Certified Ethical Hacker – CEH v13

Course Level: Intermediate, Experienced
Duration: 68 Hrs 56 Min
Total Videos: 320 On-demand Videos

Unlock your potential in cybersecurity with our Certified Ethical Hacker (CEH) v13 course, designed for IT professionals, security officers, and aspiring hackers alike. Gain hands-on experience in identifying vulnerabilities and implementing countermeasures, while mastering cutting-edge techniques to defend against cyber threats—perfect for launching or advancing your career in ethical hacking. Enroll today and prepare for the CEH certification exam to secure your future in this dynamic field!

Access EVERY VISION COURSE FOR ONLY $299 $139 TODAY

Learning Objectives

01

Understand the fundamentals of information security, ethical hacking, and risk management.

02

Learn how to use open-source intelligence (OSINT) tools and techniques for footprinting and reconnaissance.

03

Acquire skills to conduct network scanning and enumeration for potential vulnerabilities.

04

Understand the process of vulnerability analysis and how to exploit system vulnerabilities.

05

Learn to identify, analyze, and mitigate malware threats and denial-of-service attacks.

06

Gain knowledge of various hacking methods for web servers, web applications, and mobile platforms.

07

Understand the risks and vulnerabilities associated with cloud computing and IoT devices.

08

Learn the principles of cryptography and how to use cryptographic tools and techniques for data protection.

Course Description

Embark on a transformative journey into the world of cybersecurity with our Certified Ethical Hacker (CEH) v13 course. This comprehensive program is designed to equip you with essential skills and knowledge needed to identify vulnerabilities in systems and networks, understand the latest hacking techniques, and implement effective countermeasures. Through a blend of theoretical knowledge and hands-on activities, you will learn to think like a hacker to better protect your organization from cyber threats. The course covers an extensive array of topics, including information security fundamentals, footprinting, scanning, enumeration, system hacking, malware threats, and more, culminating in a challenge lab that tests your skills in real-world scenarios.

To successfully pass the CEH certification exam, students will master core concepts of information security and ethical hacking, conduct footprinting and reconnaissance using various tools, perform network scanning, analyze vulnerabilities, and understand how to mitigate malware threats and various attack vectors. This course is ideal for IT professionals, security officers, auditors, and anyone interested in pursuing a career in cybersecurity. Whether you are a beginner looking to start your journey in ethical hacking or an experienced professional seeking to enhance your skills, the CEH v13 course provides foundational knowledge and practical experience necessary to excel in the field.

By completing this course, you will be prepared to pursue job titles such as Ethical Hacker, Penetration Tester, Security Analyst, and more, along with the opportunity to sit for the recognized Certified Ethical Hacker (CEH) certification exam. This is your chance to invest in your future and gain the competitive edge you need in the rapidly evolving field of cybersecurity. Don’t miss out on the opportunity to become a certified expert in ethical hacking and make a significant impact in the world of information security.

Who Benefits From This Course

  • Information security professionals seeking to enhance their skills in ethical hacking and cybersecurity.
  • IT administrators interested in understanding vulnerabilities and improving security measures within their organizations.
  • Network engineers looking to gain insights into network security and attack detection.
  • Software developers aiming to learn secure coding practices and how to defend against web application attacks.
  • Business leaders and executives who want to understand the implications of cybersecurity threats on their organizations.
  • Students and recent graduates aspiring to start a career in cybersecurity and ethical hacking.
  • Compliance officers needing to stay informed about security laws and standards relevant to their industry.
  • Incident response teams wanting to refine their skills in managing and mitigating security incidents.
  • Individuals interested in developing advanced skills in penetration testing and vulnerability assessment.
  • Those seeking to understand the intersection of artificial intelligence and cybersecurity.

Frequently Asked Questions

What is the role of ethical hacking in cybersecurity?

Ethical hacking plays a crucial role in cybersecurity by proactively identifying and mitigating vulnerabilities in systems and networks. By adopting the mindset of malicious hackers, ethical hackers simulate attacks to uncover weaknesses before they can be exploited. This process not only enhances an organization's security posture but also helps in developing robust defense strategies.

Ethical hackers utilize various techniques such as penetration testing, vulnerability assessments, and security audits. These practices ensure that organizations can protect sensitive information and maintain compliance with regulatory standards. Ultimately, ethical hacking is essential for fostering a resilient cybersecurity framework in an increasingly digital landscape.

What are common tools used in ethical hacking?

Ethical hackers employ a variety of specialized tools to conduct their assessments effectively. Common tools include network scanners like Nmap for identifying active devices, vulnerability scanners such as Nessus or OpenVAS for pinpointing security flaws, and penetration testing frameworks like Metasploit.

Additionally, ethical hackers may use tools like Wireshark for network traffic analysis, Burp Suite for web application testing, and social engineering toolkits to simulate phishing attacks. Familiarity with these tools enhances the ethical hacker's ability to uncover vulnerabilities and recommend effective security solutions.

How does ethical hacking differ from malicious hacking?

Ethical hacking and malicious hacking differ fundamentally in intent and legality. Ethical hackers, often referred to as white hat hackers, operate within the boundaries of the law and with the consent of the organization they are testing. Their goal is to identify and fix vulnerabilities to improve security.

In contrast, malicious hackers, or black hat hackers, exploit vulnerabilities for personal gain, causing harm to individuals or organizations. Ethical hackers adhere to a code of conduct, ensuring that their activities contribute positively to the cybersecurity landscape by protecting systems and sensitive data.

What is penetration testing in the context of ethical hacking?

Penetration testing, also known as pen testing, is a key component of ethical hacking that involves simulating cyber-attacks on a system to evaluate its security. This practice helps organizations identify vulnerabilities that could be exploited by malicious hackers.

During a penetration test, ethical hackers use various methodologies and tools to assess the effectiveness of security controls, identify weak points, and provide recommendations for improving defenses. The results of penetration testing are vital for organizations to understand their security posture and make informed decisions about risk management.

What are the implications of cloud computing for cybersecurity?

The rise of cloud computing has significant implications for cybersecurity, as it introduces unique vulnerabilities and challenges. Organizations must consider data security, access controls, and compliance with regulatory requirements when using cloud services. Ethical hackers focus on assessing these risks by evaluating the security measures implemented by cloud service providers and identifying potential weaknesses.

Additionally, the shared responsibility model of cloud security requires organizations to take proactive steps to secure their data and applications hosted in the cloud. An understanding of cloud security best practices is essential for ethical hackers to provide comprehensive assessments and enhance the overall cybersecurity framework.

Included In This Course

Module 1: Information Security and Ethical Hacking Overview

  •    1.0 Introduction to CEH v13
  •    1.1 Elements of Security
  •    1.2 Cyber Kill Chain
  •    1.3 MITRE ATT&CK Framework
  •    1.3.1 ACTIVITY - Examining MITRE ATT&CK
  •    1.4 Hacking
  •    1.5 Ethical Hacking
  •    1.6 Information Assurance
  •    1.7 Risk Management
  •    1.8 Incident Management
  •    1.9 Information Security Laws and Standards
  •    1.10 Using AI in Ethical Hacking
  •    1.11 Information Security and Ethical Hacking Review

Module 2: Footprinting and Reconnaissance

  •    2.1 Footprinting Concepts
  •    2.2 OSINT Tools
  •    2.2.1 ACTIVITY - Finding Internet-Connected Devices with Shodan
  •    2.2.2 ACTIVITY - Performing OSINT with theHarvester
  •    2.3 Advanced Google Search
  •    2.3.1 ACTIVITY - Google Hacking
  •    2.4 Whois Footprinting
  •    2.4.1 ACTIVITY - Footprinting with WHOIS
  •    2.5 DNS Footprinting
  •    2.5.1 ACTIVITY - Enumerating DNS
  •    2.6 Website Footprinting
  •    2.7 Email Footprinting
  •    2.8 Network Footprinting
  •    2.8.1 ACTIVITY - Tracing a Network Path with Traceroute
  •    2.9 Social Network Footprinting
  •    2.10 Enhanced OSINT
  •    2.11 Footprinting-and-Reconnaissance-Countermeasures
  •    2.12 Footprinting and Reconnaissance Review

Module 3: Scanning Networks

  •    3.1 Scanning Concepts
  •    3.2 Discovery Scans
  •    3.3 Port Scans
  •    3.4 Other Scan Types
  •    3.5 Scanning Tools
  •    3.6 NMAP
  •    3.6.1 ACTIVITY - Port Scanning and Fingerprinting with NMAP
  •    3.7 Firewall and IDS Evasion
  •    3.8 Proxies
  •    3.9 AI Enhanced SCANNING Tools
  •    3.10 Scanning counter-measures
  •    3.11 Scanning Networks Review

Module 4: Enumeration

  •    4.1 Enumeration Overview
  •    4.2 SMB_NetBIOS_Enumeration
  •    4.3 File Transfer Enumeration
  •    4.4 WMI Enumeration
  •    4.5 SNMP Enumeration
  •    4.6 LDAP Enumeration
  •    4.7 DNS Enumeration
  •    4.8 SMTP Enumeration
  •    4.8.1 ACTIVITY - SMTP Enumeration
  •    4.9 Remote Connection Enumeration
  •    4.10 Website Enumeration
  •    4.10.1 ACTIVITY - Enumerating Website Directories
  •    4.11 Local User and Active Directory Enumeration
  •    4.12 Other Enumeration Types
  •    4.13 Enumeration Using AI
  •    4.14 Enumeration Countermeasures and Review

Module 5: Vulnerability Analysis

  •    5.1 Vulnerability Scanning
  •    5.1.1 ACTIVITY - Vulnerability Scanning with OpenVAS
  •    5.2 Vulnerability Assessment
  •    5.3 AI Assisted Vulnerability Assessment
  •    5.4 Vulnerability Analysis Review

Module 6: System Hacking

  •    6.1 System Hacking Concepts
  •    6.2 Common Operating System Exploits
  •    6.3 Buffer Overflows
  •    6.4 System Hacking Tools and Frameworks
  •    6.5 Metasploit
  •    6.5.1 ACTIVITY - Hacking with Metasploit
  •    6.6 Meterpreter
  •    6.6.1 ACTIVITY - Having Fun with Meterpreter
  •    6.7 Keylogging_and_Spyware-
  •    6.8 Netcat
  •    6.8.1 ACTIVITY - Using Netcat
  •    6.9 Windows Exploitation
  •    6.10 Windows Post- Exploitation
  •    6.10.1 ACTIVITY - Windows Post Exploitation with Eternal Blue
  •    6.10.2 ACTIVITY - Escalating Privilege with Token Passing
  •    6.11 Linux Exploitation
  •    6.11.1 ACTIVITY - Pwn a Linux Target from Start to Finish
  •    6.12 Linux Post-Exploitation
  •    6.13 Password Attacks
  •    6.13.1 ACTIVITY - Pass-the-Hash
  •    6.13.2 ACTIVITY - Password Spraying with Hydra
  •    6.14 Password Cracking Tools
  •    6.14.1 ACTIVITY - Password Cracking with Hashcat
  •    6.14.2 ACTIVITY - Brute Forcing with Medusa
  •    6.15 Windows Password Cracking
  •    6.16 Attacking Network Services
  •    6.16.1 ACTIVITY - Cracking Linux Passwords with John-the-Ripper
  •    6.17 Other Methods for Obtaining Passwords
  •    6.18 Network Service Attacks
  •    6.19 Lateral Movement
  •    6.19.1 ACTIVITY - Preparing to Pivot
  •    6.19.2 ACTIVITY - Lateral Movement through Pivoting
  •    6.20 Persistence
  •    6.20.1 ACTIVITY - Creating a Persistent Netcat Back Door
  •    6.20.2 ACTIVITY - APT Persistence
  •    6.21 Hiding Data
  •    6.21.1 ACTIVITY - Hiding Data with Steganography
  •    6.22 Covering Tracks
  •    6.22.1 ACTIVITY - Cover Tracks with Log Tampering
  •    6.23 Side-Channel-Attacks
  •    6.24 AI-Powered Vulnerability Exploitation Tools
  •    6.25 System Hacking Countermeasures
  •    6.26 System Hacking Review

Module 7: Malware Threats

  •    7.1 Malware Overview
  •    7.2 Viruses
  •    7.3 Trojans
  •    7.4 Rootkits
  •    7.5 Other Malware
  •    7.6 Advanced Malware Threats
  •    7.7 Malware Makers
  •    7.7.1 ACTIVITY - Creating a Malware Dropper and Handler
  •    7.8 Malware Deployment
  •    7.9 Malware Detection
  •    7.10 Malware Analysis
  •    7.10.1 ACTIVITY - Analyzing the SolarWinds Orion Hack
  •    7.11 AI and Malware
  •    7.12 Malware Countermeasures
  •    7.13 Malware Threats Review

Module 8: Sniffing and Spoofing

  •    8.1 Network Sniffing
  •    8.2 Sniffing Tools
  •    8.2.1 ACTIVITY - Intercepting Data with Wireshark
  •    8.2.2 ACTIVITY - Capturing Files off the Network
  •    8.3 MAC and ARP Attacks
  •    8.3.1 ACTIVITY - Performing an MITM Attack with Ettercap
  •    8.4 Name Resolution Attacks
  •    8.4.1 ACTIVITY - Spoofing an Authentication Service with Responder
  •    8.5 Other Layer 2 Attacks
  •    8.6 Sniffing and Spoofing Countermeasures
  •    8.7 Sniffing and Spoofing Review

Module 9: Social Engineering

  •    9.1 Social Engineering Concepts
  •    9.2 Social Engineering Techniques
  •    9.3 Social Engineering Tools
  •    9.3.1 ACTIVITY - Phishing for Credentials
  •    9.3.2 ACTIVITY - OMG Cable Baiting
  •    9.4 Social Media, Identity Theft, Insider Threats
  •    9.5 Social Engineering and AI
  •    9.6 Social Engineering Countermeasures
  •    9.7 Social Engineering Review

Module 10: Denial-of-Service

  •    10.1 DoS-DDoS Concepts
  •    10.2 Volumetric Attacks
  •    10.3 Fragmentation Attacks
  •    10.4 State Exhaustion Attacks
  •    10.5 Application Layer Attacks
  •    10.5.1 ACTIVITY - Conducting a Slowloris DDoS Attack
  •    10.6 Other Attacks
  •    10.7 DoS Tools
  •    10.7.1 ACTIVITY - Performing a HOIC DDoS Attack
  •    10.8 DoS Countermeasures
  •    10.9 DoS Review

Module 11: Session Hijacking

  •    11.1 Session Hijacking
  •    11.2 Compromising a Session Token
  •    11.3 XSS
  •    11.3.1 ACTIVITY - Web Session Hijacking with XSS
  •    11.4 CSRF
  •    11.5 Other Web Hijacking Attacks
  •    11.6 Network-Level Session Hijacking
  •    11.7 Session Hijacking Tools
  •    11.8 Session Hijacking Countermeasures
  •    11.9 Session Hijacking Review

Module12: Attack Detection and Prevention

  •    12.1 Types of IDS
  •    12.2 Snort
  •    12.3 Logging and Monitoring
  •    12.4 IDS Considerations
  •    12.5 IDS Evasion
  •    12.6 Firewalls
  •    12.7 Packet Filtering Rules
  •    12.8 Firewall Deployments
  •    12.9 Split DNS
  •    12.10 Firewall Product Types
  •    12.11 Firewall Evasion
  •    12.11.1 ACTIVITY - Busting the DOM for WAF Evasion
  •    12.12 NAC and Endpoint Security
  •    12.13 NAC and EDR Evasion
  •    12.14 Honeypots
  •    12.15 Evasion Countermeasures
  •    12.16 Attack Detection and Prevention Review

Module 13: Hacking Web Servers

  •    13.1 Web Server Operations
  •    13.2 Hacking Web Servers
  •    13.3 Common Web server Attacks
  •    13.4 Webserver Attack Tools
  •    13.5 AI and Webserver Attacks
  •    13.6 Hacking Web Servers Countermeasures
  •    13.7 Hacking Web Servers Review

Module 14: Hacking Web Applications

  •    14.1 Web Application Concepts
  •    14.2 Attacking Web Apps
  •    14.3 A01 Broken Access Control
  •    14.4 A02 Cryptographic Failures
  •    14.5 A03 Injection
  •    14.5.1 ACTIVITY - Command Injection
  •    14.6 A04 Insecure Design
  •    14.7 A05 Security Misconfiguration
  •    14.8 A06 Vulnerable and Outdated Components
  •    14.9 A07 Identification and Authentication Failures
  •    14.10 A08 Software and Data integrity Failures
  •    14.11 A09 Security Logging and Monitoring Failures
  •    14.12 A10 Server-Side Request Forgery
  •    14.13 XSS Attacks
  •    14.14 CSRF
  •    14.15 Parameter Tampering
  •    14.15.1 ACTIVITY - Parameter Tampering with Burp Suite
  •    14.16 Clickjacking
  •    14.16.1 ACTIVITY - Clickjacking with XSS and iFrame Injection
  •    14.17 SQL Injection
  •    14.17.1 ACTIVITY - Using SQL Injection to Steal Sensitive Data
  •    14.18 Insecure Deserialization Attacks
  •    14.19 IDOR
  •    14.19.1 ACTIVITY - IDOR Abuse with Burp Suite
  •    14.20 Directory Traversal
  •    14.20.1 ACTIVITY - Directory Traversal
  •    14.21 Session Management Attacks
  •    14.22 Response Splitting
  •    14.23 Overflow Attacks
  •    14.24 XXE Attacks
  •    14.25 Web App DoS
  •    14.26 Soap Attacks
  •    14.27 AJAX Attacks
  •    14.28 Web API Hacking
  •    14.29 Webhooks and Web Shells
  •    14.30 Web App Hacking Tools
  •    14.31 AI and Web Application Attacks
  •    14.32 Hacking Web Applications Countermeasures
  •    14.33 Hacking Web Applications Review

Module 15: SQL Injection

  •    15.1 SQL Injection Overview
  •    15.2 Basic SQL Injection
  •    15.3 Finding Vulnerable Websites
  •    15.4 Error-based SQL Injection
  •    15.5 Union SQL Injection
  •    15.5.1 ACTIVITY - SQLi on a Live Website - Part 1
  •    15.5.2 ACTIVITY - SQLi on a Live Website - Part 2
  •    15.6 Blind SQL Injection
  •    15.7 SQL Injection Tools
  •    15.8 Evading Detection
  •    15.9 Analyzing SQL Injection
  •    15.10 SQL Injection Countermeasures
  •    15.11 SQL Injection Review

Module 16: Hacking Wireless Networks

  •    16.1 Wireless Concepts
  •    16.2 Wireless Security Standards
  •    16.3 WI-FI Discovery Tools
  •    16.4 Common Wi-Fi Attacks
  •    16.5 Wi-Fi Password Cracking
  •    16.6 WEP Cracking
  •    16.7 WPA,WPA2,WPA3 Cracking
  •    16.7.1 ACTIVITY - WPA2 KRACK Attack
  •    16.8 WPS Cracking
  •    16.9 Bluetooth Hacking
  •    16.10 Other Wireless Hacking
  •    16.11 Wireless Security Tools
  •    16.12 Wireless Hacking Countermeasures
  •    16.13 Hacking Wireless Networks Review

Module 17: Hacking Mobile Platforms

  •    17.1 Mobile Platform Overview
  •    17.2 Mobile Device Attacks
  •    17.3 Android Overview
  •    17.4 Rooting Android
  •    17.5 Android Exploits
  •    17.5.1 ACTIVITY - Pwn a Mobile Device
  •    17.6 Android-based Hacking Tools
  •    17.7 Reverse Engineering an Android App
  •    17.8 Securing Android
  •    17.9 iOS Overview
  •    17.10 Jailbreaking iOS
  •    17.11 IOS Exploits
  •    17.12 iOS-based Hacking Tools
  •    17.13 Reverse Engineering an iOS App
  •    17.14 Securing iOS
  •    17.15 Mobile Device Management
  •    17.16 Hacking Mobile Platforms Countermeasures
  •    17.17 Hacking Mobile Platforms Review

Module 18: IoT Hacking & OT Hacking

  •    18.1 IoT Overview
  •    18.2 IoT Infrastructure
  •    18.3 IoT Vulnerabilities and Threats
  •    18.4 IoT Hacking Methodology and Tools
  •    18.4.1 ACTIVITY - Card Cloning with Flipper Zero
  •    18.5 IoT Hacking Countermeasures
  •    18.6 OT Concepts
  •    18.7 IT-OT Convergence
  •    18.8 OT Components
  •    18.9 OT Vulnerabilities
  •    18.10 OT Attack Methodology and Tools
  •    18.11 OT Hacking Countermeasures
  •    18.12 IoT and OT Hacking Review

Module 19: Cloud Computing

  •    19.1 Cloud Computing Concepts
  •    19.2 Cloud Types
  •    19.3 Cloud Benefits and Considerations
  •    19.4 Cloud Risks and Vulnerabilities
  •    19.5 AWS Hacking
  •    19.5.1 ACTIVITY - AWS S3 Bucket Hacking
  •    19.6 Azure Cloud Hacking
  •    19.7 Google Cloud Hacking
  •    19.8 Container Hacking
  •    19.9 Cloud Threat Countermeasures
  •    19.10 Cloud Computing Review

Module 20: Cryptography

  •    20.1 Cryptography Concepts
  •    20.2 Symmetric Encryption
  •    20.2.1 ACTIVITY - Symmetric Encryption
  •    20.3 Asymmetric Encryption
  •    20.3.1 ACTIVITY - Asymmetric Encryption
  •    20.4 Public Key Exchange
  •    20.5 PKI
  •    20.5.1 ACTIVITY - Generating and Using an Asymmetric Key Pair
  •    20.6 Digital Signatures
  •    20.7 Hashing
  •    20.7.1 ACTIVITY - Calculating Hashes
  •    20.8 Common Encryption Use Cases
  •    20.9 Cryptography Tools
  •    20.10 Cryptography Attacks
  •    20.11 Cryptography Review
  •    20.12 Course Conclusion

Module 21: Challenge Lab

  •    21.1-ACTIVITY-Challenge-Lab-Introduction
  •    21.2-ACTIVITY-Flag 1 - Port Authority, Please!
  •    21.3-ACTIVITY-Flag 2 - Moo-ve Fast and Break Things
  •    21.4-ACTIVITY-Flag 3 - Pixels, Packets & Patient X
  •    21.5-ACTIVITY-Flag 4 - Hexes and Hashes
  •    21.6-ACTIVITY-Flag 5 - APT & the PowerShell Symphony
  •    21.7-ACTIVITY-Flag 6 - Script Kiddie's Revenge
  •    21.8-ACTIVITY-Flag 7 - Oh Mannie, You Shouldn't Have!
  •    21.9-ACTIVITY-Report

Vision What's Possible

Vision Your Best Career
365
Price: $139 / YEAR

Gain unlimited access to our comprehensive IT training library featuring top certifications like CompTIA, Cisco, Microsoft, AWS, and more. Explore expert-led courses in cybersecurity, networking, cloud computing, project management, and soft skills development—all designed to help you build real-world, job-ready skills. With the 365 Training Pass, you can start learning today and accelerate your path to a successful IT career.

Sign Up for my 365 access pass today
  • 855-488-5327
  • customerservice@visiontrainingsystems.com

Navigate With Us

Vision What’s Possible
Join today for over 50% off