CEH (V9) - Certified Ethical Hacker Training in Hyderabad, India

1703 Learners

The course helps you master the advanced concepts on Ethical hacking such as corporate espionage, writing virus codes, exploit writing, and reverse engineering. You will understand advanced network packet analysis, securing IIS and Apache web servers, Windows system administration using PowerShell, Hacking SQL & Oracle database. Take this training if you are preparing for the EC-Council’s Ethical Hacker Examination (312-50)

Course advisor

Bipin Kulkarni Security Expert, Content review board member at EC-Council

Bipin has 17+ years of experience in architecting physical and cloud infrastructure deployments and security. As an EC-Council board member he is responsible for verifying CEH and ECSA courses. He is a Cloud security expert across public and private domains.

Accredited By

For individuals

Online Classroom Flexi-Pass

90 days of access to 2+ instructor-led online training classes in Hyderabad

Weekend class starting 9th Sep
Weekend class starting 14th Oct

Show all classes

For business

Corporate training solutions

Blended learning delivery model (self-paced e-learning and/or instructor-led options)
Course, category, and all-access pricing
Enterprise-class learning management system (LMS)
Enhanced reporting for individuals and teams
24x7 teaching assistance and support

Explore our course

Key features

MONEY BACK GUARANTEE

32 hours of instructor-led training
6 months free access to CEHv9 iLabs
Accredited Training Partner (ATP) of EC-Council
Study Materials(e-Kit) by EC Council
Tips and Tricks to clear CEH certification
Exam Fee Included

Course description

What’s the focus of this course?
Simplilearn’s CEH®V9 (Certified Ethical Hacker) training and certification course provides hands-on classroom training to scan, test, hack and secure systems and applications. The extensive course on ethical hacking with 18 of the most current security domains give participants in-depth knowledge and practical approach to the current essential security systems. This course prepares for EC-Council Certified Ethical Hacker exam 312-50.
Why is the certification most sought-after?
EC-Council CEH®V9 certification provides the impetus to enter the information security domain and certifies individuals in various information security skills. Many IT companies have made CEH certification a compulsory qualification for security-related posts making it a go-to certification for security professionals.
What are the course objectives?
Simplilearn’s CEH certification course provides a good start for learning web and mobile application security and expanding the present knowledge of identifying threats and vulnerabilities. Following are some of the learning benefits-
- It prepares candidates to handle information security with more clarity
- Helps them to understand the finer nuances of Trojans, Backdoors and Countermeasures
- Better understanding of IDS, Firewalls, Honeypots and Wireless Hacking
- Knowledge in advanced Hacking concepts – hacking Mobile devices & smart phones, Corporate Espionage, writing Virus codes, exploit writing & Reverse Engineering
- Expertise on advanced concepts like –Advanced network packet analysis, Securing IIS & Apache Web servers, Windows system administration using Powershell, Hacking SQL & Oracle database
- Coverage of latest development in mobile and web technologies including Andriod OS 4.1 and Apps, iOS 6 and Apps, BlackBerry 7 OS, Windows Phone 8 and HTML 5
- Advanced Log Management for Information Assurance
What are the career benefits in-store for you?
CEH certification opens up various career avenues as a certified ethical hacker. Few of them are as following as-
- One can aim at becoming a forensic analyst, intrusion analyst, or a security manager after successfully earning a CEH credential
- CEH certification also covers the requirements for such roles as Computer Network Defense (CND) Analyst, CND Infrastructure Support, CND Incident Responder, and CND Auditor
- Average CEH salaries (approximately $92,000) are 44% higher than IT Security salaries (approximately $64,000) *Source: indeed.com
Who should take this course?
The Certified Ethical Hacker certification is best suited for-
- Security officers
- Security practitioners
- Site administrators
- IS / IT Specialist / Analyst / Manager
- IS / IT Auditor / Consultant
- IT Operations Manager
- Security Specialist / Analyst
- Security Manager / Architect
- Security Consultant / Professional
- Security Officer / Engineer
- Security Administrator
- Security Auditor
- Network Specialist / Analyst
- Network Manager / Architect
- Network Consultant / Professional
- Network Administrator
- Technical Support Engineer
- Senior Systems Engineer
- Systems Analyst
- Systems Administrator

Tools Covered

Sniffing Tools

Penetration testing Tools

SQL Injection Tools

Network security Tools

Web application security Tools

Password Cracking Tools

Course preview

Module 01: Introduction to Ethical Hacking
- Lesson 01 - Internet is Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
  - 1 Internet is Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
- Lesson 02 - Information Security Overview
  - 1 Case Study
  - 2 Year of the Mega Breach
  - 3 Data Breach Statistics
  - 4 Malware Trends in 2014
  - 5 Essential Terminology
  - 6 Elements of Information Security
  - 7 The Security, Functionality, and Usability Triangle
- Lesson 03 - Information Security Threats and Attack Vectors
  - 1 Motives, Goals, and Objectives of Information Security Attacks
  - 2 Top Information Security Attack Vectors
  - 3 Information Security Threat Categories
  - 4 Types of Attacks on a System
  - 5 Information Warfare
- Lesson 04 - Hacking Concepts, Types, and Phases
  - 1 What is Hacking
  - 2 Who is a Hacker?
  - 3 Hacker Classes
  - 4 Hacking Phases
- Lesson 05 - Ethical Hacking Concepts and Scope
  - 1 What is Ethical Hacking?
  - 2 Why Ethical Hacking is Necessary
  - 3 Scope and Limitations of Ethical Hacking
  - 4 Skills of an Ethical Hacker
- Lesson 06 - Information Security Controls
  - 1 Information Assurance (IA)
  - 2 Information Security Management Program
  - 3 Threat Modeling
  - 4 Enterprise Information Security Architecture (EISA)
  - 5 Network Security Zoning
  - 6 Defense in Depth
  - 7 Information Security Policies
  - 8 Physical Security
  - 9 Incident Management
  - 10 What is Vulnerability Assessment?
  - 11 Penetration Testing
- Lesson 07 - Information Security Laws and Standards
  - 1 Payment Card Industry Data Security Standard (PCI-DSS)
  - 2 ISO/IEC 27001:2013
  - 3 Health Insurance Portability and Accountability Act (HIPAA)
  - 4 Sarbanes Oxley Act (SOX)
  - 5 The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
  - 6 Cyber Law in Different Countries
Module 02: Footprinting and Reconnaissance
- Lesson 01 - Footprinting Concepts
  - 1 What is Footprinting?
  - 2 Objectives of Footprinting
- Lesson 02 - Footprinting Methodology
  - 1 Footprinting through Search Engines
  - 2 Footprinting using Advanced Google Hacking Techniques
  - 3 Footprinting through Social Networking Sites
  - 4 Website Footprinting
  - 5 Email Footprinting
  - 6 Competitive Intelligence
  - 7 WHOIS Footprinting
  - 8 DNS Footprinting
  - 9 Network Footprinting
  - 10 Footprinting through Social Engineering
- Lesson 03 - Footprinting Tools
  - 1 Footprinting Tool
  - 2 Additional Footprinting Tools
- Lesson 04 - Footprinting Countermeasures
  - 1 Footprinting Countermeasures
- Lesson 05 - Footprinting Penetration Testing
  - 1 Footprinting Pen Testing
  - 2 Footprinting Pen Testing Report Templates
Module 03: Scanning Networks
- Lesson 01 - Overview of Network Scanning
  - 1 TCP Communication Flags
  - 2 TCP/IP Communication
  - 3 Creating Custom Packet Using TCP Flags
- Lesson 02 - CEH Scanning Methodology
  - 1 Check for Live Systems
  - 2 Check for Open Ports
  - 3 Scanning Beyond IDS
  - 4 Banner Grabbing
  - 5 Scan for Vulnerability
  - 6 Draw Network Diagrams
  - 7 Prepare Proxies
  - 8 Scanning Pen Testing
Module 04: Enumeration
- Lesson 01 - Enumeration Concepts
  - 1 What is Enumeration?
  - 2 Techniques for Enumeration
  - 3 Services and Ports to Enumerate
- Lesson 02 - NetBIOS Enumeration
  - 1 NetBIOS Enumeration Tool
  - 2 Enumerating User Accounts
  - 3 Enumerating Shared Resources Using Net View
- Lesson 03 - SNMP Enumeration
  - 1 Working of SNMP
  - 2 Management Information Base (MIB)
  - 3 SNMP Enumeration Tool
  - 4 SNMP Enumeration Tools
- Lesson 04 - LDAP Enumeration
  - 1 LDAP Enumeration Tool: Softerra LDAP Administrator
  - 2 LDAP Enumeration Tools
- Lesson 05 - NTP Enumeration
  - 1 NTP Enumeration Commands
  - 2 NTP Enumeration Tools
- Lesson 06 - SMTP Enumeration
  - 1 SMTP Enumeration Tool: NetScanTools Pro
  - 2 Telnet Enumeration
  - 3 DNS Zone Transfer Enumeration Using NSLookup
- Lesson 07 - Enumeration Countermeasures
  - 1 Enumeration Countermeasures
- Lesson 08 - SMB Enumeration Countermeasures
  - 1 SMB Enumeration Countermeasures
- Lesson 09 - Enumeration Pen Testing
  - 1 Enumeration Pen Testing
Module 05: System Hacking
- Lesson 01 - Information at Hand Before System Hacking Stage
  - 1 Information at Hand Before System Hacking Stage
- Lesson 02 - System Hacking: Goals
  - 1 System Hacking: Goals
- Lesson 03 - CEH Hacking Methodology (CHM)
  - 1 CEH Hacking Methodology (CHM)
- Lesson 04 - CEH System Hacking Steps
  - 1 Cracking Passwords
  - 2 Escalating Privileges
  - 3 Executing Applications
  - 4 Spyware
  - 5 How to Defend Against Keyloggers
  - 6 How to Defend Against Spyware
- Lesson 05 - Hiding Files
  - 1 Rootkits
  - 2 Detecting Rootkits
  - 3 NTFS Data Stream
  - 4 What Is Steganography?
  - 5 Steganalysis
- Lesson 06 - Covering Tracks
  - 1 Covering Tracks
  - 2 Disabling Auditing: Auditpol
  - 3 Clearing Logs
  - 4 Manually Clearing Event Logs
  - 5 Ways to Clear Online Tracks
  - 6 Covering Tracks Tool: CCleaner
  - 7 Covering Tracks Tool: MRU-Blaster
  - 8 Track Covering Tools
- Lesson 07 - Penetration Testing
  - 1 Password Cracking
  - 2 Privilege Escalation
  - 3 Executing Applications
  - 4 Hiding Files
  - 5 Covering Tracks
Module 06: Malware Threats
- Lesson 01 - Introduction to Malware
  - 1 Different Ways a Malware can Get into a System
  - 2 Common Techniques Attackers Use to Distribute Malware on the Web
- Lesson 02 - Trojan Concepts
  - 1 Financial Loss Due to Trojans
  - 2 What is a Trojan?
  - 3 How Hackers Use Trojans
  - 4 Common Ports used by Trojans
  - 5 How to Infect Systems Using a Trojan
  - 6 Wrappers
  - 7 Dark Horse Trojan Virus Maker
  - 8 Trojan Horse Construction Kit
  - 9 Crypters: AIO FUD Crypter, Hidden Sight Crypter, and Galaxy Crypter
  - 10 Crypters: Criogenic Crypter, Heaven Crypter, and SwayzCryptor
  - 11 How Attackers Deploy a Trojan
  - 12 Evading Anti-Virus Techniques
- Lesson 03 - Types of Trojans
  - 1 Command Shell Trojans
  - 2 Defacement Trojans
  - 3 Defacement Trojans: Restorator
  - 4 Botnet Trojans
  - 5 Proxy Server Trojans
  - 6 FTP Trojans
  - 7 VNC Trojans
  - 8 HTTP/HTTPS Trojans
  - 9 Shttpd Trojan – HTTPS (SSL)
  - 10 ICMP Tunneling
  - 11 Remote Access Trojans
  - 12 Covert Channel Trojan: CCTT
  - 13 E-banking Trojans
  - 14 Destructive Trojans: M4sT3r Trojan
  - 15 Notification Trojans
  - 16 Data Hiding Trojans (Encrypted Trojans)
- Lesson 04 - Virus and Worms Concepts
  - 1 Introduction to Viruses
  - 2 Stages of Virus Life
  - 3 Working of Viruses
  - 4 Why Do People Create Computer Viruses
  - 5 Indications of Virus Attack
  - 6 Virus Hoaxes and Fake Antiviruses
  - 7 Ransomware
  - 8 Types of Viruses
  - 9 Writing a Simple Virus Program
  - 10 Computer Worms
- Lesson 05 - Malware Reverse Engineering
  - 1 What is Sheep Dip Computer?
  - 2 Anti-Virus Sensor Systems
  - 3 Malware Analysis Procedure: Preparing Testbed
  - 4 Malware Analysis Procedure
  - 5 Malware Analysis Tool: IDA Pro
  - 6 Online Malware Testing: VirusTotal
  - 7 Online Malware Analysis Services
  - 8 Trojan Analysis: Neverquest
  - 9 Virus Analysis: Ransom Cryptolocker
  - 10 Worm Analysis: Darlloz (Internet of Things (IoT) Worm)
- Lesson 06 - Malware Detection
  - 1 How to Detect Trojans
  - 2 Virus Detection Methods
- Lesson 07 - Countermeasures
  - 1 Trojan Countermeasures
  - 2 Backdoor Countermeasures
  - 3 Virus and Worms Countermeasures
- Lesson 08 - Anti-Malware Software
  - 1 Anti-Trojan Software
  - 2 Anti-Trojan Software
  - 3 Companion Antivirus: Immunet
  - 4 Anti-virus Tools
- Lesson 09 - Penetration Testing
  - 1 Pen Testing for Trojans and Backdoors
  - 2 Penetration Testing for Virus
Module 07: Sniffing
- Lesson 01 - Sniffing Concepts
  - 1 Network Sniffing and Threats
  - 2 How a Sniffer Works
  - 3 Types of Sniffing
  - 4 How an Attacker Hacks the Network Using Sniffers
  - 5 Protocols Vulnerable to Sniffing
  - 6 Sniffing in the Data Link Layer of the OSI Model
  - 7 Hardware Protocol Analyzer
  - 8 Hardware Protocol Analyzers
  - 9 SPAN Port
  - 10 Wiretapping
  - 11 Lawful Interception
  - 12 Wiretapping Case Study: PRISM
- Lesson 02 - MAC Attacks
  - 1 MAC Address/CAM Table
  - 2 How CAM Works
  - 3 What Happens When CAM Table Is Full?
  - 4 MAC Flooding
  - 5 Mac Flooding Switches with macof
  - 6 Switch Port Stealing
  - 7 How to Defend against MAC Attacks
- Lesson 03 - DHCP Attacks
  - 1 How DHCP Works
  - 2 DHCP Request/Reply Messages
  - 3 IPv4 DHCP Packet Format
  - 4 DHCP Starvation Attack
  - 5 DHCP Starvation Attack Tools
  - 6 Rogue DHCP Server Attack
  - 7 How to Defend Against DHCP Starvation and Rogue Server Attack
- Lesson 04 - ARP Poisoning
  - 1 What Is Address Resolution Protocol (ARP)?
  - 2 ARP Spoofing Attack
  - 3 How Does ARP Spoofing Work
  - 4 Threats of ARP Poisoning
  - 5 ARP Poisoning Tool
  - 6 How to Defend Against ARP Poisoning
  - 7 Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
  - 8 ARP Spoofing Detection: XArp
- Lesson 05 - Spoofing Attack
  - 1 MAC Spoofing/Duplicating
  - 2 MAC Spoofing Technique: Windows
  - 3 MAC Spoofing Tool: SMAC
  - 4 IRDP Spoofing
  - 5 How to Defend Against MAC Spoofing
- Lesson 06 - DNS Poisoning
  - 1 DNS Poisoning Techniques
  - 2 Intranet DNS Spoofing
  - 3 Internet DNS Spoofing
  - 4 Proxy Server DNS Poisoning
  - 5 DNS Cache Poisoning
  - 6 How to Defend Against DNS Spoofing
- Lesson 07 - Sniffing Tools
  - 1 Sniffing Tools
- Lesson 08 - Sniffing Tool: Wireshark
  - 1 Sniffing Tool: Wireshark
- Lesson 09 - Follow TCP Stream in Wireshark
  - 1 Follow TCP Stream in Wireshark
- Lesson 10 - Display Filters in Wireshark
  - 1 Display Filters in Wireshark
- Lesson 11 - Additional Wireshark Filters
  - 1 Additional Wireshark Filters
- Lesson 12 - Sniffing Tool
  - 1 Sniffing Tool
- Lesson 13 - Packet Sniffing Tool: Capsa Network Analyzer
  - 1 Packet Sniffing Tool: Capsa Network Analyzer
- Lesson 14 - Network Packet Analyzer
  - 1 Network Packet Analyzer
  - 2 TCP/IP Packet Crafter: Colasoft Packet Builder
  - 3 Network Packet Analyzer: RSA NetWitness Investigator
  - 4 Additional Sniffing Tools
  - 5 Packet Sniffing Tools for Mobile: Wi.cap. Network Sniffer Pro and FaceNiff
- Lesson 15 - Counter measures
  - 1 How to Defend Against Sniffing
- Lesson 16 - Sniffing Detection Techniques
  - 1 How to Detect Sniffing
  - 2 Sniffer Detection Technique
  - 3 Promiscuous Detection Tool
- Lesson 17 - Sniffing Pen Testing
  - 1 Sniffing Pen Testing
Module 08: Social Engineering
- Lesson 01 - Social Engineering Concepts
  - 1 What is Social Engineering?
  - 2 Behaviors Vulnerable to Attacks
  - 3 Factors that Make Companies Vulnerable to Attacks
  - 4 Why Is Social Engineering Effective?
  - 5 Warning Signs of an Attack
  - 6 Phases in a Social Engineering Attack
- Lesson 02 - Social Engineering Techniques
  - 1 Types of Social Engineering
  - 2 Watch these Movies
  - 3 Watch this Movie
  - 4 Computer-based Social Engineering
  - 5 Mobile-based Social Engineering
  - 6 Insider Attack
  - 7 Disgruntled Employee
  - 8 Preventing Insider Threats
  - 9 Common Social Engineering Targets and Defense Strategies
- Lesson 03 - Impersonation on Social Networking Sites
  - 1 Social Engineering Through Impersonation on Social Networking Sites
  - 2 Social Engineering on Facebook
  - 3 Social Engineering on LinkedIn and Twitter
  - 4 Risks of Social Networking to Corporate Networks
- Lesson 04 - Identity Theft
  - 1 Identity Theft Statistics
  - 2 Identify Theft
  - 3 How to Steal an Identity
  - 4 Real Steven Gets Huge Credit Card Statement
  - 5 Identity Theft – Serious Problem
- Lesson 05 - Social Engineering Countermeasures
  - 1 How to Detect Phishing Emails
  - 2 Anti-Phishing Toolbar
  - 3 Identity Theft Countermeasures
- Lesson 06 - Penetration Testing
  - 1 Social Engineering Pen Testing
Module 09: Denial-of-Service
- Lesson 01 - DoS/DDoS Concepts
  - 1 DDoS Attack Trends
  - 2 What is a Denial of Service Attack?
  - 3 What Are Distributed Denial of Service Attacks?
  - 4 How Distributed Denial of Service Attacks Work
- Lesson 02 - DoS/DDoS Attack Techniques
  - 1 Basic Categories of DoS/DDoS Attack Vectors
  - 2 DoS/DDoS Attack Techniques
- Lesson 03 - Botnets
  - 1 Organized Cyber Crime: Organizational Chart
  - 2 Botnet
  - 3 A Typical Botnet Setup
  - 4 Botnet Ecosystem
  - 5 Scanning Methods for Finding Vulnerable Machines
  - 6 How Malicious Code Propagates?
  - 7 Botnet Trojan
- Lesson 04 - DDoS Case Study
  - 1 DDoS Attack
  - 2 Hackers Advertise Links to Download Botnet
- Lesson 05 - DoS/DDoS Attack Tools
  - 1 Pandora DDoS Bot Toolkit
  - 2 Dereil and HOIC
  - 3 DoS HTTP and BanglaDos
  - 4 DoS and DDoS Attack Tools
  - 5 DoS and DDoS Attack Tool for Mobile
- Lesson 06 - Counter-measures
  - 1 Detection Techniques
  - 2 Activity Profiling
  - 3 Wavelet Analysis
  - 4 Sequential Change-Point Detection
  - 5 DoS/DDoS Countermeasure Strategies
  - 6 DDoS Attack Countermeasures
  - 7 Post-Attack Forensics
  - 8 Techniques to Defend against Botnets
  - 9 DoS/DDoS Countermeasures
  - 10 DoS/DDoS Protection at ISP Level
  - 11 Enabling TCP Intercept on Cisco IOS Software
  - 12 Advanced DDoS Protection Appliances
- Lesson 07 - DoS/DDoS Protection Tools
  - 1 DoS/DDoS Protection Tool: FortGuard Anti-DDoS Firewall 2014
  - 2 DoS/DDoS Protection Tools
- Lesson 08 - DoS/DDoS Attack Penetration Testing
  - 1 DoS/DDoS Attack Penetration Testing
Module 10: Session Hijacking
- Lesson 01 - Session Hijacking Concepts
  - 1 What is Session Hijacking?
  - 2 Why Session Hijacking is Successful?
  - 3 Session Hijacking Process
  - 4 Packet Analysis of a Local Session Hijack
  - 5 Types of Session Hijacking
  - 6 Session Hijacking in OSI Model
  - 7 Spoofing vs. Hijacking
- Lesson 02 - Application Level Session Hijacking
  - 1 Compromising Session IDs using Sniffing
  - 2 Compromising Session IDs by Predicting Session Token
  - 3 How to Predict a Session Token
  - 4 Compromising Session IDs Using Man-in-the-Middle Attack
  - 5 Compromising Session IDs Using Man-in-the-Browser Attack
  - 6 Steps to Perform Man-in-the-Browser Attack
  - 7 Compromising Session IDs Using Client-side Attacks
  - 8 Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
  - 9 Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
  - 10 Compromising Session IDs Using Session Replay Attack
  - 11 Compromising Session IDs Using Session Fixation
  - 12 Session Fixation Attack
  - 13 Session Hijacking Using Proxy Servers
- Lesson 03 - Network-level Session Hijacking
  - 1 The 3-Way Handshake
  - 2 TCP/IP Hijacking
  - 3 TCP/IP Hijacking Process
  - 4 IP Spoofing: Source Routed Packets
  - 5 RST Hijacking
  - 6 Blind Hijacking
  - 7 MiTM Attack Using Forged ICMP and ARP Spoofing
  - 8 UDP Hijacking
- Lesson 04 - Session Hijacking Tools
  - 1 Session Hijacking Tool
  - 2 Session Hijacking Tools
  - 2 Session Hijacking Tools for Mobile: DroidSheep and DroidSniff
- Lesson 05 - Counter-measures
  - 1 Session Hijacking Detection Methods
  - 2 Protecting against Session Hijacking
  - 3 Methods to Prevent Session Hijacking
  - 4 Approaches Vulnerable to Session Hijacking and their Preventative Solutions
  - 5 IPSec
  - 6 Modes of IPsec
  - 7 IPsec Architecture
  - 8 IPsec Authentication and Confidentiality
  - 9 Components of IPsec
- Lesson 06 - Session Hijacking Pen Testing
  - 1 Session Hijacking Pen Testing
Module 11: Hacking Webservers
- Lesson 01 - Webserver Concepts
  - 1 Web Server Security Issue
  - 2 Why Web Servers Are Compromised
  - 3 Impact of Webserver Attacks
  - 4 Open Source Webserver Architecture
  - 5 IIS Webserver Architecture
- Lesson 02 - Webserver Attacks
  - 1 DoS/DDoS Attacks
  - 2 DNS Server Hijacking
  - 3 DNS Amplification Attack
  - 4 Directory Traversal Attacks
  - 5 Man-in-the-Middle/Sniffing Attack
  - 6 Phishing Attacks
  - 7 Website Defacement
  - 8 Webserver Misconfiguration Example
  - 9 HTTP Response Splitting Attack
  - 10 Web Cache Poisoning Attack
  - 11 SSH Bruteforce Attack
  - 12 Webserver Password Cracking
  - 13 Web Application Attacks
- Lesson 03 - Attack Methodology
  - 1 Webserver Attack Methodology
  - 2 Webserver Footprinting Tools
  - 3 Enumerating Webserver Information Using Nmap
  - 4 Webserver Attack Methodology
- Lesson 04 - Webserver Attack Tools
  - 1 Metasploit
  - 2 Webserver Attack Tools: Wfetch
  - 3 Web Password Cracking Tool: THC-Hydra and Brutus
- Lesson 05 - Counter-measures
  - 1 Place Web Servers in Separate Secure Server Security Segment on Network
  - 2 Countermeasures
  - 3 Detecting Web Server Hacking Attempts
  - 4 How to Defend Against Web Server Attacks
  - 5 How to Defend against HTTP Response Splitting and Web Cache Poisoning
  - 6 How to Defend against DNS Hijacking
- Lesson 06 - Patch Management
  - 1 Patches and Hotfixes
  - 2 What Is Patch Management?
  - 3 Identifying Appropriate Sources for Updates and Patches
  - 4 Installation of a Patch
  - 5 Implementation and Verification of a Security Patch or Upgrade
  - 6 Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
  - 7 Patch Management Tools
- Lesson 07 - Webserver Security Tools
  - 1 Web Application Security Scanner: Syhunt Dynamic and N-Stalker Web Application Security Scanner
  - 2 Web Server Security Scanner: Wikto and Acunetix Web Vulnerability Scanner
  - 3 Web Server Malware Infection Monitoring Too
  - 4 Webserver Security Tools
- Lesson 08 - Webserver Pen Testing
  - 1 Web Server Pen Testing Tool
Module 12: Hacking Web Applications
- Lesson 01 - Web App Concepts
  - 1 Introduction to Web Applications
  - 2 How Web Applications Work?
  - 3 Web Application Architecture
  - 4 Web 2.0 Applications
  - 5 Vulnerability Stack
- Lesson 02 - Web App Threats
  - 1 Unvalidated Input
  - 2 Parameter/Form Tampering
  - 3 Directory Traversal
  - 4 Security Misconfiguration
  - 5 Injection Flaws
  - 6 SQL Injection Attacks
  - 7 Command Injection Example
  - 8 File Injection Attack
  - 9 What is LDAP Injection?
  - 10 Hidden Field Manipulation Attack
  - 11 Cross-Site Scripting (XSS) Attacks
  - 12 Cross-Site Request Forgery (CSRF) Attack
  - 13 Web Application Denial-of-Service (DoS) Attack
  - 14 Denial of Service (DoS) Examples
  - 15 Buffer Overflow Attacks
  - 16 Cookie/Session Poisoning
  - 17 Session Fixation Attack
  - 18 CAPTCHA Attacks
  - 19 Insufficient Transport Layer Protection
  - 20 Improper Error Handling
  - 21 Insecure Cryptographic Storage
  - 22 Broken Authentication and Session Management
  - 23 Unvalidated Redirects and Forwards
  - 24 Web Services Architecture
  - 25 Web Services Attack
  - 26 Web Services Footprinting Attack
  - 27 Web Services XML Poisoning
- Lesson 03 - Web App Hacking Methodology
  - 1 Footprint Web Infrastructure
  - 2 Attack Web Servers
  - 3 Analyze Web Applications
  - 4 Attack Authentication Mechanism
  - 5 Authorization Attack Schemes
  - 6 Attack Session Management Mechanism
  - 7 Perform Injection Attacks
  - 8 Attack Data Connectivity
  - 9 Attack Web App Client
  - 10 Attack Web Services
- Lesson 04 - Web Application Hacking Tools
  - 1 Web Application Hacking Tools
  - 2 Web Application Hacking Tools
- Lesson 05 - Countermeasures
  - 1 Encoding Schemes
  - 2 How to Defend Against SQL Injection Attacks?
  - 3 How to Defend Against Command Injection Flaws?
  - 4 How to Defend Against XSS Attacks?
  - 5 How to Defend Against DoS Attack?
  - 6 How to Defend Against Web Services Attack?
  - 7 Guidelines for Secure CAPTCHA Implementation
  - 8 Web Application Countermeasures
  - 9 How to Defend Against Web Application Attacks?
- Lesson 06 - Security Tools
  - 1 Web Application Security Tool
  - 2 Web Application Security Tools
  - 3 Web Application Firewall
  - 4 Web Application Firewall
- Lesson 07 - Web App Pen Testing
  - 1 Web Application Pen Testing
  - 2 Web Application Pen Testing Framework
Module 13: SQL Injection
- Lesson 01 - SQL Injection Concepts
  - 1 What is SQL Injection?
  - 2 Why Bother about SQL Injection?
  - 3 How Web Applications Work?
  - 4 SQL Injection and Server-side Technologies
  - 5 Understanding HTTP Post Request
  - 6 Example: Normal SQL Query
  - 7 Understanding an SQL Injection Query
  - 8 Example of a Web App Vulnerable to SQL Injection
  - 9 Example of SQL Injection
- Lesson 02 - Types of SQL Injection
  - 1 Error Based SQL Injection
  - 2 Union SQL Injection
  - 3 Blind SQL Injection
  - 4 No Error Messages Returned
  - 5 Blind SQL Injection: WAITFOR DELAY (YES or NO Response)
  - 6 Boolean Exploitation Technique
- Lesson 03 - SQL Injection Methodology
  - 1 Information Gathering and SQL Injection Vulnerability Detection
  - 2 Launch SQL Injection Attacks
  - 3 Advanced SQL Injection
- Lesson 04 - SQL Injection Tools
  - 1 BSQLHacker
  - 2 Marathon Tool
  - 3 SQL Power Injector
  - 4 Havij
  - 5 SQL Injection Tools
  - 6 SQL Injection Tool for Mobile
- Lesson 05 - Evasion Techniques
  - 1 Evading IDS
  - 2 Types of Signature Evasion Techniques
  - 3 Evasion Technique
- Lesson 06 - Counter-measures
  - 1 How to Defend Against SQL Injection Attacks?
  - 2 How to Defend Against SQL Injection Attacks: Use Type-Safe SQL Parameters
  - 3 How to Defend Against SQL Injection Attacks
  - 4 SQL Injection Detection Tool
  - 5 Snort Rule to Detect SQL Injection Attacks
  - 6 SQL Injection Detection Tools
Module 14: Hacking Wireless Networks
- Lesson 01 - Wireless Concepts
  - 1 Wireless Terminologies
  - 2 Wireless Networks
  - 3 Wi-Fi Networks at Home and Public Places
  - 4 Wireless Technology Statistics
  - 5 Types of Wireless Networks
  - 6 Wireless Standards
  - 7 Service Set Identifier (SSID)
  - 8 Wi-Fi Authentication Modes
  - 9 Wi-Fi Authentication Process Using a Centralized Authentication Server
  - 10 Wi-Fi Chalking
  - 11 Types of Wireless Antenna
- Lesson 02 - Wireless Encryption
  - 1 Types of Wireless Encryption
  - 2 WEP vs. WPA vs. WPA2
  - 3 WEP Issues
  - 4 Weak Initialization Vectors (IV)
  - 5 How to Break WEP Encryption?
  - 6 How to Break WPA Encryption?
  - 7 How to Defend Against WPA Cracking?
- Lesson 03 - Wireless Threats
  - 1 Access Control Attacks
  - 2 Integrity Attacks
  - 3 Confidentiality Attacks
  - 4 Availability Attacks
  - 5 Authentication Attacks
  - 6 Rogue Access Point Attack
  - 7 Client Mis-association
  - 8 Misconfigured Access Point Attack
  - 9 Unauthorized Association
  - 10 Ad Hoc Connection Attack
  - 11 HoneySpot Access Point Attack
  - 12 AP MAC Spoofing
  - 13 Denial-of-Service Attack
  - 14 Jamming Signal Attack
  - 15 Wi-Fi Jamming Devices
- Lesson 04 - Wireless Hacking Methodology
  - 1 Wi-Fi Discovery
  - 2 GPS Mapping
  - 3 Wireless Traffic Analysis
  - 4 Launch Wireless Attacks
  - 5 Crack Wi-Fi Encryption
- Lesson 05 - Wireless Hacking Tools
  - 1 Wi-Fi Sniffer: Kismet
  - 2 Wardriving Tools
  - 3 RF Monitoring Tools
  - 4 Wi-Fi Traffic Analyzer Tools
  - 5 Wi-Fi Raw Packet Capturing and Spectrum Analyzing Tools
  - 6 Wireless Hacking Tools for Mobile: HackWifi and Backtrack Simulator
- Lesson 06 - Bluetooth Hacking
  - 1 Bluetooth Stack
  - 2 Bluetooth Threats
  - 3 How to BlueJack a Victim?
  - 4 Bluetooth Hacking Tool
  - 5 Bluetooth Hacking Tools
- Lesson 07 - Counter-measures
  - 1 How to Defend Against Bluetooth Hacking?
  - 2 How to Detect and Block Rogue AP?
  - 3 Wireless Security Layers
  - 4 How to Defend Against Wireless Attacks?
- Lesson 08 - Wireless Security Tools
  - 1 Wireless Intrusion Prevention Systems
  - 2 Wireless IPS Deployment
  - 3 Wi-Fi Security Auditing Tool
  - 4 Wi-Fi Intrusion Prevention System
  - 5 Wi-Fi Predictive Planning Tools
  - 6 Wi-Fi Vulnerability Scanning Tools
  - 7 Bluetooth Security Tool: Bluetooth Firewall
  - 8 Wi-Fi Security Tools for Mobile: Wifi Protector, WiFiGuard, and Wifi Inspector
- Lesson 09 - Wi-Fi Pen Testing
  - 1 Wireless Penetration Testing
  - 2 Wireless Penetration Testing Framework
  - 3 Wi-Fi Pen Testing Framework
  - 4 Pen Testing LEAP Encrypted WLAN
  - 5 Pen Testing WPA/WPA2 Encrypted WLAN
  - 6 Pen Testing WEP Encrypted WLAN
  - 7 Pen Testing Unencrypted WLAN
Module 15: Hacking Mobile Platforms
- Lesson 01 - Mobile Platform Attack Vectors
  - 1 Vulnerable Areas in Mobile Business Environment
  - 2 OWASP Mobile Top 10 Risks
  - 3 Anatomy of a Mobile Attack
  - 4 How a Hacker can Profit from Mobile when Successfully Compromised
  - 5 Mobile Attack Vectors
  - 6 Mobile Platform Vulnerabilities and Risks
  - 7 Security Issues Arising from App Stores
  - 8 App Sandboxing Issues
  - 9 Mobile Spam
  - 10 SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
  - 11 Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections
- Lesson 02 - Hacking Android OS
  - 1 Android OS
  - 2 Android OS Architecture
  - 3 Android Device Administration API
  - 4 Android Vulnerabilities
  - 5 Android Rooting
  - 6 Hacking Networks Using Network Spoofer
  - 7 Session Hijacking Using DroidSheep
  - 8 Android-based Sniffer
  - 9 Android Trojan
  - 10 Securing Android Devices
  - 11 Google Apps Device Policy
  - 12 Remote Wipe Service: Remote Wipe
  - 13 Android Security Tool
  - 14 Android Vulnerability Scanner: X-Ray
  - 15 Android Device Tracking Tools
- Lesson 03 - Hacking iOS
  - 1 Apple iOS
  - 2 Jailbreaking iOS
  - 3 Guidelines for Securing iOS Devices
  - 4 iOS Device Tracking Tools
- Lesson 04 - Hacking Windows Phone OS
  - 1 Windows Phone 8 Architecture
  - 2 Secure Boot Process
  - 3 Guidelines for Securing Windows OS Devices
  - 4 Windows OS Device Tracking Tool: FollowMee GPS Tracker
- Lesson 05 - Hacking BlackBerry
  - 1 BlackBerry Operating System
  - 2 BlackBerry Enterprise Solution Architecture
  - 3 Blackberry Attack Vectors
  - 4 Guidelines for Securing BlackBerry Devices
  - 5 BlackBerry Device Tracking Tools: MobileTracker and Position Logic Blackberry Tracker
  - 6 Mobile Spyware: mSpy and StealthGenie
  - 7 Mobile Spyware
- Lesson 06 - Mobile Device Management (MDM)
  - 1 MDM Solution: MaaS360 Mobile Device Management (MDM)
  - 2 MDM Solutions
  - 3 Bring Your Own Device (BYOD)
- Lesson 07 - Mobile Security Guidelines and Tools
  - 1 General Guidelines for Mobile Platform Security
  - 2 Mobile Device Security Guidelines for Administrator
  - 3 SMS Phishing Countermeasures
  - 4 Mobile Protection Tool
  - 5 Mobile Protection Tools
  - 6 Mobile Anti-Spyware
- Lesson 08 - Mobile Pen Testing
  - 1 Android Phone Pen Testing
  - 2 iPhone Pen Testing
  - 3 Windows Phone Pen Testing
  - 4 BlackBerry Pen Testing
  - 5 Mobile Pen Testing Toolkit
Module 16: Evading IDS, Firewalls, and Honeypots
- Lesson 01 - IDS, Firewall and Honeypot Concepts
  - 1 Intrusion Detection Systems (IDS) and their Placement
  - 2 Firewall
  - 3 Honeypot
- Lesson 02 - IDS, Firewall and Honeypot System
  - 1 Intrusion Detection Tool: Snort
  - 2 Snort Rules
  - 3 Intrusion Detection Systems: Tipping Point
  - 4 Intrusion Detection Tools
  - 5 Intrusion Detection Tools for Mobile
  - 6 Firewalls
  - 7 Firewalls for Mobile: Android Firewall and Firewall iP
  - 8 Firewalls for Mobile
  - 9 Honeypot Tool: KFSensor and SPECTER
  - 10 Honeypot Tools
  - 11 Honeypot Tool for Mobile: HosTaGe
- Lesson 03 - Evading IDS
  - 1 Insertion Attack
  - 2 Evasion
  - 3 Denial-of-Service Attack (DoS)
  - 4 Obfuscating
  - 5 False Positive Generation
  - 6 Session Splicing
  - 7 Unicode Evasion Technique
  - 8 Fragmentation Attack
  - 9 Time-To-Live Attacks
  - 10 Invalid RST Packets
  - 11 Urgency Flag
  - 12 Polymorphic Shellcode
  - 13 ASCII Shellcode
  - 14 Application-Layer Attacks
  - 15 Desynchronization – Pre Connection SYN
  - 16 Desynchronization – Post Connection SYN
  - 17 Other Types of Evasion
- Lesson 04 - Evading Firewalls
  - 1 Firewall Identification
  - 2 IP Address Spoofing
  - 3 Source Routing
  - 4 Tiny Fragments
  - 5 Bypass Blocked Sites Using IP Address in Place of URL
  - 6 Bypass Blocked Sites Using Anonymous Website Surfing Sites
  - 7 Bypass a Firewall Using Proxy Server
  - 8 Bypassing Firewall through ICMP Tunneling Method
  - 9 Bypassing Firewall through ACK Tunneling Method
  - 10 Bypassing Firewall through HTTP Tunneling Method
  - 11 Why do I Need HTTP Tunneling
  - 12 HTTP Tunneling Tools
  - 13 Bypassing Firewall through SSH Tunneling Method
  - 14 SSH Tunneling Tool: Bitvise
  - 15 Bypassing Firewall through External Systems
  - 16 Bypassing Firewall through MITM Attack
  - 17 Bypassing Firewall through Content
- Lesson 05 - IDS/Firewall Evading Tools
  - 1 IDS/Firewall Evasion Tool
  - 2 IDS/Firewall Evasion Tools
  - 3 Packet Fragment Generator: Colasoft Packet Builder
  - 4 Packet Fragment Generators
- Lesson 06 - Detecting Honeypots
  - 1 Detecting Honeypots
  - 2 Honeypot Detecting Tool: Send-Safe Honeypot Hunter
- Lesson 07 - IDS/Firewall Evasion Counter-measures
  - 1 Countermeasures
- Lesson 08 - Penetration Testing
  - 1 Firewall/IDS Penetration Testing
  - 2 Firewall Penetration Testing
  - 3 IDS Penetration Testing
Module 17: Cloud Computing
- Lesson 01 - Introduction to Cloud Computing
  - 1 Types of Cloud Computing Services
  - 2 Separation of Responsibilities in Cloud
  - 3 Cloud Deployment Models
  - 4 NIST Cloud Computing Reference Architecture
  - 5 Cloud Computing Benefits
  - 6 Understanding Virtualization
  - 7 Benefits of Virtualization in Cloud
- Lesson 02 - Cloud Computing Threats
  - 1 Cloud Computing Threats
- Lesson 03 - Cloud Computing Attacks
  - 1 Service Hijacking using Social Engineering Attacks
  - 2 Service Hijacking using Network Sniffing
  - 3 Session Hijacking using XSS Attack
  - 4 Session Hijacking using Session Riding
  - 5 Domain Name System (DNS) Attacks
  - 6 Side Channel Attacks or Cross-guest VM Breaches
  - 7 SQL Injection Attacks
  - 8 Cryptanalysis Attacks
  - 9 Wrapping Attack
  - 10 Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
- Lesson 04 - Cloud Security
  - 1 Cloud Security Control Layers
  - 2 Cloud Security is the Responsibility of both Cloud Provider and Consumer
  - 3 Cloud Computing Security Considerations
  - 4 Placement of Security Controls in the Cloud
  - 5 Best Practices for Securing Cloud
  - 6 NIST Recommendations for Cloud Security
  - 7 Organization/Provider Cloud Security Compliance Checklist
- Lesson 05 - Cloud Security Tools
  - 1 Core CloudInspect
  - 2 CloudPassage Halo
  - 3 Cloud Security Tools
- Lesson 06 - Cloud Penetration Testing
  - 1 What is Cloud Pen Testing?
  - 2 Key Considerations for Pen Testing in the Cloud
  - 3 Scope of Cloud Pen Testing
  - 4 Cloud Penetration Testing
  - 5 Recommendations for Cloud Testing
Module 18: Cryptography
- Lesson 01 - Market Survey 2014: The Year of Encryption
  - 1 Market Survey 2014: The Year of Encryption
- Lesson 02 - Case Study: Heartbleed
  - 1 Case Study: Heartbleed
- Lesson 03 - Case Study: Poodlebleed
  - 1 Case Study: Poodlebleed
- Lesson 04 - Cryptography Concepts
  - 1 Cryptography
  - 2 Types of Cryptography
  - 3 Government Access to Keys (GAK)
- Lesson 05 - Encryption Algorithms
  - 1 Ciphers
  - 2 Data Encryption Standard (DES)
  - 3 Advanced Encryption Standard (AES)
  - 4 RC4, RC5, RC6 Algorithms
  - 5 The DSA and Related Signature Schemes
  - 6 RSA (Rivest Shamir Adleman)
  - 7 Message Digest (One-way Hash) Functions
  - 8 Secure Hashing Algorithm (SHA)
  - 9 What is SSH (Secure Shell)?
- Lesson 06 - Cryptography Tools
  - 1 MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
  - 2 Hash Calculators for Mobile: MD5 Hash Calculator, Hash Droid, and Hash Calculator
  - 3 Cryptography Tool
  - 4 Cryptography Tools
  - 5 Cryptography Tools for Mobile: Secret Space Encryptor, CryptoSymm, and Cipher Sender
- Lesson 07 - Public Key Infrastructure (PKI)
  - 1 Certification Authorities
  - 2 Signed Certificate (CA) Vs. Self Signed Certificate
- Lesson 08 - Email Encryption
  - 1 Digital Signature
  - 2 SSL (Secure Sockets Layer)
  - 3 Transport Layer Security (TLS)
  - 4 Cryptography Toolkit
  - 5 Pretty Good Privacy (PGP)
- Lesson 09 - Disk Encryption
  - 1 Disk Encryption Tools: Symantec Drive Encryption and GiliSoft Full Disk Encryption
  - 2 Disk Encryption Tools
- Lesson 10 - Cryptography Attacks
  - 1 Code Breaking Methodologies
  - 2 Brute-Force Attack
  - 3 Meet-in-the-Middle Attack on Digital Signature Schemes
  - 4 Side Channel Attack
- Lesson 11 - Cryptanalysis Tools
  - 1 Cryptanalysis Tool: CrypTool
  - 2 Cryptanalysis Tools
  - 3 Online MD5 Decryption Tool
Free Course
- {{childObj.title}}
  - {{childObj.childSection.chapter_name}}
    - {{lesson.title}}
  - {{lesson.title}}
View More

View Less

Exam & certification

What are the prerequisites for the certification?
For CEH (Certified Ethical Hacker) training and certification course there is no specific eligibility criteria but we recommend basic knowledge of TCP/ IP
What do I need to do to unlock my Simplilearn certificate?
- Attend one complete class of the course.

Reviews

Vikas Chourasiya Principal Security Engineer @ Blue Jeans Network

I understood many networking concepts and cleared many doubts about penetration testing. This is just a start and I need to practice all the tools that are taught in the course to make a career in the security domain. The instructor is knowledgeable and was able to guide me very well.

Kallol Kumar Mondal Senior Consultant, GRC @ Wipro

Good, I would like refer my friend for the same course.

Pradeep Varadarajan

It was really a fantastic program.

Praveen Valliavalapil

The course took me to the next level of awarness - A must for cyber security professionals that need to adopt with defensive and offensive techniques.

Dhiraj Kumar

The course was very nice, learned many new things. The tutor was nice and useful.

Anand Kumar

Experienced faculty and excellent facility to make learning enjoyable and enrich.

Habib Ulla Khan GS

The training module is been very well structured and delivered. Trainer has been practical working in real time and helped me to get more information on real time security information. Overall feedback, Very Good.

Sooraj C

Excellent training delivered by Simplilearn.

View More View Less

FAQs

How will the Labs be conducted?
Labs will be conducted on EC-council designed ILabs. The access period is for 6 months.
Who delivers the training?
All our trainers are CEH(v9) certified,Official CEI's and are highly qualified with over 15 years of experience in training and are working in the areas of Cyber security and IT Service & architecture.
Is exam fee included in the course fee?
Yes, there is exam attached to this course.
What is LVC? Is it a classroom training?
LVC or Live Virtual Classroom training for CEH(v9) is a live training conducted via online live streaming of a class. LVC is run by an certified trainer with over 15 years of work experience in the domain and training. The class attended by the global audience can enrich your learning experience.
Are these trainings LIVE or do I attend a pre-recorded video?
All these trainings are live interactive sessions wherein you can raise concerns and discussions at any point during the class. Additionally, we also provide recordings of the sessions attended by you for your future references.
What infrastructure do I need to attend this session?
The system requirements are quite basic:
- OS: Windows any version above XP SP3 & Mac any version above OS X 10.6
- Internet Speed: Preferably above 512 KBPS
- Headset: Any decent headset and microphone which can be used to talk and hear clearly.
I want to know more about the training program. Whom do I contact?
Please join our Live Chat for instant support, call us, or Request a Call Back to have your query resolved.
Who are our Faculties and how are they selected?
All our trainers are working professionals and industry experts with at least 10-12 years of relevant teaching experience.

Each of them have gone through a rigorous selection process which includes profile screening, technical evaluation, and training demo before they are certified to train for us.

We also ensure that only those trainers with a high alumni rating continue to train for us.
What is Global Teaching Assistance?
Our teaching assistants are here to help you get certified in your first attempt.

They are a dedicated team of subject matter experts to help you at every step and enrich your learning experience from class onboarding to project mentoring and job assistance.

They engage with the students proactively to ensure the course path is followed.

Teaching Assistance is available during business hours.
What is covered under the 24/7 Support promise?
We offer 24/7 support through email, chat, and calls.

We also have a dedicated team that provides on demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.