CEH (v10) - Certified Ethical Hacker Training in Colombo, Sri Lanka
This Ethical Hacking Course in Colombo will train you on the advanced step-by-step methodologies that hackers actually use, such as writing virus codes, and reverse engineering, so you can better protect corporate infrastructure from data breaches. You’ll master advanced network packet analysis, securing web servers, malware threats, and advanced system penetration testing techniques to build your network security skillset and beat hackers at their own game.
Accreditation with
Ethical Hacking Course Overview
Simplilearn’s CEH certification training course provides you the hands-on training required to master the techniques hackers use to penetrate network systems and fortify your system against it. This ethical hacking course is aligned with the latest CEH v10 by EC-Council and will adequately prepare you to increase your blue team skills.
CEH Course Key Features
100% Money Back Guarantee
100% money-back guarantee*
Our training course comes with a 100% money-back guarantee. Simplilearn believes in our highly effective blended learning methodology and its ability to provide learners with the knowledge and confidence to pass the CEH Exam in the first attempt.
Valid only in INDIA, AFRICA & INDIAN Subcontinent.
No questions asked refund*
At Simplilearn, we value the trust of our patrons immensely. But, if you feel that a course does not meet your expectations, we offer a 7-day money-back guarantee. Just send us a refund request via email within 7 days of purchase and we will refund 100% of your payment, no questions asked!
Our training course comes with a 100% money-back guarantee. Simplilearn believes in our highly effective blended learning methodology and its ability to provide learners with the knowledge and confidence to pass the CEH Exam in the first attempt.
Valid only in INDIA, AFRICA & INDIAN Subcontinent.
No questions asked refund*
At Simplilearn, we value the trust of our patrons immensely. But, if you feel that a course does not meet your expectations, we offer a 7-day money-back guarantee. Just send us a refund request via email within 7 days of purchase and we will refund 100% of your payment, no questions asked!
- 40 hours of blended learning
- Accredited training partner of EC-Council
- 6 months free access to CEHv10 iLabs
- Study material by EC-Council (e-kit)
- 20 current security domains
- Covers 340 attack technologies
Skills Covered
- Trojans, backdoors, and countermeasures
- IDS, firewalls, and honeypots
- Advanced hacking concepts
- Network packet analysis
- Mobile and web technologies
- Advanced log management
Ethical Hacking Course Curriculum
Eligibility
This ethical hacking course is for network security officers and practitioners, site administrators, IS/IT specialists and analysts, IS/IT auditors, IT operations managers, IT security officers, network specialists, technical support engineers, senior systems engineers, and systems analysts.
Pre-requisites
There are no prerequisites to take up this ethical hacking certification training course.
Course Content
Module 01- Introduction to Ethical Hacking
PreviewLesson 01 - Information Security Overview
22:30Preview1 Demo of Aspen and iLabs
22:302 Internet is Integral Part of Business and Personal Life - What Happens Online in 60 Seconds
3 Essential Terminology
4 Elements of Information Security
5 The Security, Functionality, and Usability Triangle
Lesson 02 - Information Security Threats and Attack Vectors
01:56Preview1 Motives, Goals, and Objectives of Information Security Attacks
2 Top Information Security Attack Vectors
3 Information Security Threat Categories
4 Types of Attacks on a System
01:565 Information Warfare
Lesson 06 - Penetration Testing Concepts
1 Penetration Testing
2 Why Penetration Testing
3 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
4 Blue Teaming/Red Teaming
5 Types of Penetration Testing
6 Phases of Penetration Testing
7 Security Testing Methodology
Lesson 03 - Hacking Concepts
01:29Preview1 What is Hacking
01:292 Who is a Hacker?
3 Hacker Classes
4 Hacking Phases
Lesson 04 - Ethical Hacking Concepts
1 What is Ethical Hacking?
2 Why Ethical Hacking is Necessary
3 Scope and Limitations of Ethical Hacking
4 Skills of an Ethical Hacker
Lesson 05 - Information Security Controls
1 Information Assurance (IA)
2 Information Security Management Program
4 Enterprise Information Security Architecture (EISA)
5 Network Security Zoning
6 Defense in Depth
7 Information Security Policies
8 Physical Security
10 What is Risk?
11 Threat Modeling
12 Incident Management
13 Security Incident and Event Management (SIEM)
14 User Behavior Analytics (UBA)
15 Network Security Controls
16 Identity and Access Management (IAM)
17 Data Leakage
18 Data Backup
19 Data Recovery
20 Role of AI/ML in Cyber Security
Lesson 07 - Information Security Laws and Standards
1 Payment Card Industry Data Security Standard (PCI-DSS)
2 ISO/IEC 27001:2013
3 Health Insurance Portability and Accountability Act (HIPAA)
4 Sarbanes Oxley Act (SOX)
5 The Digital Millennium Copyright Act (DMCA)
6 Federal Information Security Management Act (FISMA)
7 Cyber Law in Different Countries
Module 02- Footprinting and Reconnaissance
PreviewLesson 01 - Footprinting Concepts
01:04Preview1 What is Footprinting?
01:042 Objectives of Footprinting
Lesson 02 - Footprinting through Search Engines
18:51Preview1 Footprinting through Search Engines
12:092 Footprinting using Advanced Google Hacking Techniques
3 Information Gathering Using Google Advanced Search and Image Search
4 Google Hacking Database
06:425 VoIP and VPN Footprinting through Google Hacking Database
Lesson 03 - Footprinting through Web Services
08:371 Finding Company’s Top-level Domains (TLDs) and Sub-domains
2 Finding the Geographical Location of the Target
3 People Search on Social Networking Sites and People Search Services
07:414 Gathering Information from LinkedIn
5 Gather Information from Financial Services
6 Footprinting through Job Sites
00:567 Monitoring Target Using Alerts
8 Information Gathering Using Groups, Forums, and Blogs
9 Determining the Operating System
10 VoIP and VPN Footprinting through SHODAN
Lesson 04 - Footprinting through Social Networking Sites
1 Collecting Information through Social Engineering on Social Networking Sites
Lesson 05 - Website Footprinting
08:21Preview1 Website Footprinting
08:212 Website Footprinting using Web Spiders
3 Mirroring Entire Website
4 Extracting Website Information from https://archive.org
5 Extracting Metadata of Public Documents
6 Monitoring Web Pages for Updates and Changes
Lesson 06- Email Footprinting
37:011 Tracking Email Communications
37:012 Collecting Information from Email Header
3 Email Tracking Tools
Lesson 07- Competitive Intelligence
00:501 Competitive Intelligence Gathering
00:502 Competitive Intelligence - When Did this Company Begin? How Did it Develop?
3 Competitive Intelligence - What Are the Company's Plans?
4 Competitive Intelligence - What Expert Opinions Say About the Company
5 Monitoring Website Traffic of Target Company
6 Tracking Online Reputation of the Target
Lesson 08- Whois Footprinting
42:371 Whois Lookup
12:112 Whois Lookup Result Analysis
30:263 Whois Lookup Tools
4 Finding IP Geolocation Information
Lesson 09- DNS Footprinting
1 Extracting DNS Information
2 DNS Interrogation Tools
Lesson 10- Network Footprinting
1 Locate the Network Range
2 Traceroute
3 Traceroute
4 Traceroute Tools
Lesson 11- Footprinting through Social Engineering
09:171 Footprinting through Social Engineering
09:172 Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
Lesson 12- Footprinting Tools
1 Maltego
2 Recon-ng
3 FOCA
4 Recon-Dog
5 OSRFramework
6 Additional Footprinting Tools
Lesson 13- Countermeasures
00:571 Footprinting Countermeasures
00:57
Lesson 14- Footprinting Pen Testing
1 Footprinting Pen Testing
2 Footprinting Pen Testing Report Templates
Module 03- Scanning Networks
PreviewLesson 01 - Network Scanning Concepts
1 Overview of Network Scanning
2 TCP Communication Flags
3 TCP/IP Communication
4 Creating Custom Packet Using TCP Flags
5 Scanning in IPv6 Networks
Lesson 02 - Scanning Tools
1 Nmap
2 Hping2 / Hping3
3 Scanning Tools
4 Scanning Tools for Mobile
Lesson 03- Scanning Techniques
1 Scanning Technique
2 Port Scanning Countermeasures
Lesson 04- Scanning Beyond IDS and Firewall
1 IDS/Firewall Evasion Techniques
Lesson 05- Banner Grabbing
06:25Preview1 Banner Grabbing
03:192 How to Identify Target System OS
03:063 Banner Grabbing Countermeasures
Lesson 06- Draw Network Diagrams
1 Draw Network Diagrams
2 Network Discovery and Mapping Tools
3 Network Discovery Tools for Mobile
Lesson 07- Scanning Pen Testing
1 Scanning Pen Testing
Module 04- Enumeration
PreviewLesson 01 - Enumeration Concepts
1 What is Enumeration?
2 Techniques for Enumeration
3 Services and Ports to Enumerate
Lesson 02 - NetBIOS Enumeration
14:40Preview1 NetBIOS Enumeration
14:402 NetBIOS Enumeration Tool
3 Enumerating User Accounts
4 Enumerating Shared Resources Using Net View
Lesson 03 - SNMP Enumeration
06:20Preview1 SNMP (Simple Network Management Protocol) Enumeration
06:202 Working of SNMP
3 Management Information Base (MIB)
4 SNMP Enumeration Tools
Lesson 04 - LDAP Enumeration
05:45Preview1 LDAP Enumeration
05:452 LDAP Enumeration Tools
Lesson 05 - NTP Enumeration
03:59Preview1 NTP Enumeration
03:592 NTP Enumeration Commands
2 NTP Enumeration Tools
Lesson 06 - SMTP Enumeration and DNS Enumeration
17:211 SMTP Enumeration
17:212 SMTP Enumeration Tools
3 DNS Enumeration Using Zone Transfer
Lesson 08 - Enumeration Countermeasures
1 Enumeration Countermeasures
Lesson 07 - Other Enumeration Techniques
1 IPsec Enumeration
2 VoIP Enumeration
3 RPC Enumeration
4 Unix/Linux User Enumeration
Lesson 09 - Enumeration Pen Testing
1 Enumeration Pen Testing
Module 05- Vulnerability Analysis
1 Enumeration Pen Testing
Module 05- Vulnerability Analysis
PreviewLesson 01- Vulnerability Assessment Concepts
1 Vulnerability Research
2 Vulnerability Classification
3 What is Vulnerability Assessment?
4 Types of Vulnerability Assessment
5 Vulnerability-Management Life Cycle
Lesson 02- Vulnerability Assessment Solutions
1 Comparing Approaches to Vulnerability Assessment
2 Working of Vulnerability Scanning Solutions
3 Types of Vulnerability Assessment Tools
4 Characteristics of a Good Vulnerability Assessment Solution
5 Choosing a Vulnerability Assessment Tool
6 Criteria for Choosing a Vulnerability Assessment Tool
7 Best Practices for Selecting Vulnerability Assessment Tools
Lesson 03- Vulnerability Scoring Systems
1 Common Vulnerability Scoring System (CVSS)
2 Common Vulnerabilities and Exposures (CVE)
3 National Vulnerability Database (NVD)
4 Resources for Vulnerability Research
Lesson 04- Vulnerability Assessment Tools
1 Vulnerability Assessment Tools
2 Vulnerability Assessment Tools for Mobile
Lesson 05- Vulnerability Assessment Reports
1 Vulnerability Assessment Reports
2 Analyzing Vulnerability Scanning Report
Module 06- System Hacking
PreviewLesson 01- System Hacking Concepts
1 CEH Hacking Methodology (CHM)
2 System Hacking Goals
Lesson 02- Cracking Passwords
1 Password Cracking
2 Types of Password Attacks
3 Password Recovery Tools
4 Microsoft Authentication
5 How Hash Passwords Are Stored in Windows SAM?
6 NTLM Authentication Process
7 Kerberos Authentication
8 Password Salting
9 Tools to Extract the Password Hashes
10 Password Cracking Tools
11 How to Defend against Password Cracking
12 How to Defend against LLMNR/NBT-NS Poisoning
Lesson 03- Escalating Privileges
1 Privilege Escalation
2 Privilege Escalation Using DLL Hijacking
3 Privilege Escalation by Exploiting Vulnerabilities
4 Privilege Escalation Using Dylib Hijacking
5 Privilege Escalation using Spectre and Meltdown Vulnerabilities
6 Other Privilege Escalation Techniques
7 How to Defend Against Privilege Escalation
Lesson 04- Executing Applications
1 Executing Applications
2 Keylogger
3 Spyware
4 How to Defend Against Keyloggers
5 How to Defend Against Spyware
Lesson 05- Hiding Files
1 Rootkits
2 NTFS Data Stream
3 What is Steganography?
Lesson 06- Covering Tracks
1 Covering Tracks
2 Disabling Auditing: Auditpol
3 Clearing Logs
4 Manually Clearing Event Logs
5 Ways to Clear Online Tracks
6 Covering BASH Shell Tracks
7 Covering Tracks on Network
8 Covering Tracks on OS
9 Covering Tracks Tools
Lesson 07- Penetration Testing
1 Password Cracking
2 Privilege Escalation
3 Executing Applications
4 Hiding Files
5 Covering Tracks
Module 07- Malware Threats
PreviewLesson 01- Malware Concepts
1 Introduction to Malware
2 Different Ways a Malware can Get into a System
3 Common Techniques Attackers Use to Distribute Malware on the Web
4 Components of Malware
Lesson 02- Trojan Concepts
1 What is a Trojan?
2 How Hackers Use Trojans
3 Common Ports used by Trojans
4 How to Infect Systems Using a Trojan
5 Trojan Horse Construction Kit
6 Wrappers
7 Crypters
8 How Attackers Deploy a Trojan
9 Exploit Kits
10 Evading Anti-Virus Techniques
11 Types of Trojans
Lesson 03- Virus and Worm Concepts
1 Introduction to Viruses
2 Stages of Virus Life
3 Working of Viruses
4 Indications of Virus Attack
5 How does a Computer Get Infected by Viruses
6 Virus Hoaxes
7 Fake Antiviruses
8 Ransomware
9 Types of Viruses
10 Creating Virus
11 Computer Worms
12 Worm Makers
Lesson 04- Malware Analysis
1 What is Sheep Dip Computer?
2 Anti-Virus Sensor Systems
3 Introduction to Malware Analysis
4 Malware Analysis Procedure: Preparing Testbed
5 Static Malware Analysis
6 Dynamic Malware Analysis
7 Virus Detection Methods
8 Trojan Analysis: ZeuS/Zbot
9 Virus Analysis: WannaCry
Lesson 05- Countermeasures
1 Trojan Countermeasures
2 Backdoor Countermeasures
3 Virus and Worms Countermeasures
Lesson 06- Anti-Malware Software
1 Anti-Trojan Software
2 Antivirus Software
Lesson 07- Malware Penetration Testing
1 Malware Penetration Testing
Module 08- Sniffing
PreviewLesson 01- Sniffing Concepts
1 Network Sniffing
2 Types of Sniffing
3 How an Attacker Hacks the Network Using Sniffers
4 Protocols Vulnerable to Sniffing
5 Sniffing in the Data Link Layer of the OSI Model
6 Hardware Protocol Analyzers
7 SPAN Port
8 Wiretapping
9 Lawful Interception
Lesson 02- Sniffing Technique: MAC Attacks
1 MAC Address/CAM Table
2 How CAM Works
3 What Happens When CAM Table Is Full?
4 MAC Flooding
5 Switch Port Stealing
6 How to Defend against MAC Attacks
Lesson 03- Sniffing Technique: DHCP Attacks
1 How DHCP Works
2 DHCP Request/Reply Messages
3 DHCP Starvation Attack
4 Rogue DHCP Server Attack
5 How to Defend Against DHCP Starvation and Rogue Server Attack
Lesson 04- Sniffing Technique: ARP Poisoning
1 What Is Address Resolution Protocol (ARP)?
2 ARP Spoofing Attack
3 Threats of ARP Poisoning
4 ARP Poisoning Tools
5 How to Defend Against ARP Poisoning
6 Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
7 ARP Spoofing Detection Tools
Lesson 05- Sniffing Technique: Spoofing Attacks
1 MAC Spoofing/Duplicating
2 MAC Spoofing Technique: Windows
3 MAC Spoofing Tools
4 IRDP Spoofing
5 How to Defend Against MAC Spoofing
Lesson 06- Sniffing Technique: DNS Poisoning
1 DNS Poisoning Techniques
2 How to Defend Against DNS Spoofing
Lesson 07- Sniffing Tools
1 Sniffing Tool: Wireshark
2 Sniffing Tools
3 Packet Sniffing Tools for Mobile
Lesson 08- Countermeasures
1 How to Defend Against Sniffing
Lesson 09- Sniffing Detection Techniques
1 How to Detect Sniffing
2 Sniffer Detection Techniques
3 Promiscuous Detection Tools
Lesson 10- Sniffing Pen Testing
1 Sniffing Penetration Testing
Module 09- Social Engineering
PreviewLesson 01 - Social Engineering Concepts
1 What is Social Engineering?
2 Phases of a Social Engineering Attack
Lesson 02 - Social Engineering Techniques
1 Types of Social Engineering
2 Human-based Social Engineering
3 Computer-based Social Engineering
4 Mobile-based Social Engineering
Lesson 04 - Impersonation on Social Networking Sites
1 Social Engineering Through Impersonation on Social Networking Sites
2 Impersonation on Facebook
3 Risks of Social Networking Threats to Corporate Networks
Lesson 05 - Identity Theft
1 Identify Theft
Lesson 06 - Countermeasures
1 Social Engineering Countermeasures
2 Insider Threats Countermeasures
3 Identity Theft Countermeasures
4 How to Detect Phishing Emails
5 Anti-Phishing Toolbar
6 Common Social Engineering Targets and Defense Strategies
Lesson 07 - Social Engineering Penetration Testing
1 Social Engineering Pen Testing
2 Social Engineering Pen Testing Tools
Lesson 03- Insider Threats
1 Insider Threat / Insider Attack
2 Type of Insider Threats
Module 10- Denial-of-Service
PreviewLesson 01 - DoS/DDoS Concepts
1 What is Denial of Service Attack?
2 What is Distributed Denial of Service Attack?
Lesson 02 - DoS/DDoS Attack Techniques
1 Basic Categories of DoS/DDoS Attack Vectors
2 UDP Flood Attack
3 ICMP Flood Attack
4 Ping of Death and Smurf Attack
5 SYN Flood Attack
6 Fragmentation Attack
7 HTTP GET/POST and Slowloris Attacks
8 Multi-Vector Attack
9 Peer-to-Peer Attacks
10 Permanent Denial-of-Service Attack
11 Distributed Reflection Denial-of-Service (DRDoS)
Lesson 03 - Botnets
1 Organized Cyber Crime: Organizational Chart
2 Botnet
3 A Typical Botnet Setup
4 Botnet Ecosystem
5 Scanning Methods for Finding Vulnerable Machines
6 How Malicious Code Propagates?
7 Botnet Trojan
Lesson 04 - DDoS Case Study
1 DDoS Attack
2 Hackers Advertise Links to Download Botnet
3 Use of Mobile Devices as Botnets for Launching DDoS Attacks
4 DDoS Case Study: Dyn DDoS Attack
Lesson 05 - DoS/DDoS Attack Tools
1 DoS and DDoS Attack Tool
2 DoS and DDoS Attack Tool for Mobile
Lesson 06 - Countermeasures
1 Detection Techniques
2 DoS/DDoS Countermeasure Strategies
3 DDoS Attack Countermeasures
4 Techniques to Defend against Botnets
5 DoS/DDoS Countermeasures
6 DoS/DDoS Protection at ISP Level
7 Enabling TCP Intercept on Cisco IOS Software
Lesson 07 - DoS/DDoS Protection Tools
1 Advanced DDoS Protection Appliances
2 DoS/DDoS Protection Tools
Lesson 08 - DoS/DDoS Attack Penetration Testing
1 Denial-of-Service (DoS) Attack Pen Testing
Module 11- Session Hijacking
1 Denial-of-Service (DoS) Attack Pen Testing
Module 11- Session Hijacking
PreviewLesson 01- Session Hijacking Concepts
1 What is Session Hijacking?
2 Why Session Hijacking is Successful?
3 Session Hijacking Process
4 Packet Analysis of a Local Session Hijack
5 Types of Session Hijacking
6 Session Hijacking in OSI Model
7 Spoofing vs. Hijacking
Lesson 02- Application Level Session Hijacking
1 Application Level Session Hijacking
2 Compromising Session IDs using Sniffing and by Predicting Session Token
3 Compromising Session IDs Using Man-in-the-Middle Attack
4 Compromising Session IDs Using Man-in-the-Browser Attack
5 Compromising Session IDs Using Client-side Attacks
6 Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
7 Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
8 Compromising Session IDs Using Session Replay Attack
9 Compromising Session IDs Using Session Fixation
10 Session Hijacking Using Proxy Servers
11 Session Hijacking Using CRIME Attack
12 Session Hijacking Using Forbidden Attack
Lesson 03- Network Level Session Hijacking
1 TCP/IP Hijacking
2 IP Spoofing: Source Routed Packets
3 RST Hijacking
4 Blind Hijacking
5 UDP Hijacking
6 MiTM Attack Using Forged ICMP and ARP Spoofing
Lesson 04- Session Hijacking Tools
1 Session Hijacking Tools
2 Session Hijacking Tools For Mobile
Lesson 05- Countermeasures
1 Session Hijacking Detection Methods
2 Protecting against Session Hijacking
3 Methods to Prevent Session Hijacking: To be Followed by Web Developers
4 Methods to Prevent Session Hijacking: To be Followed by Web Users
5 Session Hijacking Detection Tools
6 Approaches Vulnerable to Session Hijacking and their Preventative Solutions
7 Approaches to Prevent Session Hijacking
8 IPSec
9 Session Hijacking Prevention Tools
Lesson 06- Penetration Testing
1 Session Hijacking Pen Testing
Module 12 - Evading IDS, Firewalls, and Honeypots
PreviewLesson 01- IDS, Firewall and Honeypot Concepts
1 Intrusion Detection System (IDS)
2 Firewall
3 Honeypot
Lesson 02- IDS, Firewall and Honeypot Solutions
1 Intrusion Detection Tool
2 Firewalls
3 Honeypot Tools
Lesson 03- Evading IDS
1 IDS Evasion Techniques
Lesson 04- Evading Firewalls
1 Firewall Evasion Techniques
Lesson 05- IDS/Firewall Evading Tools
1 IDS/Firewall Evasion Tools
2 Packet Fragment Generator Tools
Lesson 06- Detecting Honeypots
1 Detecting Honeypots
2 Detecting and Defeating Honeypots
3 Honeypot Detection Tool: Send-Safe Honeypot Hunte
Lesson 07- IDS/Firewall Evasion Countermeasures
1 How to Defend Against IDS Evasion
2 How to Defend Against Firewall Evasion
Lesson 08- Penetration Testing
Firewall/IDS Penetration Testing
Module 13- Hacking Web Servers
PreviewLesson 01- Web Server Concepts
1 Web Server Operations
2 Open Source Web Server Architecture
3 IIS Web Server Architecture
4 Web Server Security Issue
5 Why Web Servers Are Compromised?
6 Impact of Web Server Attacks
Lesson 02- Web Server Attacks
1 DoS/DDoS Attacks
2 DNS Server Hijacking
3 DNS Amplification Attack
4 Directory Traversal Attacks
5 Man-in-the-Middle/Sniffing Attack
6 Phishing Attacks
7 Website Defacement
8 Web Server Misconfiguration
9 HTTP Response Splitting Attack
10 Web Cache Poisoning Attack
11 SSH Brute Force Attack
12 Web Server Password Cracking
13 Web Application Attacks
Lesson 03- Web Server Attack Methodology
1 Information Gathering
2 Web Server Footprinting/Banner Grabbing
3 Website Mirroring
4 Vulnerability Scanning
5 Session Hijacking
6 Web Server Passwords Hacking
7 Using Application Server as a Proxy
Lesson 04- Web Server Attack Tools
1 Metasploit
2 Web Server Attack Tools
Lesson 05- Countermeasures
1 Place Web Servers in Separate Secure Server Security Segment on Network
2 Countermeasures
3 Detecting Web Server Hacking Attempts
4 How to Defend Against Web Server Attacks
5 How to Defend against HTTP Response Splitting and Web Cache Poisoning
6 How to Defend against DNS Hijacking
Lesson 06- Patch Management
1 Patches and Hotfixes
2 What is Patch Management
3 Installation of a Patch
4 Patch Management Tools
Lesson 07- Web Server Security Tools
1 Web Application Security Scanners
2 Web Server Security Scanners
3 Web Server Security Tools
Lesson 08- Web Server Pen Testing
1 Web Server Penetration Testing
2 Web Server Pen Testing Tools
Module 14- Hacking Web Applications
PreviewLesson 01 - Web App Concepts
1 Introduction to Web Applications
2 Web Application Architecture
3 Web 2.0 Applications
4 Vulnerability Stack
Lesson 02 - Web App Threats
1 OWASP Top 10 Application Security Risks – 2017
2 Other Web Application Threats
Lesson 03 - Hacking Methodology
1 Web App Hacking Methodology
2 Footprint Web Infrastructure
2 Attack Web Servers
3 Analyze Web Applications
4 Bypass Client-Side Controls
5 Attack Authentication Mechanism
6 Authorization Attack Schemes
7 Attack Access Controls
8 Attack Session Management Mechanism
9 Perform Injection/Input Validation Attacks
10 Attack Application Logic Flaws
11 Attack Database Connectivity
12 Attack Web App Client
13 Attack Web Services
Lesson 04 - Web Application Hacking Tools
1 Web Application Hacking Tools
Lesson 05 - Countermeasures
1 Web Application Fuzz Testing
2 Source Code Review
3 Encoding Schemes
4 How to Defend Against Injection Attacks
5 Web Application Attack Countermeasures
6 How to Defend Against Web Application Attacks
Lesson 06 - Web App Security Testing Tools
1 Web Application Security Testing Tools
2 Web Application Firewall
Lesson 07 - Web App Pen Testing
1 Web Application Pen Testing
2 Web Application Pen Testing Framework
Module 15- SQL Injection
PreviewLesson 01 - SQL Injection Concepts
1 What is SQL Injection?
2 SQL Injection and Server-side Technologies
3 Understanding HTTP POST Request
4 Understanding Normal SQL Query
5 Understanding an SQL Injection Query
6 Understanding an SQL Injection Query – Code Analysis
8 Example of a Web App Vulnerable to SQL Injection: BadProductList.aspx
9 Example of a Web Application Vulnerable to SQL Injection: Attack Analysis
10 Example of SQL Injection
Lesson 02 - Types of SQL Injection
1 Types of SQL Injection
Lesson 03 - SQL Injection Methodology
1 SQL Injection Methodology
Lesson 04 - SQL Injection Tools
1 SQL Injection Tools
2 SQL Injection Tools
3 SQL Injection Tools for Mobile
Lesson 05 - Evasion Techniques
1 Evading IDS
2 Types of Signature Evasion Techniques
Lesson 06 - Countermeasures
1 How to Defend Against SQL Injection Attacks?
2 SQL Injection Detection Tools
3 SQL Injection Detection Tools
Module 16- Hacking Wireless Networks
PreviewLesson 01 - Wireless Concepts
1 Wireless Terminologies
2 Wireless Networks
3 Wireless Standards
4 Service Set Identifier (SSID)
5 Wi-Fi Authentication Modes
6 Wi-Fi Authentication Process Using a Centralized Authentication Server
7 Types of Wireless Antenna
Lesson 02 - Wireless Encryption
1 Types of Wireless Encryption
2 WEP vs. WPA vs. WPA2
3 WEP Issues
4 Weak Initialization Vectors (IV)
Lesson 03 - Wireless Threats
1 Wireless Threats
Lesson 04 - Wireless Hacking Methodology
1 Wireless Hacking Methodology
Lesson 05 - Wireless Hacking Tools
1 WEP/WPA Cracking Tools
2 WEP/WPA Cracking Tool for Mobile
3 Wi-Fi Sniffer
4 Wi-Fi Traffic Analyzer Tools
5 Other Wireless Hacking Tools
Lesson 06 - Bluetooth Hacking
1 Bluetooth Stack
2 Bluetooth Hacking
3 Bluetooth Threats
4 How to BlueJack a Victim?
4 Bluetooth Hacking Tools
Lesson 07 - Countermeasures
1 Wireless Security Layers
2 How to Defend Against WPA/WPA2 Cracking
3 How to Defend Against KRACK Attacks
4 How to Detect and Block Rogue AP
5 How to Defend Against Wireless Attacks
6 How to Defend Against Bluetooth Hacking
Lesson 08 - Wireless Security Tools
1 Wireless Intrusion Prevention Systems
2 Wireless IPS Deployment
3 Wi-Fi Security Auditing Tool
4 Wi-Fi Intrusion Prevention System
5 Wi-Fi Predictive Planning Tools
6 Wi-Fi Vulnerability Scanning Tools
7 Bluetooth Security Tool
8 Wi-Fi Security Tools for Mobile
Lesson 09 - Wi-Fi Pen Testing
1 Wireless Penetration Testing
2 Wireless Penetration Testing Framework
Module 17- Hacking Mobile Platforms
PreviewLesson 01- Mobile Platform Attack Vectors
1 Vulnerable Areas in Mobile Business Environment
2 OWASP Top 10 Mobile Risks - 2016
3 Anatomy of a Mobile Attack
4 How a Hacker can Profit from Mobile when Successfully Compromised
5 Mobile Attack Vectors and Mobile Platform Vulnerabilities
6 Security Issues Arising from App Stores
7 App Sandboxing Issues
8 Mobile Spam
9 SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
10 Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections
Lesson 02- Hacking Android OS
1 Android OS
2 Android Rooting
3 Blocking Wi-Fi Access using NetCut
4 Hacking with zANTI
5 Hacking Networks Using Network Spoofer
6 Launching DoS Attack using Low Orbit Ion Cannon (LOIC)
7 Performing Session Hijacking Using DroidSheep
8 Hacking with Orbot Proxy
9 Android-based Sniffers
10 Android Trojans
11 Securing Android Devices
12 Android Security Tool: Find My Device
13 Android Security Tools
14 Android Vulnerability Scanner
15 Android Device Tracking Tools
Lesson 03- Hacking iOS
1 Apple iOS
2 Jailbreaking iOS
3 iOS Trojans
4 Guidelines for Securing iOS Devices
5 iOS Device Tracking Tools
6 iOS Device Security Tools
Lesson 04- Mobile Spyware
1 Mobile Spyware
2 Mobile Spyware: mSpy
3 Mobile Spywares
Lesson 05- Mobile Device Management
1 Mobile Device Management (MDM)
2 Mobile Device Management Solutions
3 Bring Your Own Device (BYOD)
Lesson 06- Mobile Security Guidelines and Tools
1 General Guidelines for Mobile Platform Security
2 Mobile Device Security Guidelines for Administrator
3 SMS Phishing Countermeasures
4 Mobile Protection Tools
5 Mobile Anti-Spyware
Lesson 07- Mobile Pen Testing
1 Android Phone Pen Testing
2 iPhone Pen Testing
3 Mobile Pen Testing Toolkit: Hackode
Module 18- IoT Hacking
PreviewLesson 01- IoT Concepts
1 What is IoT
2 How IoT Works
3 IoT Architecture
4 IoT Application Areas and Devices
5 IoT Technologies and Protocols
6 IoT Communication Models
7 Challenges of IoT
8 Threat vs Opportunity
Lesson 02- IoT Attacks
1 IoT Security Problems
2 OWASP Top 10 IoT Vulnerabilities and Obstacles
3 IoT Attack Surface Areas
4 IoT Threats
5 Hacking IoT Devices: General Scenario
6 IoT Attacks
7 IoT Attacks in Different Sectors
Lesson 03- IoT Hacking Methodology
1 What is IoT Device Hacking?
2 IoT Hacking Methodology
Lesson 04- IoT Hacking Tools
1 Information Gathering Tools
2 Sniffing Tools
3 Vulnerability Scanning Tools
4 IoT Hacking Tools
Lesson 05- Countermeasures
1 How to Defend Against IoT Hacking
2 General Guidelines for IoT Device Manufacturing Companies
3 OWASP Top 10 IoT Vulnerabilities Solutions
4 IoT Framework Security Considerations
5 IoT Security Tools
Lesson 06- IoT Pen Testing
1 IoT Pen Testing
Module 19- Cloud Computing
PreviewLesson 01 - Cloud Computing Concepts
1 Introduction to Cloud Computing
2 Separation of Responsibilities in Cloud
3 Cloud Deployment Models
4 NIST Cloud Computing Reference Architecture
5 Cloud Computing Benefits
6 Understanding Virtualization
Lesson 02 - Cloud Computing Threats
1 Cloud Computing Threats
Lesson 03 - Cloud Computing Attacks
1 Service Hijacking using Social Engineering Attacks
2 Service Hijacking using Network Sniffing
3 Session Hijacking using XSS Attack
4 Session Hijacking using Session Riding
5 Domain Name System (DNS) Attacks
6 Side Channel Attacks or Cross-guest VM Breaches
7 SQL Injection Attacks
8 Cryptanalysis Attacks
9 Wrapping Attack
10 Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
11 Man-in-the-Cloud Attack
Lesson 04 - Cloud Security
1 Cloud Security Control Layers
2 Cloud Security is the Responsibility of both Cloud Provider and Consumer
3 Cloud Computing Security Considerations
4 Placement of Security Controls in the Cloud
5 Best Practices for Securing Cloud
6 NIST Recommendations for Cloud Security
7 Organization/Provider Cloud Security Compliance Checklist
Lesson 05 - Cloud Security Tools
1 Cloud Security Tools
Lesson 06 - Cloud Penetration Testing
1 What is Cloud Pen Testing?
2 Key Considerations for Pen Testing in the Cloud
3 Cloud Penetration Testing
4 Recommendations for Cloud Testing
Module 20- Cryptography
PreviewLesson 01- Cryptography Concepts
1 Cryptography
2 Government Access to Keys (GAK)
Lesson 02- Encryption Algorithms
1 Ciphers
2 Data Encryption Standard (DES)
3 Advanced Encryption Standard (AES)
4 RC4, RC5, and RC6 Algorithms
5 Twofish
6 The DSA and Related Signature Schemes
7 Rivest Shamir Adleman (RSA)
8 Diffie-Hellman
9 Message Digest (One-Way Hash) Functions
Lesson 03- Cryptography Tools
1 MD5 Hash Calculators
2 Hash Calculators for Mobile
3 Cryptography Tools
4 Cryptography Tools for Mobile
Lesson 04- Public Key Infrastructure (PKI)
1 Public Key Infrastructure (PKI)
Lesson 05- Email Encryption
1 Digital Signature
2 Secure Sockets Layer (SSL)
3 Transport Layer Security (TLS)
4 Cryptography Toolkit
5 Pretty Good Privacy (PGP)
Lesson 06- Disk Encryption
1 Disk Encryption
2 Disk Encryption Tools
Lesson 07- Cryptanalysis
1 Cryptanalysis Methods
2 Code Breaking Methodologies
3 Cryptography Attacks
4 Cryptanalysis Tools
5 Online MD5 Decryption Tools
Lesson 08- Countermeasures
1 How to Defend Against Cryptographic Attacks
Tools Covered
Ethical Hacking Course Advisor
Dean Pompilio
Technical Trainer, Owner- Steppingstonesolutions IncMr.Pompilio has been an IT Professional since 1989. He has worn many hats along the way and holds over 20 IT certifications which include EC-Council CEI, CEH, CHFI, CISSP, CISA, CISM. His passion is to help IT professionals achieve their training goals and career growth.
Bipin Kulkarni
Security Expert, Content review board member at EC-CouncilBipin has 17+ years of experience in architecting physical and cloud infrastructure deployments and security. As an EC-Council board member he is responsible for verifying CEH and ECSA courses. He is a Cloud security expert across public and private domains.
CEH v10 Exam & Certification
What are the prerequisites for the certification?
For Certified Ethical Hacker (CEH) training and certification, there is no specific eligibility criteria but we recommend a basic knowledge of TCP/IP.
Is this CEH Certification course accredited?
Yes, our Certified Ethical Hacker course is accredited by EC-Council.What do I need to do to unlock my Simplilearn certificate?
Attend one complete class of the CEH course.
Until when can I procure exam voucher from Simplilearn?
Your exam voucher fee is included in the price of this ethical hacking course. However, you must procure the CEH exam voucher within 3 months from the date of course purchase. In the event that the CEH exam price does go up and you have not yet booked the exam, you will need to pay the difference in amount to Simplilearn.
How do I schedule/book my exam?
Please click the below link for information regarding the booking process.
https://www.simplilearn.com/ice9/about_course_images/Raise_exam_request_through_LMS.pdfWhat is the validity of my CEH exam voucher?
Exam vouchers are valid for 1 year from the date of course purchase. If you do not book the exam within 1 year from the purchase of the voucher, you will need to buy the voucher again as per the actual price.
Ethical Hacking Course Reviews
Myles Howard II
ManchesterThe instructor chains together the learning topics very well. One subject leads to the next, and they are woven together comprehensively.
Tejaswa Rastogi
MumbaiThe course encapsulates the offensive approach, which is good, and there is much to learn.
Eshan Sharma
BangaloreSimplilearn is the best platform for you if you wish to enter the CEH environment and practice on different tools. Thanks a lot to my trainer, Mr. Bharat & Simplilearn Team!
Shekhar Pawar
Chief Executive Officer at GrassDew IT Solutions Private Limited, MumbaiSimplilearn is one of the best online learning portals. I had enrolled for CEHV10 - Certified Ethical Hacker Training certification. The course was simple and easy to understand. Overall it was very good. I would recommend it strongly for professional enhancement.
Kallol Kumar Mondal
Senior Consultant, GRC @ Wipro, BangaloreGood, I would like refer my friend for the same course.
Pradeep Varadarajan
BangaloreIt was really a fantastic program.
Dhiraj Kumar
BangaloreThe course was very nice, learned many new things. The tutor was nice and useful.
Anand Kumar
BangaloreExperienced faculty and excellent facility to make learning enjoyable and enrich.
Habib Ulla Khan GS
BangaloreThe training module is been very well structured and delivered. Trainer has been practical working in real time and helped me to get more information on real time security information. Overall feedback, Very Good.
Rajarshi Barui
Cyber Security at PwC India, KolkataMy experience with Simplilearn is very pleasant. Their support is prompt and excellent. The trainer helped me exceptionally. I appreciate his efforts personally. Thanks Simplilearn.
Abhishek Sharma
Student at G D Goenka, FaridabadSimplilearn's cyber security course helped me a lot to gain knowledge. The course was really awesome. Thank you Simplilearn.
Sooraj C
BangaloreExcellent training delivered by Simplilearn.
Why Simplilearn
Simplilearn’s Blended Learning model brings classroom learningexperience online with its world-class LMS. It combines instructor-led training, self-paced learning and personalized mentoring to provide an immersive learning experience
Ethical Hacking Training FAQs
What are the course objectives?
Simplilearn’s CEH v10 Certified Ethical Hacker training (earlier CEH v9) in Colombo provides hands-on classroom training to help you master the same techniques that hackers use to penetrate network systems and leverage them ethically to protect your own infrastructure. The extensive course focuses on 20 of the most popular security domains to provide a practical approach to essential security systems. You will learn to assess computer system security by using penetration testing techniques; scan, test and hack secure systems and applications, and gain hands-on experience with sniffing, phishing and exploitation tactics. This ethical hacking course in Colombo will prepare you for the EC-Council Certified Ethical Hacker exam 312-50.
In the latest CEH v10 EC-Council has introduced the following changes:- CEH practical exam
- Increased focus on Cloud attack vectors, AI and Machine Learning
- Upgraded Vulnerability Assessment material
- A module on the Internet of Things(IoT) Security
Why is the CEH certification so desirable?
The EC-Council Certified Ethical Hacker course in Colombo verifies your advanced security skill sets to thrive in the worldwide information security domain. Many IT departments have made CEH certification a compulsory qualification for security-related posts, making it a go-to certification for security professionals. And CEH-certified professionals typically earn 44 percent higher salaries than their non-certified peers.
The ethical hacking certification course opens up numerous career advancement opportunities, preparing you for a role as a computer network defense (CND) analyst, CND infrastructure support, CND incident responder, CND auditor, forensic analyst, intrusion analyst, security manager and other related high-profile roles.What skills will you learn in the Ethical Hacking course in Colombo?
Simplilearn’s Ethical Hacking Course in Colombo will expand your knowledge of network, web and mobile app security and prepare you to identify threats and vulnerabilities. This CEH training course will help you:- Grasp the step-by-step methodology and tactics that hackers use to penetrate network systems
- Understand the finer nuances of trojans, backdoors and countermeasures
- Get a better understanding of IDS, firewalls, honeypots and wireless hacking
- Master advanced hacking concepts, including mobile device and smart phone hacking, writing virus codes, exploit writing & reverse engineering and corporate espionage,
- Gain expertise on advanced concepts such as advanced network packet analysis, securing IIS & Apache web servers, Windows system administration using Powershell, and hacking SQL and Oracle databases
- Cover the latest developments in mobile and web technologies including Andriod, iOS, BlackBerry, Windows Phone and HTML 5
- Learn advanced log management for information assurance and allow you to manage information security with more clarity
Who should take the Ethical Hacking Course?
The Certified Ethical Hacker CEH training course in Colombo is best suited for:- Network security officers and practitioners
- Site administrators
- IS/IT specialist, analyst or manager
- IS/IT auditor or consultant
- IT operations manager
- IT security specialist, analyst, manager, architect or administrator
- IT security officer, auditor or engineer
- Network specialist, analyst, manager, architect, consultant or administrator
- Technical support engineer
- Senior systems engineer
- Systems analyst or administrator
What is CEH certification?
Certified Ethical Hacker (CEH) certification will enhance your ability to assess and analyze computer systems security to protect your corporate infrastructure. The exam code for CEH certification (version 10) is 312-50 and tests your capabilities in using penetration testing tools to evaluate computer systems and network security and implementing the special techniques of ethical hacking.
How are the Labs conducted?
Labs are conducted on EC Council-designed iLabs. The access period is for six months.
Related Courses
- Disclaimer
- PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.