, ,

Certified Ethical Hacker (CEH)

$34.99

+ Free Shipping

Introduction

Certified Ethical Hacker (CEH) training is an advanced course designed to help professionals understand how to recognize and combat threats posed by malicious hackers. The curriculum focuses on teaching participants the tools and techniques used by malicious hackers so that they can be used to defend networks and systems from potential attacks.

This course provides a comprehensive overview of topics such as Foot printing & Reconnaissance, Scanning Networks, System Hacking, Malware Threats, Sniffing, Social Engineering, Denial-of-Service Attacks, Session Hijacking etc., as well as other security measures necessary to protect information systems.

Participants will be equipped with valuable skills needed to detect and respond appropriately to complex network security threats.

This included Likely Job Interview Questions and answers asked during Certified Ethical Hacker (CEH) Job Interview.

It also inculcated Cover letters and resume.

 

Objectives

  1. Gain an in-depth understanding of the tools and techniques used by malicious hackers.
  2. Learn how to identify, mitigate, and respond to security threats on networks and systems.
  3. Become proficient in scanning networks for vulnerabilities, foot printing, and system hacking techniques.
  4. Understand malware analysis processes, cryptography concepts, access control mechanisms, web application security principles, wireless network attacks and cloud computing platforms security threats.
  5. Develop the ability to create reports on the accumulated data describing potential risks within a network or computer system infrastructure that may be exploited by a real attacker.

Course Outline

Module 1: Knowledge of Operating systems including Windows, Linux/Unix, iOS & Android. Basic programming skills are beneficial but not required.

 

Module 2 – Introduction to Ethical Hacking & Network Security Terminology

-Basics of ethical hacking, information security controls, relevant laws, and standard

-Elements of Information Security

-Understand network security threats and vulnerabilities

– Execute threat analysis strategies using risk assessment techniques

– Implement various approaches for vulnerability assessment

-Cyber Kill Chain Methodology

-MITRE ATT&CK Framework

-Hacker Classes, Ethical Hacking

-Information Assurance (IA)

-Risk Management

-Incident Management

-PCI DSS

-HIPPA

-SOX

-GDPR

 

Module 3 – Foot printing & Reconnaissance

-Techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.

-Perform foot printing on the target network using search engines, web services, and social networking sites

-Perform website, email, whois, DNS, and network foot printing on the target

network

 

Module 4 – Scanning Networks

-Scan networks using various scanning tools

-The fundamentals of key issues in the information security world, including the

basics of ethical hacking, information security controls, relevant laws, and standard

-Perform host, port, service, and OS discovery on the target network

-Perform scanning on the target network beyond IDS and firewall

 

Module 5: Enumeration

-Various enumeration techniques, such as Border Gateway Protocol (BGP)

-Network File Sharing (NFS) exploits, plus associated countermeasures.

-Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP

 

Module 6: Vulnerability Analysis

-Perform vulnerability research using vulnerability scoring systems and databases

-Identify security loopholes in a target organization’s network, communication infrastructure, and end systems.

-Perform vulnerability assessment using various vulnerability assessment tools

 

Module 7– System Hacking & Cracking Passwords

-Learn about the various system hacking methodologies—including steganography,

steganalysis attacks and covering tracks—used to discover system and network vulnerabilities.

-Perform hacking attacks such as buffer overflows and privilege escalation

– Gain access to systems using passwords cracks, Trojan horses, and other attack methods

-Perform Online active online attack to crack the system’s password.

-Perform buffer overflow attack to gain access to a remote system.

-Escalate privileges using privilege escalation tools.

-Escalate privileges in Linux machine

-Hide data using steganography

-Clear Windows and Linux machine logs using various utilities.

-Hiding artifacts in Windows and Linux machines.

 

Module 8 – Sniffing – Monitor Communications on the Network

-Learn about packet-sniffing techniques and how to use them to discover network

vulnerabilities, as well as countermeasures to defend against sniffing attacks.

-Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack.

-Spoof a MAC address of Linux machine.

-Perform network sniffing using various sniffing tools.

-Detect ARP poisoning in a switch-based network.

-Network Sniffing

-Wiretapping

-MAC Flooding

-DHCP Starvation Attack

-ARP Spoofing Attack

-ARP Poisoning

-ARP Poisoning Tools

-MAC Spoofing

-STP Attack

-DNS Poisoning

-DNS Poisoning Tools

-Sniffing Tools

-Sniffer Detection Techniques

-Promiscuous Detection Tools

 

Module 9: Malware Threats

-Malware

-Components of Malware

-The different types of malwares, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.

-Gain control over a victim machine using Trojan

-Infect the target system using a virus

-Perform static and dynamic malware analysis

-APT

-Trojan

-Types of Trojans

-Exploit Kits

-Virus

-Virus Lifecycle

-Types of Viruses

-Ransomware

-Computer Worms

-Fileless Malware

-Malware Analysis

-Static Malware Analysis

-Dynamic Malware Analysis

-Virus Detection Methods

-Trojan Analysis

-Virus Analysis

-Fileless Malware Analysis

-Anti-Trojan Software

-Antivirus Software

-Fileless Malware Detection Tools

 

Module 10 – Social Engineering Techniques

-Social engineering concepts and techniques, including how to identify theft

attempts, audit human-level vulnerabilities, and suggest social engineering.  And countermeasures.

-Social Engineering

-Types of Social Engineering

-Perform social engineering using Various.

-Spoof a MAC address of a Linux machine.

-Detect a phishing attack.

-Audit an organization’s security for phishing attacks.

-Phishing

-Phishing Tools

-Insider Threats/Insider Attacks

-Identity Theft

 

Module 11– Denial of Service Attacks

-Different Denial-of-Service (DoS) and Distributed DoS (DDoS) attack

techniques, as well as the tools used to audit a target and devise DoS and DDoS

countermeasures and protections.

-Perform a DoS and DDoS attack on a target host.

-Detect and protect against DoS and DDoS attacks.

-DoS Attack

-DDoS Attack

-Botnets

-DoS/DDoS Attack Techniques

-DoS/DDoS Attack Tools

-DoS/DDoS Attack Detection Techniques

-DoS/DDoS Protection Tools

 

Module 12 – Session Hijacking & Stealing Data

-Session Hijacking

-Types of Session Hijacking

-The various session hijacking techniques used to discover network-level

session management, authentication, authorization, and cryptographic weaknesses

and associated countermeasures.

-Perform session hijacking using various tools.

-Detect session hijacking

-Spoofing

-Application-Level Session Hijacking

-Man-in-the-Browser Attack

-Client-side Attacks

-Session Replay Attacks

-Session Fixation Attack

-CRIME Attack

-Network Level Session Hijacking

-TCP/IP Hijacking

-Session Hijacking Tools

-Session Hijacking Detection Methods

-Session Hijacking Prevention Tools

 

Module 13– Evading IDS, Firewalls &Honeypots

-Introduced to firewall, intrusion detection system, and honeypot evasion

techniques: the tools used to audit a network perimeter for weaknesses; and

countermeasures.

-Bypass Windows Firewall

-Bypass firewall rules using tunneling (

-Bypass antivirus

-Honeypots & Honeynets

-Packet Manipulation Trapping / Spoofing

 

Module 14: Hacking Web Servers

-Web server attacks, including a comprehensive attack methodology

used to audit vulnerabilities in web server infrastructures and countermeasures.

-Perform web server reconnaissance using various tools.

-Enumerate web server information

-Crack FTP credentials using a dictionary attack.

-Web Server Operations

-Web Server Attacks

-DNS Server Hijacking

-Website Defacement

-Web Cache Poisoning Attack

-Web Server Attack Methodology

-Web Server Attack Tools

-Web Server Security Tools

-Patch Management

-Patch Management Tools

 

Module 15: Hacking Web Applications

-Web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.

-Web Application Architecture

-Web Application Threats

-OWASP Top 10 Application Security Risks

-Web Application Hacking Methodology

-Web API

-Webhooks and Web Shell

-Web API Hacking Methodology

-Web Application Security

-Perform web application reconnaissance using various tools

-Perform web spidering

-Perform web application vulnerability scanning

-Perform a brute-force attack

-Perform Cross-Site Request Forgery (CSRF) Attack

-Identify XSS vulnerabilities in web applications

-Detect web application vulnerabilities using various web application security tools

 

Module 16: SQL Injection

-Types of SQL injection

-Blind SQL Injection

-SQL Injection Methodology

-SQL Injection Tools

-SQL injection attack techniques

-Signature Evasion Techniques

-SQL Injection Detection Tools

-countermeasures to detect and defend against SQL injection attempts.

-Perform an SQL injection attack against MSSQL to extract databases

-Detect SQL injection vulnerabilities using various SQL injection detection

tools

 

Module 17: Hacking Wireless Networks

-Wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools

-Foot Print a wireless network.

-Perform wireless traffic analysis

-Crack WEP, WPA, and WPA2 networks

-Create a rogue access point to capture data packets

-Wireless Terminology

-Wireless Networks

-Wireless Encryption

-Wireless Threats

-Wireless Hacking Methodology

-Wi-Fi Encryption Cracking

-WEP/WPA/WPA2 Cracking Tools

-Bluetooth Hacking

-Bluetooth Threats

-Wi-Fi Security Auditing Tools

-Bluetooth Security Tools

 

Module 18: Hacking Mobile Platforms

-Mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.

-Hack an Android device by creating binary payloads

-Exploit the Android platform through ADB

-Hack an Android device by creating APK file

-Secure Android devices using various Android security tools

-Mobile Platform Attack Vectors

-OWASP Top 10 Mobile Controls

-OWASP Top 10 Mobile Risks

-App Sandboxing, SMS Phishing Attack (SMiShing)

-Android Rooting

-Hacking Android Devices

-Android Security Tools

-Jailbreaking iOS

-Hacking iOS Devices

-iOS Device Security Tools

-Mobile Device Management (MDM)

 

Module 19: IoT and OT Hacking

-Packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.

-Gather information using Online foot printing tools.

-Capture and analyze IoT device traffic.

-IoT Architecture

-IoT Communication Models

-OWASP Top 10 IoT Threats

-IoT Vulnerabilities

-IoT Hacking Methodology

-IoT Hacking Tools

-IoT Security Tools

-IT/OT Convergence (IIOT)

-ICS/SCADA, OT Vulnerabilities

-OT Attacks

-OT Hacking Methodology

-OT Hacking Tools

-OT Security Tools

 

Module 20: Cloud Computing

-Types of Cloud Computing Services

-Cloud Deployment Models

-Cloud computing concepts

-Container technologies and server less computing

-Cloud-based threats and attacks

-Cloud security techniques and tools.

-Cloud Service Providers

-Cloud Attacks

-Cloud Hacking

-Cloud Network Security

-Cloud Security Controls

-Fog and Edge Computing

-Docker

-Kubernetes

-Container and Kubernetes Vulnerabilities

-Perform S3 Bucket enumeration using various S3 bucket enumeration tools

-Exploit open S3 buckets

-Escalate IAM user privileges by exploiting misconfigured user policy

-OWASP Top 10 Cloud Security Risks

 

Module 21: Cryptography

-Cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.

-Encryption Algorithms

-Public Key Infrastructure (PKI)

-Email Encryption

-Disk Encryption

-Key Stretching

-Calculate MD5 hashes

-Perform file and text message encryption

-Create and use self-signed certificates

-Perform email and disk encryption

-Perform cryptanalysis using various cryptanalysis tools

-MD5 and MD6 Hash Calculators

 

Module 22: Likely Job Interview Questions and answers asked during Job Interview

 

Module 23: Cover letters and Resumes.

Introduction

Certified Ethical Hacker (CEH) training is an advanced course designed to help professionals understand how to recognize and combat threats posed by malicious hackers. The curriculum focuses on teaching participants the tools and techniques used by malicious hackers so that they can be used to defend networks and systems from potential attacks.

This course provides a comprehensive overview of topics such as Foot printing & Reconnaissance, Scanning Networks, System Hacking, Malware Threats, Sniffing, Social Engineering, Denial-of-Service Attacks, Session Hijacking etc., as well as other security measures necessary to protect information systems.

Participants will be equipped with valuable skills needed to detect and respond appropriately to complex network security threats.

This included Likely Job Interview Questions and answers asked during Certified Ethical Hacker (CEH) Job Interview.

It also inculcated Cover letters and resume.

 

Objectives

  1. Gain an in-depth understanding of the tools and techniques used by malicious hackers.
  2. Learn how to identify, mitigate, and respond to security threats on networks and systems.
  3. Become proficient in scanning networks for vulnerabilities, foot printing, and system hacking techniques.
  4. Understand malware analysis processes, cryptography concepts, access control mechanisms, web application security principles, wireless network attacks and cloud computing platforms security threats.
  5. Develop the ability to create reports on the accumulated data describing potential risks within a network or computer system infrastructure that may be exploited by a real attacker.

Course Outline

Module 1: Knowledge of Operating systems including Windows, Linux/Unix, iOS & Android. Basic programming skills are beneficial but not required.

 

Module 2 – Introduction to Ethical Hacking & Network Security Terminology

-Basics of ethical hacking, information security controls, relevant laws, and standard

-Elements of Information Security

-Understand network security threats and vulnerabilities

– Execute threat analysis strategies using risk assessment techniques

– Implement various approaches for vulnerability assessment

-Cyber Kill Chain Methodology

-MITRE ATT&CK Framework

-Hacker Classes, Ethical Hacking

-Information Assurance (IA)

-Risk Management

-Incident Management

-PCI DSS

-HIPPA

-SOX

-GDPR

 

Module 3 – Foot printing & Reconnaissance

-Techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.

-Perform foot printing on the target network using search engines, web services, and social networking sites

-Perform website, email, whois, DNS, and network foot printing on the target

network

 

Module 4 – Scanning Networks

-Scan networks using various scanning tools

-The fundamentals of key issues in the information security world, including the

basics of ethical hacking, information security controls, relevant laws, and standard

-Perform host, port, service, and OS discovery on the target network

-Perform scanning on the target network beyond IDS and firewall

 

Module 5: Enumeration

-Various enumeration techniques, such as Border Gateway Protocol (BGP)

-Network File Sharing (NFS) exploits, plus associated countermeasures.

-Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP

 

Module 6: Vulnerability Analysis

-Perform vulnerability research using vulnerability scoring systems and databases

-Identify security loopholes in a target organization’s network, communication infrastructure, and end systems.

-Perform vulnerability assessment using various vulnerability assessment tools

 

Module 7– System Hacking & Cracking Passwords

-Learn about the various system hacking methodologies—including steganography,

steganalysis attacks and covering tracks—used to discover system and network vulnerabilities.

-Perform hacking attacks such as buffer overflows and privilege escalation

– Gain access to systems using passwords cracks, Trojan horses, and other attack methods

-Perform Online active online attack to crack the system’s password.

-Perform buffer overflow attack to gain access to a remote system.

-Escalate privileges using privilege escalation tools.

-Escalate privileges in Linux machine

-Hide data using steganography

-Clear Windows and Linux machine logs using various utilities.

-Hiding artifacts in Windows and Linux machines.

 

Module 8 – Sniffing – Monitor Communications on the Network

-Learn about packet-sniffing techniques and how to use them to discover network

vulnerabilities, as well as countermeasures to defend against sniffing attacks.

-Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack.

-Spoof a MAC address of Linux machine.

-Perform network sniffing using various sniffing tools.

-Detect ARP poisoning in a switch-based network.

-Network Sniffing

-Wiretapping

-MAC Flooding

-DHCP Starvation Attack

-ARP Spoofing Attack

-ARP Poisoning

-ARP Poisoning Tools

-MAC Spoofing

-STP Attack

-DNS Poisoning

-DNS Poisoning Tools

-Sniffing Tools

-Sniffer Detection Techniques

-Promiscuous Detection Tools

 

Module 9: Malware Threats

-Malware

-Components of Malware

-The different types of malwares, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.

-Gain control over a victim machine using Trojan

-Infect the target system using a virus

-Perform static and dynamic malware analysis

-APT

-Trojan

-Types of Trojans

-Exploit Kits

-Virus

-Virus Lifecycle

-Types of Viruses

-Ransomware

-Computer Worms

-Fileless Malware

-Malware Analysis

-Static Malware Analysis

-Dynamic Malware Analysis

-Virus Detection Methods

-Trojan Analysis

-Virus Analysis

-Fileless Malware Analysis

-Anti-Trojan Software

-Antivirus Software

-Fileless Malware Detection Tools

 

Module 10 – Social Engineering Techniques

-Social engineering concepts and techniques, including how to identify theft

attempts, audit human-level vulnerabilities, and suggest social engineering.  And countermeasures.

-Social Engineering

-Types of Social Engineering

-Perform social engineering using Various.

-Spoof a MAC address of a Linux machine.

-Detect a phishing attack.

-Audit an organization’s security for phishing attacks.

-Phishing

-Phishing Tools

-Insider Threats/Insider Attacks

-Identity Theft

 

Module 11– Denial of Service Attacks

-Different Denial-of-Service (DoS) and Distributed DoS (DDoS) attack

techniques, as well as the tools used to audit a target and devise DoS and DDoS

countermeasures and protections.

-Perform a DoS and DDoS attack on a target host.

-Detect and protect against DoS and DDoS attacks.

-DoS Attack

-DDoS Attack

-Botnets

-DoS/DDoS Attack Techniques

-DoS/DDoS Attack Tools

-DoS/DDoS Attack Detection Techniques

-DoS/DDoS Protection Tools

 

Module 12 – Session Hijacking & Stealing Data

-Session Hijacking

-Types of Session Hijacking

-The various session hijacking techniques used to discover network-level

session management, authentication, authorization, and cryptographic weaknesses

and associated countermeasures.

-Perform session hijacking using various tools.

-Detect session hijacking

-Spoofing

-Application-Level Session Hijacking

-Man-in-the-Browser Attack

-Client-side Attacks

-Session Replay Attacks

-Session Fixation Attack

-CRIME Attack

-Network Level Session Hijacking

-TCP/IP Hijacking

-Session Hijacking Tools

-Session Hijacking Detection Methods

-Session Hijacking Prevention Tools

 

Module 13– Evading IDS, Firewalls &Honeypots

-Introduced to firewall, intrusion detection system, and honeypot evasion

techniques: the tools used to audit a network perimeter for weaknesses; and

countermeasures.

-Bypass Windows Firewall

-Bypass firewall rules using tunneling (

-Bypass antivirus

-Honeypots & Honeynets

-Packet Manipulation Trapping / Spoofing

 

Module 14: Hacking Web Servers

-Web server attacks, including a comprehensive attack methodology

used to audit vulnerabilities in web server infrastructures and countermeasures.

-Perform web server reconnaissance using various tools.

-Enumerate web server information

-Crack FTP credentials using a dictionary attack.

-Web Server Operations

-Web Server Attacks

-DNS Server Hijacking

-Website Defacement

-Web Cache Poisoning Attack

-Web Server Attack Methodology

-Web Server Attack Tools

-Web Server Security Tools

-Patch Management

-Patch Management Tools

 

Module 15: Hacking Web Applications

-Web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.

-Web Application Architecture

-Web Application Threats

-OWASP Top 10 Application Security Risks

-Web Application Hacking Methodology

-Web API

-Webhooks and Web Shell

-Web API Hacking Methodology

-Web Application Security

-Perform web application reconnaissance using various tools

-Perform web spidering

-Perform web application vulnerability scanning

-Perform a brute-force attack

-Perform Cross-Site Request Forgery (CSRF) Attack

-Identify XSS vulnerabilities in web applications

-Detect web application vulnerabilities using various web application security tools

 

Module 16: SQL Injection

-Types of SQL injection

-Blind SQL Injection

-SQL Injection Methodology

-SQL Injection Tools

-SQL injection attack techniques

-Signature Evasion Techniques

-SQL Injection Detection Tools

-countermeasures to detect and defend against SQL injection attempts.

-Perform an SQL injection attack against MSSQL to extract databases

-Detect SQL injection vulnerabilities using various SQL injection detection

tools

 

Module 17: Hacking Wireless Networks

-Wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools

-Foot Print a wireless network.

-Perform wireless traffic analysis

-Crack WEP, WPA, and WPA2 networks

-Create a rogue access point to capture data packets

-Wireless Terminology

-Wireless Networks

-Wireless Encryption

-Wireless Threats

-Wireless Hacking Methodology

-Wi-Fi Encryption Cracking

-WEP/WPA/WPA2 Cracking Tools

-Bluetooth Hacking

-Bluetooth Threats

-Wi-Fi Security Auditing Tools

-Bluetooth Security Tools

 

Module 18: Hacking Mobile Platforms

-Mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.

-Hack an Android device by creating binary payloads

-Exploit the Android platform through ADB

-Hack an Android device by creating APK file

-Secure Android devices using various Android security tools

-Mobile Platform Attack Vectors

-OWASP Top 10 Mobile Controls

-OWASP Top 10 Mobile Risks

-App Sandboxing, SMS Phishing Attack (SMiShing)

-Android Rooting

-Hacking Android Devices

-Android Security Tools

-Jailbreaking iOS

-Hacking iOS Devices

-iOS Device Security Tools

-Mobile Device Management (MDM)

 

Module 19: IoT and OT Hacking

-Packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.

-Gather information using Online foot printing tools.

-Capture and analyze IoT device traffic.

-IoT Architecture

-IoT Communication Models

-OWASP Top 10 IoT Threats

-IoT Vulnerabilities

-IoT Hacking Methodology

-IoT Hacking Tools

-IoT Security Tools

-IT/OT Convergence (IIOT)

-ICS/SCADA, OT Vulnerabilities

-OT Attacks

-OT Hacking Methodology

-OT Hacking Tools

-OT Security Tools

 

Module 20: Cloud Computing

-Types of Cloud Computing Services

-Cloud Deployment Models

-Cloud computing concepts

-Container technologies and server less computing

-Cloud-based threats and attacks

-Cloud security techniques and tools.

-Cloud Service Providers

-Cloud Attacks

-Cloud Hacking

-Cloud Network Security

-Cloud Security Controls

-Fog and Edge Computing

-Docker

-Kubernetes

-Container and Kubernetes Vulnerabilities

-Perform S3 Bucket enumeration using various S3 bucket enumeration tools

-Exploit open S3 buckets

-Escalate IAM user privileges by exploiting misconfigured user policy

-OWASP Top 10 Cloud Security Risks

 

Module 21: Cryptography

-Cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.

-Encryption Algorithms

-Public Key Infrastructure (PKI)

-Email Encryption

-Disk Encryption

-Key Stretching

-Calculate MD5 hashes

-Perform file and text message encryption

-Create and use self-signed certificates

-Perform email and disk encryption

-Perform cryptanalysis using various cryptanalysis tools

-MD5 and MD6 Hash Calculators

 

Module 22: Likely Job Interview Questions and answers asked during Job Interview

 

Module 23: Cover letters and Resumes.

Reviews

There are no reviews yet.

Be the first to review “Certified Ethical Hacker (CEH)”

Your email address will not be published. Required fields are marked *

Shopping Cart
  • Your cart is empty.
Scroll to Top