The goal of this course is to help you master an ethical hacking methodology that can be used in penetration testing to lawfully assess the security of a system. This course delivers in-demand ethical hacking skills while preparing you for the internationally-recognized Certified Ethical Hacker certification exam (312-50) from EC-Council.
EC Council security experts have designed over 140 labs, which mimic real-time scenarios to help you “live” through an attack as if it were real. You’ll also be given access to over 2,200 commonly used hacking tools to immerse you into the hacker world.
Why take Certified Ethical Hacker? Given the many cybersecurity attacks and great volume of personal data at risk, plus the potential legal liabilities, the need for certified ethical hackers is quite high. This course is a must-take for anyone responsible for network and data security who is looking to get CEH certified.
Introduction to Ethical Hacking Footprinting and Reconnaissance Scanning Networks Enumeration Vulnerability Analysis System Hacking Malware Threats Sniffing Social Engineering Denial-of-Service Session Hijacking Evading IDS, Firewalls, and Honeypots Hacking Web Servers Hacking Web Applications SQL Injection Hacking Wireless Networks Hacking Mobile Platforms IoT Hacking Cloud Computing Cryptography Course Outline Ethical Hacking Course Content 1. Introduction to Ethical Hacking This module introduces the fundamental concepts of ethical hacking such as threats, attack vectors, hacking phases, vulnerability assessment, security controls, and soon. In addition to these concepts, you’ll also explore the core topics such as penetration testing, security architecture, information security laws, and more. • Information Security Overview • Information Security Threats and Attack Vectors • Hacking Concepts, Types, and Phases • Ethical Hacking Concepts and Scope • Information Security Controls • Physical Security • Incident Management • What is Vulnerability Assessment? • Penetration Testing • Information Security Laws and Standards 2. Footprinting and Reconnaissance This module deals with the basic concepts and methodologies associated with Footprinting. Additionally, you’ll also gain hands-0n knowledge in footprinting tools and technologies that are used for collecting information about the target computer system or network in real-time. • Footprinting Concepts • Footprinting Methodology • Footprinting Tools • Footprinting Countermeasures • Footprinting Penetration Testing 3. Scanning Networks In this module, you will learn how to identify active hosts, ports, and the services used by the target application through step by step methods and best practices. • Overview of Network Scanning • CEH Scanning Methodology 4. Enumeration This module provides complete real-time knowledge about the types of information enumerated by intruders, enumeration types, and techniques employed to gather target information. • Enumeration Concepts • NetBIOS Enumeration • SNMP Enumeration • SNMP Enumeration Tools • LDAP Enumeration • NTP Enumeration • SMTP Enumeration • Enumeration Countermeasures • SMB Enumeration Countermeasures • Enumeration Pen Testing 5. System Hacking This section provides a structured process of system hacking through real-time examples. Also, you’ll master the tactics employed for hiding files and covering tracks. • Information at Hand Before System Hacking Stage • System Hacking: Goals • Hacking Methodology (CHM) • System Hacking Steps • Hiding Files • Covering Tracks • Penetration Testing 6. Malware Threats This module explains how the malware enters into the system, malware types, and its characteristics. You’ll learn how to identify and exclude malware through best practices. • Introduction to Malware • Trojan Concepts • Types of Trojans • Virus and Worms Concepts • Malware Reverse Engineering • Countermeasures • Anti-Malware Software • Penetration Testing 7. Sniffing This module explains what sniffing is and how it works. You’ll also learn how to attack a network using sniffing, sniffing types, methods to detect sniffing, various sniffing tools, and how to defend against sniffing. • Sniffing Concepts • MAC Attacks • DHCP Attacks • ARP Poisoning • Spoofing Attack • DNS Poisoning • Sniffing Tools • Sniffing Tool: Wireshark • Follow TCP Stream in Wireshark • Display Filters in Wireshark • Additional Wireshark Filters • Packet Sniffing Tool: Capsa Network Analyzer • Network Packet Analyzer • Counter measures • Sniffing Detection • Sniffing Pen Testing 8. Social Engineering In this module, you’ll master various concepts of social engineering and its techniques. You’ll also learn how to counter such techniques through real-time examples. • Social Engineering Concepts • Social Engineering Techniques • Impersonation on Social Networking Sites • Identity Theft • Social Engineering Countermeasures • Penetration Testing 9. Denial-of-Service In this section, you’ll get to know about denial-of-service attacks and their working. You’ll understand various concepts and techniques of Dos/DDos attacks, and also learn how to prevent them. • DoS/DDoS Concepts • DoS/DDoS Attack Techniques • Botnets • DDoS Case Study • DoS/DDoS Attack Tools and Counter-measures • DoS/DDoS Protection Tools • DoS/DDoS Attack Penetration Testing 10. Session Hijacking This section gives a brief idea about the steps involved in the process of session hijacking and its techniques. You’ll also gain expertise in session hijacking tools and learn how to implement countermeasures against session hijacking. • Session Hijacking Concepts • Application Level Session Hijacking • Network-level Session Hijacking • Session Hijacking Tools • Counter-measures • Session Hijacking Pen Testing 11. Hacking Webservers In this section, you’ll get a brief knowledge of various attack vectors in web servers, including exploiting misconfigured servers, leveraging weaknesses in unpatched environments, and more. you ‘ll experience real-time risks involved in Webserver implementations and learn how to defend such attacks. • Webserver Concepts • Webserver Attacks • Attack Methodology • Webserver Attack Tools • Counter-measures • Patch Management • Webserver Security Tools • Webserver Pen Testing 12. Hacking Web Applications This section presents complete knowledge on how to identify the risks in web applications. You’ll walk through various security paradigms both conceptually and practically within the web applications. Also, comprehend how to overcome these attacks. • Web App Concepts • Web App Threats • Web App Hacking Methodology • Web Application Hacking Tools • Countermeasures • Security Tools • Web App Pen Testing • Web Application Pen Testing Framework 13. SQL Injection This module provides detailed knowledge of SQL injection, core concepts, and techniques used to launch a SQL Injection attack. You’ll also work on various tools of SQL Injection and know the execution of countermeasures against them. • SQL Injection Concepts • Types of SQL Injection • SQL Injection Methodology • SQL Injection Tools • Evasion Techniques • Counter-measures 14. Hacking Wireless Networks This section introduces the techniques used for exploiting weaknesses in wireless networks. You’ll also look at the countermeasures employed to protect against such attacks. • Wireless Concepts • Wireless Encryption • Wireless Threats • Wireless Hacking Methodology • Wireless Hacking Tools • Bluetooth Hacking • Counter-measures • Wireless Security Tools • Wi-Fi Pen Testing 15. Hacking Mobile Platforms This section helps you know various risk areas associated with the mobile platform. You’ll also learn to manage mobile devices by implementing mobile security guidelines and tools. • Mobile Platform Attack Vectors • Hacking Android OS • Hacking iOS • Hacking Windows Phone OS • Hacking BlackBerry • Mobile Device Management (MDM) • Mobile Security Guidelines and Tools • Mobile Pen Testing 16. Evading IDS, Firewalls, and Honeypots This section gives a thorough knowledge of how intrusion detection systems work. You’ll also work on various tools and techniques that help in evading detection. • IDS, Firewall and Honeypot Concepts • IDS, Firewall and Honeypot System • Evading IDS • Evading Firewalls • IDS/Firewall Evading Tools • Detecting Honeypots • IDS/Firewall Evasion Counter-measures • Penetration Testing 17. Cloud Computing This section gives an overview of cloud computing and risk areas associated with it. You’ll also work on cloud security tools and learn to defend such attacks. • Introduction to Cloud Computing • Cloud Computing Threats • Cloud Computing Attacks • Cloud Security • Cloud Security Tools • Cloud Penetration Testing 18. Cryptography This section explains the fundamentals of cryptography and encryption algorithms. You’ll also learn to protect the data using cryptography. • Market Survey 2014: The Year of Encryption • Case Study: Heartbleed • Case Study: Poodlebleed • Cryptography Concepts • Encryption Algorithms • Cryptography Tools • Public Key Infrastructure (PKI) • Email Encryption • Disk Encryption • Cryptography Attacks • Cryptanalysis Tools