Certified Ethical Hacking (CEH) Training Program


Introduction

  • The Certified Ethical Hacker (CEH) training program is designed to equip cybersecurity professionals with the knowledge, tools, and hands-on skills required to think and act like a hacker — ethically.
  • The program covers 20 comprehensive modules that explore modern technologies, tactics, and attack methodologies, while providing equal emphasis on:
  • Knowledge-based training (50%)
  • Hands-on labs in a cyber range environment (50%)
  • Through virtualized labs with live targets, vulnerable systems, and real-world tools, participants gain practical experience to identify vulnerabilities, exploit them safely, and implement effective countermeasures.

Course Modules


Module 1 – Introduction to Ethical Hacking

  • Fundamentals of ethical hacking and information security.
  • Information security controls, laws, and standard procedures.

Module 2 – Footprinting & Reconnaissance

  • Latest reconnaissance techniques and tools.
  • Pre-attack intelligence gathering methods.

Module 3 – Scanning Networks

  • Network scanning techniques.
  • Scanning countermeasures.

Module 4 – Enumeration

  • Enumeration techniques (e.g., BGP, NFS exploits).
  • Countermeasures for enumeration attacks.

Module 5 – Vulnerability Analysis

  • Identifying security loopholes in networks and endpoints.
  • Types of vulnerability assessments & tools.

Module 6 – System Hacking

  • System hacking methodologies.
  • Steganography, steganalysis, and covering tracks.

Module 7 – Malware Threats

  • Malware types: Trojans, viruses, worms, fileless malware, APTs.
  • Malware analysis procedures and countermeasures.

Module 8 – Sniffing

  • Packet-sniffing techniques.
  • Defenses against sniffing attacks.

Module 9 – Social Engineering

  • Social engineering tactics and techniques.
  • Identifying and preventing human-level vulnerabilities.

Module 10 – Denial-of-Service (DoS & DDoS)

  • DoS/DDoS attack methodologies and tools.
  • Prevention and protection mechanisms.

Module 11 – Session Hijacking

  • Session hijacking techniques and tools.
  • Countermeasures for securing sessions.

Module 12 – Evading IDS, Firewalls & Honeypots

  • IDS/IPS evasion methods.
  • Firewall bypassing and honeypot evasion.
  • Counter-defense techniques.

Module 13 – Hacking Web Servers

  • Web server attack methodologies.
  • Security auditing and countermeasures.

Module 14 – Hacking Web Applications

  • Web application vulnerabilities and attacks.
  • Methodologies for auditing and securing web applications.

Module 15 – SQL Injection

  • SQL injection types and evasion techniques.
  • Detection and prevention measures.

Module 16 – Hacking Wireless Networks

  • Wireless technologies and encryption methods.
  • Wi-Fi attack techniques and countermeasures.

Module 17 – Hacking Mobile Platforms

  • Mobile platform (Android/iOS) attack vectors.
  • Mobile device management and security tools.

Module 18 – IoT & OT Hacking

  • IoT and OT security threats.
  • Hacking tools, techniques, and countermeasures.

Module 19 – Cloud Computing Security

  • Cloud architectures, container technologies, and server less computing.
  • Cloud threats, hacking methodologies, and defense tools.

Module 20 – Cryptography

  • Encryption algorithms and cryptographic tools.
  • PKI, email & disk encryption.
  • Cryptographic attacks and cryptanalysis tools.