an Attacker Hacks the Network Using Sniffers
      • 4 Protocols Vulnerable to Sniffing
      • 5 Sniffing in the Data Link Layer of the OSI Model
      • 6 Hardware Protocol Analyzers
      • 7 SPAN Port
      • 8 Wiretapping
      • 9 Lawful Interception
    • Lesson 02- Sniffing Technique: MAC Attacks
      • 1 MAC Address/CAM Table
      • 2 How CAM Works
      • 3 What Happens When CAM Table Is Full?
      • 4 MAC Flooding
      • 5 Switch Port Stealing
      • 6 How to Defend against MAC Attacks
    • Lesson 03- Sniffing Technique: DHCP Attacks
      • 1 How DHCP Works
      • 2 DHCP Request/Reply Messages
      • 3 DHCP Starvation Attack
      • 4 Rogue DHCP Server Attack
      • 5 How to Defend Against DHCP Starvation and Rogue Server Attack
    • Lesson 04- Sniffing Technique: ARP Poisoning
      • 1 What Is Address Resolution Protocol (ARP)?
      • 2 ARP Spoofing Attack
      • 3 Threats of ARP Poisoning
      • 4 ARP Poisoning Tools
      • 5 How to Defend Against ARP Poisoning
      • 6 Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
      • 7 ARP Spoofing Detection Tools
    • Lesson 05- Sniffing Technique: Spoofing Attacks
      • 1 MAC Spoofing/Duplicating
      • 2 MAC Spoofing Technique: Windows
      • 3 MAC Spoofing Tools
      • 4 IRDP Spoofing
      • 5 How to Defend Against MAC Spoofing
    • Lesson 06- Sniffing Technique: DNS Poisoning
      • 1 DNS Poisoning Techniques
      • 2 How to Defend Against DNS Spoofing
    • Lesson 07- Sniffing Tools
      • 1 Sniffing Tool: Wireshark
      • 2 Sniffing Tools
      • 3 Packet Sniffing Tools for Mobile
    • Lesson 08- Countermeasures
      • 1 How to Defend Against Sniffing
    • Lesson 09- Sniffing Detection Techniques
      • 1 How to Detect Sniffing
      • 2 Sniffer Detection Techniques
      • 3 Promiscuous Detection Tools
    • Lesson 10- Sniffing Pen Testing
      • 1 Sniffing Penetration Testing
  • Module 09- Social Engineering
    • Lesson 01 - Social Engineering Concepts
      • 1 What is Social Engineering?
      • 2 Phases of a Social Engineering Attack
    • Lesson 02 - Social Engineering Techniques
      • 1 Types of Social Engineering
      • 2 Human-based Social Engineering
      • 3 Computer-based Social Engineering
      • 4 Mobile-based Social Engineering
    • Lesson 04 - Impersonation on Social Networking Sites
      • 1 Social Engineering Through Impersonation on Social Networking Sites
      • 2 Impersonation on Facebook
      • 3 Risks of Social Networking Threats to Corporate Networks
    • Lesson 05 - Identity Theft
      • 1 Identify Theft
    • Lesson 06 - Countermeasures
      • 1 Social Engineering Countermeasures
      • 2 Insider Threats Countermeasures
      • 3 Identity Theft Countermeasures
      • 4 How to Detect Phishing Emails
      • 5 Anti-Phishing Toolbar
      • 6 Common Social Engineering Targets and Defense Strategies
    • Lesson 07 - Social Engineering Penetration Testing
      • 1 Social Engineering Pen Testing
      • 2 Social Engineering Pen Testing Tools
    • Lesson 03- Insider Threats
      • 1 Insider Threat / Insider Attack
      • 2 Type of Insider Threats
  • Module 10- Denial-of-Service
    • Lesson 01 - DoS/DDoS Concepts
      • 1 What is Denial of Service Attack?
      • 2 What is Distributed Denial of Service Attack?
    • Lesson 02 - DoS/DDoS Attack Techniques
      • 1 Basic Categories of DoS/DDoS Attack Vectors
      • 2 UDP Flood Attack
      • 3 ICMP Flood Attack
      • 4 Ping of Death and Smurf Attack
      • 5 SYN Flood Attack
      • 6 Fragmentation Attack
      • 7 HTTP GET/POST and Slowloris Attacks
      • 8 Multi-Vector Attack
      • 9 Peer-to-Peer Attacks
      • 10 Permanent Denial-of-Service Attack
      • 11 Distributed Reflection Denial-of-Service (DRDoS)
    • Lesson 03 - Botnets
      • 1 Organized Cyber Crime: Organizational Chart
      • 2 Botnet
      • 3 A Typical Botnet Setup
      • 4 Botnet Ecosystem
      • 5 Scanning Methods for Finding Vulnerable Machines
      • 6 How Malicious Code Propagates?
      • 7 Botnet Trojan
    • Lesson 04 - DDoS Case Study
      • 1 DDoS Attack
      • 2 Hackers Advertise Links to Download Botnet
      • 3 Use of Mobile Devices as Botnets for Launching DDoS Attacks
      • 4 DDoS Case Study: Dyn DDoS Attack
    • Lesson 05 - DoS/DDoS Attack Tools
      • 1 DoS and DDoS Attack Tool
      • 2 DoS and DDoS Attack Tool for Mobile
    • Lesson 06 - Countermeasures
      • 1 Detection Techniques
      • 2 DoS/DDoS Countermeasure Strategies
      • 3 DDoS Attack Countermeasures
      • 4 Techniques to Defend against Botnets
      • 5 DoS/DDoS Countermeasures
      • 6 DoS/DDoS Protection at ISP Level
      • 7 Enabling TCP Intercept on Cisco IOS Software
    • Lesson 07 - DoS/DDoS Protection Tools
      • 1 Advanced DDoS Protection Appliances
      • 2 DoS/DDoS Protection Tools
    • Lesson 08 - DoS/DDoS Attack Penetration Testing
      • 1 Denial-of-Service (DoS) Attack Pen Testing
    • Module 11- Session Hijacking
      • Lesson 06- Penetration Testing
        • 1 Session Hijacking Pen Testing
  • Module 11- Session Hijacking
    • Lesson 01- Session Hijacking Concepts
      • 1 What is Session Hijacking?
      • 2 Why Session Hijacking is Successful?
      • 3 Session Hijacking Process
      • 4 Packet Analysis of a Local Session Hijack
      • 5 Types of Session Hijacking
      • 6 Session Hijacking in OSI Model
      • 7 Spoofing vs. Hijacking
    • Lesson 02- Application Level Session Hijacking
      • 1 Application Level Session Hijacking
      • 2 Compromising Session IDs using Sniffing and by Predicting Session Token
      • 3 Compromising Session IDs Using Man-in-the-Middle Attack
      • 4 Compromising Session IDs Using Man-in-the-Browser Attack
      • 5 Compromising Session IDs Using Client-side Attacks
      • 6 Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
      • 7 Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
      • 8 Compromising Session IDs Using Session Replay Attack
      • 9 Compromising Session IDs Using Session Fixation
      • 10 Session Hijacking Using Proxy Servers
      • 11 Session Hijacking Using CRIME Attack
      • 12 Session Hijacking Using Forbidden Attack
    • Lesson 03- Network Level Session Hijacking
      • 1 TCP/IP Hijacking
      • 2 IP Spoofing: Source Routed Packets
      • 3 RST Hijacking
      • 4 Blind Hijacking
      • 5 UDP Hijacking
      • 6 MiTM Attack Using Forged ICMP and ARP Spoofing
    • Lesson 04- Session Hijacking Tools
      • 1 Session Hijacking Tools
      • 2 Session Hijacking Tools For Mobile
    • Lesson 05- Countermeasures
      • 1 Session Hijacking Detection Methods
      • 2 Protecting against Session Hijacking
      • 3 Methods to Prevent Session Hijacking: To be Followed by Web Developers
      • 4 Methods to Prevent Session Hijacking: To be Followed by Web Users
      • 5 Session Hijacking Detection Tools
      • 6 Approaches Vulnerable to Session Hijacking and their Preventative Solutions
      • 7 Approaches to Prevent Session Hijacking
      • 8 IPSec
      • 9 Session Hijacking Prevention Tools
    • Lesson 06- Penetration Testing
      • 1 Session Hijacking Pen Testing
  • Module 12 - Evading IDS, Firewalls, and Honeypots
    • Lesson 01- IDS, Firewall and Honeypot Concepts
      • 1 Intrusion Detection System (IDS)
      • 2 Firewall
      • 3 Honeypot
    • Lesson 02- IDS, Firewall and Honeypot Solutions
      • 1 Intrusion Detection Tool
      • 2 Firewalls
      • 3 Honeypot Tools
    • Lesson 03- Evading IDS
      • 1 IDS Evasion Techniques
    • Lesson 04- Evading Firewalls
      • 1 Firewall Evasion Techniques
    • Lesson 05- IDS/Firewall Evading Tools
      • 1 IDS/Firewall Evasion Tools
      • 2 Packet Fragment Generator Tools
    • Lesson 06- Detecting Honeypots
      • 1 Detecting Honeypots
      • 2 Detecting and Defeating Honeypots
      • 3 Honeypot Detection Tool: Send-Safe Honeypot Hunte
    • Lesson 07- IDS/Firewall Evasion Countermeasures
      • 1 How to Defend Against IDS Evasion
      • 2 How to Defend Against Firewall Evasion
    • Lesson 08- Penetration Testing
      • Firewall/IDS Penetration Testing
  • Module 13- Hacking Web Servers
    • Lesson 01- Web Server Concepts
      • 1 Web Server Operations
      • 2 Open Source Web Server Architecture
      • 3 IIS Web Server Architecture
      • 4 Web Server Security Issue
      • 5 Why Web Servers Are Compromised?
      • 6 Impact of Web Server Attacks
    • Lesson 02- Web Server Attacks
      • 1 DoS/DDoS Attacks
      • 2 DNS Server Hijacking
      • 3 DNS Amplification Attack
      • 4 Directory Traversal Attacks
      • 5 Man-in-the-Middle/Sniffing Attack
      • 6 Phishing Attacks
      • 7 Website Defacement
      • 8 Web Server Misconfiguration
      • 9 HTTP Response Splitting Attack
      • 10 Web Cache Poisoning Attack
      • 11 SSH Brute Force Attack
      • 12 Web Server Password Cracking
      • 13 Web Application Attacks
    • Lesson 03- Web Server Attack Methodology
      • 1 Information Gathering
      • 2 Web Server Footprinting/Banner Grabbing
      • 3 Website Mirroring
      • 4 Vulnerability Scanning
      • 5 Session Hijacking
      • 6 Web Server Passwords Hacking
      • 7 Using Application Server as a Proxy
    • Lesson 04- Web Server Attack Tools
      • 1 Metasploit
      • 2 Web Server Attack Tools
    • Lesson 05- Countermeasures
      • 1 Place Web Servers in Separate Secure Server Security Segment on Network
      • 2 Countermeasures
      • 3 Detecting Web Server Hacking Attempts
      • 4 How to Defend Against Web Server Attacks
      • 5 How to Defend against HTTP Response Splitting and Web Cache Poisoning
      • 6 How to Defend against DNS Hijacking
    • Lesson 06- Patch Management
      • 1 Patches and Hotfixes
      • 2 What is Patch Management
      • 3 Installation of a Patch
      • 4 Patch Management Tools
    • Lesson 07- Web Server Security Tools
      • 1 Web Application Security Scanners
      • 2 Web Server Security Scanners
      • 3 Web Server Security Tools
    • Lesson 08- Web Server Pen Testing
      • 1 Web Server Penetration Testing
      • 2 Web Server Pen Testing Tools
  • Module 14- Hacking Web Applications
    • Lesson 01 - Web App Concepts
      • 1 Introduction to Web Applications
      • 2 Web Application Architecture
      • 3 Web 2.0 Applications
      • 4 Vulnerability Stack
    • Lesson 02 - Web App Threats
      • 1 OWASP Top 10 Application Security Risks – 2017
      • 2 Other Web Application Threats
    • Lesson 03 - Hacking Methodology
      • 1 Web App Hacking Methodology
      • 2 Footprint Web Infrastructure
      • 2 Attack Web Servers
      • 3 Analyze Web Applications
      • 4 Bypass Client-Side Controls
      • 5 Attack Authentication Mechanism
      • 6 Authorization Attack Schemes
      • 7 Attack Access Controls
      • 8 Attack Session Management Mechanism
      • 9 Perform Injection/Input Validation Attacks
      • 10 Attack Application Logic Flaws
      • 11 Attack Database Connectivity
      • 12 Attack Web App Client
      • 13 Attack Web Services
    • Lesson 04 - Web Application Hacking Tools
      • 1 Web Application Hacking Tools
    • Lesson 05 - Countermeasures
      • 1 Web Application Fuzz Testing
      • 2 Source Code Review
      • 3 Encoding Schemes
      • 4 How to Defend Against Injection Attacks
      • 5 Web Application Attack Countermeasures
      • 6 How to Defend Against Web Application Attacks
    • Lesson 06 - Web App Security Testing Tools
      • 1 Web Application Security Testing Tools
      • 2 Web Application Firewall
    • Lesson 07 - Web App Pen Testing
      • 1 Web Application Pen Testing
      • 2 Web Application Pen Testing Framework
  • Module 15- SQL Injection
    • Lesson 01 - SQL Injection Concepts
      • 1 What is SQL Injection?
      • 2 SQL Injection and Server-side Technologies
      • 3 Understanding HTTP POST Request
      • 4 Understanding Normal SQL Query
      • 5 Understanding an SQL Injection Query
      • 6 Understanding an SQL Injection Query – Code Analysis
      • 8 Example of a Web App Vulnerable to SQL Injection: BadProductList.aspx
      • 9 Example of a Web Application Vulnerable to SQL Injection: Attack Analysis
      • 10 Example of SQL Injection
    • Lesson 02 - Types of SQL Injection
      • 1 Types of SQL Injection
    • Lesson 03 - SQL Injection Methodology
      • 1 SQL Injection Methodology
    • Lesson 04 - SQL Injection Tools
      • 1 SQL Injection Tools
      • 2 SQL Injection Tools
      • 3 SQL Injection Tools for Mobile
    • Lesson 05 - Evasion Techniques
      • 1 Evading IDS
      • 2 Types of Signature Evasion Techniques
    • Lesson 06 - Countermeasures
      • 1 How to Defend Against SQL Injection Attacks?
      • 2 SQL Injection Detection Tools
      • 3 SQL Injection Detection Tools
  • Module 16- Hacking Wireless Networks
    • Lesson 01 - Wireless Concepts
      • 1 Wireless Terminologies
      • 2 Wireless Networks
      • 3 Wireless Standards
      • 4 Service Set Identifier (SSID)
      • 5 Wi-Fi Authentication Modes
      • 6 Wi-Fi Authentication Process Using a Centralized Authentication Server
      • 7 Types of Wireless Antenna
    • Lesson 02 - Wireless Encryption
      • 1 Types of Wireless Encryption
      • 2 WEP vs. WPA vs. WPA2
      • 3 WEP Issues
      • 4 Weak Initialization Vectors (IV)
    • Lesson 03 - Wireless Threats
      • 1 Wireless Threats
    • Lesson 04 - Wireless Hacking Methodology
      • 1 Wireless Hacking Methodology
    • Lesson 05 - Wireless Hacking Tools
      • 1 WEP/WPA Cracking Tools
      • 2 WEP/WPA Cracking Tool for Mobile
      • 3 Wi-Fi Sniffer
      • 4 Wi-Fi Traffic Analyzer Tools
      • 5 Other Wireless Hacking Tools
    • Lesson 06 - Bluetooth Hacking
      • 1 Bluetooth Stack
      • 2 Bluetooth Hacking
      • 3 Bluetooth Threats
      • 4 How to BlueJack a Victim?
      • 4 Bluetooth Hacking Tools
    • Lesson 07 - Countermeasures
      • 1 Wireless Security Layers
      • 2 How to Defend Against WPA/WPA2 Cracking
      • 3 How to Defend Against KRACK Attacks
      • 4 How to Detect and Block Rogue AP
      • 5 How to Defend Against Wireless Attacks
      • 6 How to Defend Against Bluetooth Hacking
    • Lesson 08 - Wireless Security Tools
      • 1 Wireless Intrusion Prevention Systems
      • 2 Wireless IPS Deployment
      • 3 Wi-Fi Security Auditing Tool
      • 4 Wi-Fi Intrusion Prevention System
      • 5 Wi-Fi Predictive Planning Tools
      • 6 Wi-Fi Vulnerability Scanning Tools
      • 7 Bluetooth Security Tool
      • 8 Wi-Fi Security Tools for Mobile
    • Lesson 09 - Wi-Fi Pen Testing
      • 1 Wireless Penetration Testing
      • 2 Wireless Penetration Testing Framework
  • Module 17- Hacking Mobile Platforms
    • Lesson 01- Mobile Platform Attack Vectors
      • 1 Vulnerable Areas in Mobile Business Environment
      • 2 OWASP Top 10 Mobile Risks - 2016
      • 3 Anatomy of a Mobile Attack
      • 4 How a Hacker can Profit from Mobile when Successfully Compromised
      • 5 Mobile Attack Vectors and Mobile Platform Vulnerabilities
      • 6 Security Issues Arising from App Stores
      • 7 App Sandboxing Issues
      • 8 Mobile Spam
      • 9 SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
      • 10 Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections
    • Lesson 02- Hacking Android OS
      • 1 Android OS
      • 2 Android Rooting
      • 3 Blocking Wi-Fi Access using NetCut
      • 4 Hacking with zANTI
      • 5 Hacking Networks Using Network Spoofer
      • 6 Launching DoS Attack using Low Orbit Ion Cannon (LOIC)
      • 7 Performing Session Hijacking Using DroidSheep
      • 8 Hacking with Orbot Proxy
      • 9 Android-based Sniffers
      • 10 Android Trojans
      • 11 Securing Android Devices
      • 12 Android Security Tool: Find My Device
      • 13 Android Security Tools
      • 14 Android Vulnerability Scanner
      • 15 Android Device Tracking Tools
    • Lesson 03- Hacking iOS
      • 1 Apple iOS
      • 2 Jailbreaking iOS
      • 3 iOS Trojans
      • 4 Guidelines for Securing iOS Devices
      • 5 iOS Device Tracking Tools
      • 6 iOS Device Security Tools
    • Lesson 04- Mobile Spyware
      • 1 Mobile Spyware
      • 2 Mobile Spyware: mSpy
      • 3 Mobile Spywares
    • Lesson 05- Mobile Device Management
      • 1 Mobile Device Management (MDM)
      • 2 Mobile Device Management Solutions
      • 3 Bring Your Own Device (BYOD)
    • Lesson 06- Mobile Security Guidelines and Tools
      • 1 General Guidelines for Mobile Platform Security
      • 2 Mobile Device Security Guidelines for Administrator
      • 3 SMS Phishing Countermeasures
      • 4 Mobile Protection Tools
      • 5 Mobile Anti-Spyware
    • Lesson 07- Mobile Pen Testing
      • 1 Android Phone Pen Testing
      • 2 iPhone Pen Testing
      • 3 Mobile Pen Testing Toolkit: Hackode
  • Module 18- IoT Hacking
    • Lesson 01- IoT Concepts
      • 1 What is IoT
      • 2 How IoT Works
      • 3 IoT Architecture
      • 4 IoT Application Areas and Devices
      • 5 IoT Technologies and Protocols
      • 6 IoT Communication Models
      • 7 Challenges of IoT
      • 8 Threat vs Opportunity
    • Lesson 02- IoT Attacks
      • 1 IoT Security Problems
      • 2 OWASP Top 10 IoT Vulnerabilities and Obstacles
      • 3 IoT Attack Surface Areas
      • 4 IoT Threats
      • 5 Hacking IoT Devices: General Scenario
      • 6 IoT Attacks
      • 7 IoT Attacks in Different Sectors
    • Lesson 03- IoT Hacking Methodology
      • 1 What is IoT Device Hacking?
      • 2 IoT Hacking Methodology
    • Lesson 04- IoT Hacking Tools
      • 1 Information Gathering Tools
      • 2 Sniffing Tools
      • 3 Vulnerability Scanning Tools
      • 4 IoT Hacking Tools
    • Lesson 05- Countermeasures
      • 1 How to Defend Against IoT Hacking
      • 2 General Guidelines for IoT Device Manufacturing Companies
      • 3 OWASP Top 10 IoT Vulnerabilities Solutions
      • 4 IoT Framework Security Considerations
      • 5 IoT Security Tools
    • Lesson 06- IoT Pen Testing
      • 1 IoT Pen Testing
  • Module 19- Cloud Computing
    • Lesson 01 - Cloud Computing Concepts
      • 1 Introduction to Cloud Computing
      • 2 Separation of Responsibilities in Cloud
      • 3 Cloud Deployment Models
      • 4 NIST Cloud Computing Reference Architecture
      • 5 Cloud Computing Benefits
      • 6 Understanding Virtualization
    • Lesson 02 - Cloud Computing Threats
      • 1 Cloud Computing Threats
    • Lesson 03 - Cloud Computing Attacks
      • 1 Service Hijacking using Social Engineering Attacks
      • 2 Service Hijacking using Network Sniffing
      • 3 Session Hijacking using XSS Attack
      • 4 Session Hijacking using Session Riding
      • 5 Domain Name System (DNS) Attacks
      • 6 Side Channel Attacks or Cross-guest VM Breaches
      • 7 SQL Injection Attacks
      • 8 Cryptanalysis Attacks
      • 9 Wrapping Attack
      • 10 Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
      • 11 Man-in-the-Cloud Attack
    • Lesson 04 - Cloud Security
      • 1 Cloud Security Control Layers
      • 2 Cloud Security is the Responsibility of both Cloud Provider and Consumer
      • 3 Cloud Computing Security Considerations
      • 4 Placement of Security Controls in the Cloud
      • 5 Best Practices for Securing Cloud
      • 6 NIST Recommendations for Cloud Security
      • 7 Organization/Provider Cloud Security Compliance Checklist
    • Lesson 05 - Cloud Security Tools
      • 1 Cloud Security Tools
    • Lesson 06 - Cloud Penetration Testing
      • 1 What is Cloud Pen Testing?
      • 2 Key Considerations for Pen Testing in the Cloud
      • 3 Cloud Penetration Testing
      • 4 Recommendations for Cloud Testing
  • Module 20- Cryptography
    • Lesson 01- Cryptography Concepts
      • 1 Cryptography
      • 2 Government Access to Keys (GAK)
    • Lesson 02- Encryption Algorithms
      • 1 Ciphers
      • 2 Data Encryption Standard (DES)
      • 3 Advanced Encryption Standard (AES)
      • 4 RC4, RC5, and RC6 Algorithms
      • 5 Twofish
      • 6 The DSA and Related Signature Schemes
      • 7 Rivest Shamir Adleman (RSA)
      • 8 Diffie-Hellman
      • 9 Message Digest (One-Way Hash) Functions
    • Lesson 03- Cryptography Tools
      • 1 MD5 Hash Calculators
      • 2 Hash Calculators for Mobile
      • 3 Cryptography Tools
      • 4 Cryptography Tools for Mobile
    • Lesson 04- Public Key Infrastructure (PKI)
      • 1 Public Key Infrastructure (PKI)
    • Lesson 05- Email Encryption
      • 1 Digital Signature
      • 2 Secure Sockets Layer (SSL)
      • 3 Transport Layer Security (TLS)
      • 4 Cryptography Toolkit
      • 5 Pretty Good Privacy (PGP)
    • Lesson 06- Disk Encryption
      • 1 Disk Encryption
      • 2 Disk Encryption Tools
    • Lesson 07- Cryptanalysis
      • 1 Cryptanalysis Methods
      • 2 Code Breaking Methodologies
      • 3 Cryptography Attacks
      • 4 Cryptanalysis Tools
      • 5 Online MD5 Decryption Tools
    • Lesson 08- Countermeasures
      • 1 How to Defend Against Cryptographic Attacks
  • Free Course
    • {{childObj.title}}
      • {{childObj.childSection.chapter_name}}
        • {{lesson.title}}
      • {{lesson.title}}

    View More

    View Less

Exam & certification

  • What are the prerequisites for the certification?

    For CEH (Certified Ethical Hacker) training and certification, there is no specific eligibility criteria but we recommend basic knowledge of TCP/IP.

  • What do I need to do to unlock my Simplilearn certificate?

    Attend one complete class of the course.

Reviews

Vikas Chourasiya
Vikas Chourasiya Principal Security Engineer @ Blue Jeans Network, Bangalore

I understood many networking concepts and cleared many doubts about penetration testing. This is just a start and I need to practice all the tools that are taught in the course to make a career in the security domain. The instructor is knowledgeable and was able to guide me very well.

Read more Read less
Kallol Kumar Mondal
Kallol Kumar Mondal Senior Consultant, GRC @ Wipro, Bangalore

Good, I would like refer my friend for the same course.

Pradeep Varadarajan
Pradeep Varadarajan Bangalore

It was really a fantastic program.

Praveen Valliavalapil
Praveen Valliavalapil Bangalore

The course took me to the next level of awarness - A must for cyber security professionals that need to adopt with defensive and offensive techniques.

Read more Read less
Dhiraj Kumar
Dhiraj Kumar Bangalore

The course was very nice, learned many new things. The tutor was nice and useful.

Anand Kumar
Anand Kumar Bangalore

Experienced faculty and excellent facility to make learning enjoyable and enrich.

Habib Ulla Khan GS
Habib Ulla Khan GS Bangalore

The training module is been very well structured and delivered. Trainer has been practical working in real time and helped me to get more information on real time security information. Overall feedback, Very Good.

Read more Read less
Sooraj C
Sooraj C Bangalore

Excellent training delivered by Simplilearn.

View More View Less

Course advisor

Dean Pompilio
Dean Pompilio Technical Trainer, Owner- Steppingstonesolutions Inc

Mr Pompilio has been an IT Professional since 1989.He has worn many hats along the way and holds over 20 IT certifications which include EC-Council CEI, CEH, CHFI, CISSP, CISA, CISM.. His passion is to help IT professionals achieve their training goals and career growth.

FAQs

  • How are the Labs conducted?

    Labs are conducted on EC Council-designed iLabs. The access period is for six months.

  • Who are our instructors and how are they selected?

    All of our highly qualified trainers are CEH (v10) certified with at least 15 years of experience in training and working in the areas of cybersecurity and IT service and architecture. Each of them has gone through a rigorous selection process that includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating remain on our faculty.

  • Is the exam fee included in the course fee?

    Yes, the CEH exam fee is included in the course fee.

  • Is this live training, or will I watch pre-recorded videos?

    The courses are conducted via live virtual classrooms (LVC). They are interactive sessions that enable you to ask questions and participate in discussions during class time. We do, however, provide recordings of each session you attend for your future reference. Classes are attended by a global audience to enrich your learning experience.

  • What tools do I need to attend the training sessions?

    The tools you’ll need to attend training are:
    • Windows: Windows XP SP3 or higher
    • Mac: OSX 10.6 or higher
    • Internet speed: Preferably 512 Kbps or higher
    • Headset, speakers and microphone: You’ll need headphones or speakers to hear instruction clearly, as well as a microphone to talk to others. You can use a headset with a built-in microphone, or separate speakers and microphone.

  • I am not able to access the online course. Who can help me?

    Contact us using the form on the right of any page on the Simplilearn website, select the Live Chat link or contact Help & Support.

  • What is Global Teaching Assistance?

    Our teaching assistants are a dedicated team of subject matter experts here to help you get certified in your first attempt. They engage students proactively to ensure the course path is being followed and help you enrich your learning experience, from class onboarding to project mentoring and job assistance. Teaching Assistance is available during business hours.

  • What is covered under the 24/7 Support promise?

    We offer 24/7 support through email, chat, and calls. We also have a dedicated team that provides on-demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.

  • How can I learn more about this training program?

    Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives can provide you with more details.

  • How do I become a CEH certified professional?

    To become a certified ethical hacker, you’ll want to follow these steps:
    1. Register for the Simplilearn CEH training
    2. Complete the online classroom training program
    3. Practice your techniques on the EC-Council designed ILabs platform
    4. Take the certification exam online
    5. Once you complete the course work and pass the exam, you will become a certified ethical hacking professional.

  • How much does CEH Training cost?

    The CEH training offered by Simplilearn costs $2,899 USD or 34,999 rupees in India. 

  • Where can I take EC-Council exams?

    Simplilearn provides an online exam voucher with the training package, allowing learners to take the certification exam remotely using their computer. The computer must have a webcam and a running Internet connection.

  • Where can I get my certificates of attendance (COA) if I have completed my training through an EC-Council authorized channel?

    The certificates of attendance (COA) can be downloaded from Aspen using your evaluation code, which would have either been emailed to you from EC-Council or is printed on the first page of your courseware. If you cannot find your code you can submit a request to Simplilearn team through the LMS for assistance.

  • Can I review my answers during the examination?

    Yes, you can review your answers before final submission.

  • How long is the CEH certification valid for?

    The CEH certification is valid for three years. You must earn 120 ECE credits to maintain the certification

  • How many questions are on the CEH exam?

    There are 125 questions on the CEH certification exam.

  • How much time will I have to complete the CEH exam?

    The exam duration is four hours.

  • Can I request for a refund if I fail the test?

    No, a refund is not possible if you fail the certification exam

  • Am I required to sign any agreement prior to the exam?

    Yes, EC-Council has developed a number of policies to support the goals of the EC-Council certification program, including: 1. Non-Disclosure agreement (NDA), 2. EC-Council Certification Agreement, and 3. Security and Integrity Policy.

  • I took training at an Accredited Training Center like Simplilearn but I want to take the online exam remotely in another country. Is this possible?

    Simplilearn provides ProctorU vouchers with the training, allowing you to take the final exam from anywhere in the world with a working computer and Internet connection.

  • How long do I need to wait for my EC-Council certificate after I take the exam?

    Your digital certificate will be available to download between 7-10 days from the date of certification in your Aspen account.

  • How many times can I retake the exam if I don’t pass the first time?

    If you fail the exam in your first attempt, you are allowed four retakes in 12 months with a 14 day waiting period between each attempt. After that, you must wait for 12 months before the next retake.

  • How much does a Certified Ethical Hacker make?

    CEH professionals on an average make $92,000 in the U.S.

View More View Less

    Contact Us

    +65 3158 5082

    People Also Bought

    CISSP<sup>®</sup>- Certified Information Systems Security Professional CISSP®- Certified Information Systems Security Professional Course Explore
    CISA<sup>®</sup>- Certified Information Systems Auditor CISA®- Certified Information Systems Auditor Course Explore
    CISM<sup>®</sup>- Certified Information Security Manager CISM®- Certified Information Security Manager Course Explore
    CompTIA Security+ 501 CompTIA Security+ 501 Course Explore
    COBIT<sup>®</sup>5- Control Objectives for Information and Related Technologies COBIT®5- Control Objectives for Information and Related Technologies Course Explore
    Choose your Location

    Let us know your convenient schedule

    Name *
    Email *
    Phone Number
    Date (MM/DD/YYYY)
    • Disclaimer
    • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.
    Help and Support