CEH Ethical Hacking (CEH)

CEH Ethical Hacking (CEH)

Course Overview

Ethical hacking is the use of programming skills to determine vulnerabilities in a computer system. An ethical hacker attacks a security system on behalf of its owners seeking vulnerabilities but reporting problems instead of taking advantage of them.

This course is designed to help prepare for the EC-Council Certified Ethical Hacker certifications. The course is structured knowledge base needed to probe, discover vulnerabilities and recommend solutions for tightening network security and protecting data from potential attackers. Focus is on penetration-testing tools and techniques to protect computer networks

Basic computer skills (not just MS Word but using the command line, editing the registry, and setting up a network

Course Objectives


Course Learning Outcomes

CompTIA Certification

Security +

Associate Level


Module 1

Module 2

Module 3

Module 4

  • Introduction

Introduction to Ethical Hacking.

Foot printing and Reconnaissance.

Scanning Networks.


System Hacking.

Trojans and Backdoors.

Viruses and Worms.

Sniffers and Session Hijacking.

Social Engineering.

Denial of Service.

Webservers and Applications.

Hacking Wireless Networks.

IDS, Firewalls, and Honeypots.

Buffer Overflows.


Penetration Testing. 

Course Learning Syllabus

Introduction Lecturer Introduction

Importance of this course

What you will learn in this course

Assessing Information Security Risk Topic 1:   Networking skills (for example, understanding routers and switches, internet protocols, and advanced TCP/IP)

Understanding OSI Module 

Understanding Switches & Routers

IP Address segmentation

DNS, MAC Addresses 

Network Infrastructure 

Layer 3 Vulnerabilities 

Topic 2:  Linux skills (these are non-negotiable)

Command Line

Fundamentals of Linux Environment

OS vulnerabilities - Windows - Mac OS - Linux - Android - iOS 

Unsecure service and     protocol configurations 

Privilege escalation - Linux-specific - SUID/SGID programs - Unsecure SUDO  - Ret2libc  - Sticky bits - Windows-specific

System-Specific Risk Analysis

Risk Determinations

Documentation of Assessment Results

Guidelines for Assessing Risk

Topic 3:  Database skills& CIA (starting with SQL)

Classes of Information

Classification of Information Types into CIA Levels

Security Control Categories

Technical Controls (Template)

Technical Controls (Example Answer)

Aggregate CIA Score

Common Vulnerability Scoring System

Common Vulnerabilities and Exposures

Demo - Common Vulnerability Scoring System

Extreme Scenario Planning and Worst Case 

Common host-related symptoms - Processor consumption 

Memory consumption - Drive capacity consumption 

Unauthorized software - Malicious processes 

Unauthorized changes - Unauthorized privileges - Data exfiltration

Topic 4: Integrate Documentation into Risk Management

From Policy to Procedures

Policy Development

Process and Procedure Development

Demo - Finding a Policy Template

Topics to Include in Security Policies and Procedures

Best Practices to Incorporate in Security Policies and Procedures

Business Documents That Support Security Initiatives

Guidelines for Integrating Documentation into Risk Management


Analyzing the Threat Landscape Topic 5: Classify Threats and Threat Profiles

Threat Actors

Threat Motives

Threat Intentions

Attack Vectors

Attack Technique Criteria

Qualitative Threat and Impact Analysis

Guidelines for Classifying Threats and Threat Profiles

Topic 6: Perform Ongoing Threat Research

Ongoing Research

Situational Awareness

Commonly Targeted Assets

The Latest Vulnerabilities

The Latest Threats and Exploits

The Latest Security Technologies

Resources Aiding in Research

Demo - Resources that Aid in Research of Threats

The Global Cybersecurity Industry and Community

Trend Data

Trend Data and Qualifying Threats

Guidelines for Performing Ongoing Threat Research


Analyzing Reconnaissance Threats to Computing and Network Environments Topic 7: Implement Threat Modeling

The Diverse Nature of Threats

The Anatomy of a Cyber Attack

Threat Modeling

Reasons to Implement Threat Modeling

Threat Modeling Process

Attack Tree

Threat Modeling Tools

Threat Categories

Topic 8: Assess the Impact of Reconnaissance Incidents

Footprinting, Scanning, and Enumeration

Footprinting Methods

Network and System Scanning Methods

Enumeration Methods

Evasion Techniques for Reconnaissance

Reconnaissance Tools

Packet Trace Analysis with Wireshark

Demo - Performing Reconnaissance on a Network

Demo - Examining Reconnaissance Incidents


Analyzing Attacks on Computing and Network Environments Topic 9: Assess the Impact of System Hacking Attacks

System Hacking

Password Sniffing

Password Cracking

Demo - Cracking Passwords Using a Password File

Privilege Escalation

Social Engineering for Systems Hacking

System Hacking Tools and Exploitation Frameworks

Topic 10: Assess the Impact of Web-Based Attacks

Client-Side vs. Server-Side Attacks



SQL Injection

Directory Traversal

File Inclusion

Additional Web Application Vulnerabilities and Exploits

Web Services Exploits

Web-Based Attack Tools

Demo - Assessing the Impact of Web-Based Threats

Topic 11: Assess the Impact of Malware

Malware Categories

Trojan Horse

Polymorphic Virus


Supply Chain Attack

Malware Tools

Demo - Malware Detection and Removal

Topic 12: Assess the Impact of Hijacking and Impersonation Attacks

Spoofing, Impersonation, and Hijacking

ARP Spoofing

DNS Poisoning

ICMP Redirect

DHCP Spoofing

NBNS Spoofing

Session Hijacking

Hijacking and Spoofing Tools

Topic 13: Assess the Impact of DoS Incidents

DoS Attacks

DoS Attack Techniques


DoS Evasion Techniques

DoS Tools

Demo - Assessing the Impact of DoS Attacks

Topic: Assess the Impact of Threats to Cloud Security

Cloud Infrastructure Challenges

Threats to Virtualized Environments

Threats to Big Data

Example of a Cloud Infrastructure Attack

Cloud Platform Security Review

Analyzing Post-Attack Techniques Topic: Assess Command and Control Techniques

Command and Control





Additional Channels

Demo - Assessing Command and Control Techniques


Golden Ticket and Anti-Forensics

Demo - Assessing Anti-Forensics

Buffer Overflows

Memory Residents

Program Packers

VM and Sandbox Detection


Covering Tracks


Evaluating the Organization’s Security Posture Topic: Conduct Vulnerability Assessments

Vulnerability Assessment

Penetration Testing

Vulnerability Assessment vs. Penetration Testing

Vulnerability Assessment Implementation

Vulnerability Assessment Tools

Specific Assessment Tools

Port Scanning and Fingerprinting

Sources of Vulnerability Information

Operating System and Software Patching

Systemic Security Issues

Demo - Perform a Vulnerability Scan with Nessus

Demo - Perform a Vulnerability Scan with MBSA

Topic: Conduct Penetration Tests on Network Assets


Pen Test Phases

Pen Test Scope

External vs. Internal Pen Testing

Pen Testing Techniques

Pen Testing Tools of the Trade

Kali Linux

Data Mining

Attack Surface Scanning and Mapping

Packet Manipulation for Enumeration

Simulated Attacks

Password Attacks

Penetration Test Considerations

Topic: Follow Up on Penetration Testing

Effective Reporting and Documentation

Target Audiences

Information Collection Methods

Penetration Test Follow-Up

Report Classification and Distribution


Topic: Deploy a Security Intelligence Collection and Analysis Platform

Security Intelligence

The Challenge of Security Intelligence Collection

Security Intelligence Collection Lifecycle

Security Intelligence Collection Plan


What to Monitor

Security Monitoring Tools

Data Collection

Potential Sources of Security Intelligence

Guidelines for Determining Which Data to Collect for Security Intelligence

Guidelines for Determining Which Fields You Should Log

Guidelines for Configuring Logging Systems Based on Their Impact

Guidelines for Determining Which Events Should Prompt an Alert

Information Processing

External Data Sources

Publicly Available Information

Collection and Reporting Automation

Data Retention

Topic C: Collect Data from Host-Based Intelligence Sources

Operating System Log Data

Windows Event Logs

Syslog Data

Application Logs

DNS Event Logs



FTP Logs

SSH Logs

SQL Logs

Demo - Collecting Host-Based Security Intelligence

Demo - Parsing Log Files



Performing Active Asset and Network Analysis Topic: Analyze Incidents with Windows-Based Tools

Registry Editor (regedit)

Analysis with Registry Editor

File System Analysis Tools for Windows

Process Explorer

Process Monitor

Service Analysis Tools for Windows

Volatile Memory Analysis Tools for Windows

Active Directory Analysis Tools

Network Analysis Tools for Windows

Demo - Windows-Based Incident Analysis Tools

Topic: Analyze Incidents with Linux-Based Tools

File System Analysis Tools for Linux

Process Analysis Tools for Linux

Volatile Memory Analysis Tools for Linux

Session Analysis Tools for Linux

Network Analysis Tools for Linux

Demo - Linux-Based Incident Analysis Tools

Topic: Analyze Malware

Malware Sandboxing

Crowd-Sources Signature Detection

VirusTotal Malware Entry

Reverse Engineering


Disassembly of Malware in IDA

Malware Strings

Anti-Malware Solutions


Guidelines for Analyzing Malware

Demo - Analyzing Malware

Topic: Analyze Indicators of Compromise


Unauthorized Software and Files

Suspicious Emails

Suspicious Registry Entries

Unknown Port and Protocol Usage

Excessive Bandwidth Usage

Service Disruption and Defacement

Rogue Hardware

Suspicious or Unauthorized Account Usage

Guidelines for Analyzing Indicators of Compromise

Demo - Analyzing Indicators of Compromise 


Responding to Cybersecurity Incidents

Topic: Prepare for Forensic Investigation as a CSIRT

The Duties of a Forensic Analyst

Communication of CSIRT Outcomes to Forensic Analysts

Guidelines for Conducting Post-Incident Tasks


Investigating Cybersecurity Incident Topic: Apply a Forensic Investigation Plan

A Day in the Life of a Forensic Analyst

Forensic Investigation Models

Forensic Investigation Preparation

Investigation Scope

Timeline Generation and Analysis

Authentication of Evidence

Chain of Custody

Communication and Interaction with Third Parties

Forensic Toolkits

Guidelines for Preparing for a Forensic Investigation

Topic: Securely Collect and Analyze Electronic Evidence

Order of Volatility

File Systems

File Carving and Data Extraction

Persistent Data

Data Preservation for Forensics

Forensic Analysis of Compromised Systems

Demo - Securely Collecting Electronic Evidence

Demo - Analyzing Forensic Evidence

Topic: Follow Up on the Results of an Investigation

Cyber Law

Technical Experts and Law Enforcement Liaisons

Documentation of Investigation Results


Conclusion Wrap-Up