Certified Ethical Hacker (CEHv12)
Class Details: 2.5 months | coming soon***
Certified Ethical Hacker (CEH)
Cybersecurity Incidents Are Exploding, and so Are Cyber Jobs. Build Your Career With the Most In-Demand Ethical Hacking Certification in the World, Certified Ethical Hacker. Certified Ethical Hackers are hired by organizations either on a contract or as full-time employees to help improve the organization’s security posture. CEH is a required baseline certification for many different job roles, but the function of ethical hacking itself involves a methodical practice of identifying, evaluating, testing and reporting on vulnerabilities in an organization. Ethical Hacking is a broad practice that covers many different technologies, but by systematically applying the methodologies taught in the CEH program, ethical hackers can evaluate nearly any application or infrastructure they are tasked with, identify potential vulnerabilities, and provide recommendations on how those vulnerabilities can be remediated. In the case of military organizations, ethical hackers are highly trained in offensive and defensive activities and possess the critical skill sets and tactics to evaluate target systems and defend their own organization’s assets in real-time.
Target Audience:
- Cybersecurity Experts
- Network engineers
- System Administrators
- Web Application Developers
- IT Professional
Prerequisites:
- Basic Knowledge of operating Linux OS and Windows OS
- Basic Computer Networking
- Fundamentals of Web Technology
Course Curriculum
Module 1: Introduction to Ethical Hacking
Topic: Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR.
Module 2: Footprinting and Reconnaissance
Perform footprinting on the target network using search engines, web services, and social networking sites.
Perform website, email, whois, DNS, and network footprinting on the target network.
Module 3: Scanning Networks
Perform host, port, service, and OS discovery on the target network.
Perform scanning on the target network beyond IDS and firewall.
Module 4: Enumeration
Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration.
Module 5: Vulnerability Analysis
Perform vulnerability research using vulnerability scoring systems and databases.
Perform vulnerability assessment using various vulnerability assessment tools.
Module 6: System Hacking
Perform Online active online attacks to crack the system’s password.
Perform buffer overflow attacks to gain access to a remote system.
Escalate privileges using privilege escalation tools.
Escalate privileges in Linux machines.
Hide data using steganography.
Clear Windows and Linux machine logs using various utilities.
Hiding artifacts in Windows and Linux machines.
Module 7: Malware Threats
Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools.
Lesson 08: Sniffing
Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools.
Module 9: Social Engineering
Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft.
Module 10: Denial-of-Service
DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools.
Module 11: Session Hijacking
Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools.
Module 12: Evasion IDS, Firewalls, and Honeypots
Bypass Windows Firewall.
Bypass firewall rules using tunneling.
Bypass antivirus.
Module 13: Hacking Web Servers
Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools.
Module 14: Hacking Web Applications
Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security.
Module 15: SQL Injection
SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools.
Module 16: Hacking Wireless Networks
Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools.
Module 17: Hacking Mobile Platforms
Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools.
Module 18: IoT and OT Hacking
IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools.
Module 19: Cloud Computing
Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools.
Module 20: Cryptography
Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching.