20+ Courses to Learn Hacking Ethically
May 8, 2024
| Leaman Crews
| Ethical Hacking
The term “hacker” can have negative connotations, as you picture a cyber-criminal breaking into systems to take data that doesn’t belong to them. While there are bad actors who fit that description, there are good and bad types of hacking. Ethical hackers perform a critical service for businesses, governments, and other organizations.
Hacking ethically can actually lead to a lucrative and rewarding career. If you’re interested in computers, software, networks, and the internet, you might want to learn hacking and join the growing cybersecurity career field
What Does It Mean to Learn Hacking?
Maybe you have considered learning hacking before but don’t know where to start. Perhaps the negative implications have scared you off. In reality, to learn hacking is to gain expert knowledge of how digital systems work. It’s the process of learning how their architecture works and then finding weaknesses.
What you do after you find these faults is the difference between ethical hacking and malicious hacking.
Difference Between Ethical Hacking and Malicious Hacking
Malicious hackers exploit vulnerabilities for personal gain or nefarious reasons. They might want to steal information they can sell later or to disrupt an organization’s operations. Ethical hacking, on the other hand, helps proactively protect systems by finding weaknesses and reporting them. That way, vulnerabilities can be fixed before they’re exploited. In contrast to malicious hackers, ethical hackers need to have a mindset where they see hacking as a skill to be used for the benefit of users, organizations, and society as a whole.
Why Should One Learn Hacking?
So, should you learn hacking? There are undoubtedly good reasons to do so. There’s currently a need for more cybersecurity professionals, making ethical hacking a potentially lucrative career. It can also be personally rewarding. You’re constantly being called upon to challenge yourself and solve increasingly complex problems. Ethical hackers gain a strong sense of personal growth as they consistently rise to the challenge of the evolving threat landscape.
Hacking skills remain relevant in the evolving cybersecurity landscape because threats are never-ending. New vulnerabilities and attack techniques are constantly discovered and perfected. Organizations must ensure that any vulnerabilities in their systems are identified and secured.
Beyond career opportunities, there are more personal reasons why you might want to learn to hack online. The process of identifying complex issues and providing solutions is also personally gratifying. You could learn hacking for free by studying on the internet and putting what you’ve learned to good use. There’s a sense of satisfaction that comes with making positive contributions.
Even though you can learn ethical hacking from online self-study, it’s best to find an industry-recognized certification. Additionally, avoid an online hacking course that focuses only on theory and find one that gives you hands-on experience. EC-Council has over 20 courses to help you learn hacking online and kickstart a rewarding career with a valuable certification.
20+ Courses to Learn Hacking Ethically
Course 1: Certified Ethical Hacker (World’s No.1 Ethical Hacking Certification)
CEH today is relied upon by the Pentagon and by various US government agencies and used in 7 of the Fortune 10, 47 of the Fortune 100 across many cybersecurity functions, making it a de facto standard both in the public and private sector.
EC-Council’s newest version of the Certified Ethical Hacker program is CEH v12!
The CEHv12 program is based on an entirely new learning framework incorporating a novel Learn, Certify, Engage, Compete learning framework to create a new breed of skilled ethical hackers. Now, aspiring cyber professionals will receive comprehensive training, hands-on learning labs, practice cyber ranges for engagement, certification assessments, cyber competitions, and opportunities for continuous learning in one comprehensive program curated through the new CEHv12 learning framework. Certified ethical hacking training will also teach you to think like a hacker. In 2003, C|EH introduced the five phases of ethical hacking: 1. Reconnaissance 2. Scanning 3. Gaining Access 4. Maintaining Access 5. Covering Tracks, the blueprint for approaching your target and succeeding at breaking in. CEH has continued to hone these 5 phases, updating, and refining them to match the skill set ethical hackers need today.
Program Information
Course Outline
What will you Learn
Course Outline
Course Outline
Module 01: Introduction to Ethical Hacking
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered:
Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR
Module 02: Foot Printing and Reconnaissance
Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-on Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform footprinting on the target network using search engines, web services, and social networking sites
- Perform website, email, whois, DNS, and network footprinting on the target network
Key topics covered:
Footprinting, Advanced Google Hacking Techniques, Deep and Dark Web Footprinting, Competitive Intelligence Gathering, Website Footprinting, Website Mirroring, Email Footprinting, Whois Lookup, DNS Footprinting, Traceroute Analysis, Footprinting Tools
Module 03: Scanning Networks
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform host, port, service, and OS discovery on the target network
- Perform scanning on the target network beyond IDS and Firewall
Key topics covered:
Network Scanning, Host Discovery Techniques, Port Scanning Techniques, Service Version Discovery, OS Discovery, Banner Grabbing, OS Fingerprinting, Packet Fragmentation, Source Routing, IP Address Spoofing, Scanning Tools
Module 04: Enumeration
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration
Key topics covered:
Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, Enumeration Tools
Module 05: Vulnerability Analysis
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Vulnerability Research using Vulnerability Scoring Systems and Databases
- Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
Key topics covered:
Vulnerability, Vulnerability Research, Vulnerability Assessment, Vulnerability-Management Life Cycle, Vulnerability Classification, Vulnerability-Management Life Cycle, Vulnerability Assessment Tools, Vulnerability Assessment Reports
Module 06: System Hacking
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.
Hands-on Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an Active Online Attack to Crack the System’s Password
- Perform Buffer Overflow Attack to Gain Access to a Remote System
- Escalate Privileges using Privilege Escalation Tools
- Escalate Privileges in Linux Machine
- Hide Data using Steganography
- Clear Windows and Linux Machine Logs using Various Utilities
- Hiding Artifacts in Windows and Linux Machines
Key topics covered:
Password Cracking, Password Attacks, Wire Sniffing, Password-Cracking Tools, Vulnerability Exploitation, Buffer Overflow, Privilege Escalation, Privilege Escalation Tools, Keylogger, Spyware, Anti-Keyloggers, Anti-Spyware, Rootkits, Anti-Rootkits, Steganography, Steganography Tools, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Post Exploitation, Clearing Logs, Covering Tracks, Track-Covering Tools
Module 07: Malware Threats
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Gain Control over a Victim Machine using Trojan
- Infect the Target System using a Virus
- Perform Static and Dynamic Malware Analysis
Key topics covered:
Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools
Module 08: Sniffing
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform MAC Flooding, ARP Poisoning, MITM and DHCP Starvation Attack
- Spoof a MAC Address of Linux Machine
- Perform Network Sniffing using Various Sniffing Tools
- Detect ARP Poisoning in a Switch-Based Network
Key topics covered:
Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools
Module 09: Social Engineering
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Social Engineering using Various Techniques
- Spoof a MAC Address of Linux Machine
- Detect a Phishing Attack
- Audit Organization’s Security for Phishing Attacks
Key topics covered:
Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft
Module 10: Denial-of-Service
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform a DoS and DDoS attack on a Target Host
- Detect and Protect Against DoS and DDoS Attacks
Key topics covered:
DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools
Module 11: Session Hijacking
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Session Hijacking using various Tools
- Detect Session Hijacking
Key topics covered:
Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools
Module 12: Evading IDS, Firewalls, and Honeypots
Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.
Hands-on Lab Exercises:
Over 7 hands-on exercises with real-life simulated targets to build skills on how to:
Bypass Windows Firewall
Bypass Firewall Rules using Tunneling
Bypass Antivirus
Key topics covered:
Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Honeypot, Intrusion Detection Tools, Intrusion Prevention Tools, IDS Evasion Techniques, Firewall Evasion Techniques, Evading NAC and Endpoint Security, IDS/Firewall Evading Tools, Honeypot Detection Tools
Module 13: Hacking Web Servers
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.
Hands-on Lab Exercises:
Over 8 hands-on exercises with real-life simulated targets to build skills on how to:
Perform Web Server Reconnaissance using Various Tools
Enumerate Web Server Information
Crack FTP Credentials using a Dictionary Attack
Key topics covered:
Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools
Module 14: Hacking Web Applications
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-on Lab Exercises:
Over 15 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Web Application Reconnaissance using Various Tools
- Perform Web Spidering
- Perform Web Application Vulnerability Scanning
- Perform a Brute-force Attack
- Perform Cross-site Request Forgery (CSRF) Attack
- Identify XSS Vulnerabilities in Web Applications
- Detect Web Application Vulnerabilities using Various Web Application Security Tools
Key topics covered:
Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security
Module 15: SQL Injection
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an SQL Injection Attack Against MSSQL to Extract Databases
- Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools
Key topics covered:
SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools
Module 16: Hacking Wireless Networks
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.
Hands-on Lab Exercises:
Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
- Footprint a Wireless Network
- Perform Wireless Traffic Analysis
- Crack a WEP, WPA, and WPA2 Networks
- Create a Rogue Access Point to Capture Data Packets
Key topics covered:
Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools
Module 17: Hacking Mobile Platforms
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Hack an Android Device by Creating Binary Payloads
- Exploit the Android Platform through ADB
- Hack an Android Device by Creating APK File
- Secure Android Devices using Various Android Security Tools
Key topics covered:
Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools
Module 18: IoT and OT Hacking
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
- Gather Information using Online Footprinting Tools
- Capture and Analyze IoT Device Traffic
Key topics covered:
IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools
Module 19: Cloud Computing
Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools
- Exploit Open S3 Buckets
- Escalate IAM User Privileges by Exploiting Misconfigured User Policy
Key topics covered:
Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools
Module 20: Cryptography
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Calculate MD5 Hashes
- Perform File and Text Message Encryption
- Create and Use Self-signed Certificates
- Perform Email and Disk Encryption
- Perform Cryptanalysis using Various Cryptanalysis Tools
Key topics covered:
Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching
What will you Learn
Learn
Certify
Engage
Compete
Learn
What You Will Learn
C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.Ethical Hacking Labs
With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.Certify
How You Will Get Certified
Prove Your Skills and Abilities With Online, Practical Examinations
Certified Ethical Hacker Certification
The C|EH exam is a 4-hour exam with 125 multiple-choice questions. This knowledge-based exam will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more!C|EH Practical is a 6-hour, rigorous exam that requires you to demonstrate the skills and abilities of ethical hacking techniques such as:
- Port scanning tools (e.g., Nmap, Hping)
- Vulnerability detection
- Attacks on a system (e.g., DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
- SQL injection methodology and evasion techniques
- Web application security tools (e.g., Acunetix WVS)
- SQL injection detection tools (e.g., IBM Security AppScan)
- Communication protocols
Upon Completing the C|EH (Master) program, which consists of C|EH and C|EH (Practical), the C|EH (Master) designation is awarded. C|EH Masters have shown proficiency at a master level in the knowledge, skills, and abilities of ethical hacking with a total 6 hours of testing to prove their competency. Top top 10 performers in both C|EH and C|EH Practical exams are showcased on the C|EH Master Global Ethical Hacking Leaderboard.
| Exam Details | C|EH MCQ(Exam) | C|EH (Practical) |
|---|---|---|
| Number of Questions/ Practical Challenges | 125 | 20 |
| Test Duration | 4 Hours | 6 Hours |
| Test Format | Multiple Choice Questions | iLabs Cyber Range |
| Test Delivery | ECC EXAM, VUE | – |
| Availability | – | Aspen – iLabs |
| Exam Prefix | 312-50(ECC EXAM), 312-50(VUE) | – |
| Passing Score | Please refer to https://cert.eccouncil.org/faq.htm | 70% |
Engage
How You Will Engage
The C|EH v12 program helps you develop real-world experience in ethical hacking through the hands-on C|EH practice environment. C|EH Engage equips you with the skills to prove that you have what it takes to be a great ethical hacker. Your security assessment objectives will be presented as a series of flags (questions you must answer in the Cyber Range by performing ethical hacking activities on the target organization). New to C|EH v12, students will embark on their first emulated ethical hacking engagement. This 4-phase engagement requires students to think critically and test the knowledge and skills gained by capturing a series of flags in each phase, demonstrating the live application of skills and abilities in a consequence-free environment through EC-Council’s new Cyber Range. As you complete your training and hands-on labs, C|EH Engage lets you apply everything you have learned in a mock ethical hacking engagement. This 4-part security engagement gives you a real ethical hacking engagement experience from start to finish against an emulated organization. Using our capture-the-flag-style range, you will complete your engagement by answering “flag” questions as you progress.| PHASE 1 | PHASE 2 | PHASE 3 | PHASE 4 |
|---|---|---|---|
| Vulnerability Assessment | Gaining Access | Perimeter and Web App Exploitation | Mobile, IoT, OT Exploitation |
|
|
|
|
Compete
Where You Will Compete
The C|EH Global Challenges occur every month, providing capture-the-flag style competitions that expose students to various new technologies and platforms, from web applications, OT, IoT, SCADA, and ICS systems to cloud and hybrid environments. Our Compete structure lets ethical hackers fight their way to the top of the leaderboard each month in these 4-hour curated CTFs. Objective-based flags are designed around the ethical hacking process, keeping skills current, testing critical thinking abilities, and covering the latest vulnerabilities and exploits as they are discovered. Hosted 100% online in EC-Council’s Cyber Range, candidates race the clock in scenario-based engagements against fully developed network and application environments with real operating systems, real networks, tools, and vulnerabilities to practice, engage, compete, build, and hone their cyber skills against various new target organizations.New Challenges Every Month
| Month | Skill Challenge |
|---|---|
| September 2023 | Supply Chain Cyber Attacks |
| October 2023 | Ransomware Incident Response |
| November 2023 | Corporate Espionage Investigation |
| December 2023 | MITRE Framework Credential Exploitations |
| January 2024 | Investigating Operational Technology Exploitations |
| February 2024 | Web App Audit for OWASP Exploitation |
| March 2024 | Cloud Config Exploitation |
| April 2024 | Application Reverse Engineering and Exploitation |
| May 2024 | IOT Infrastructure Exploitation |
| June 2024 | Wi-Fi Network Exploitation |
| July 2024 | DDOS Exploitation |
| August 2024 | Mobile Devices Attack/Hacking |
| September 2024 | Off-The-Shelf CMS Exploitation |
Program Information
Course Outline
Module 01: Introduction to Ethical Hacking
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered:
Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management, PCI DSS, HIPPA, SOX, GDPR
Module 02: Foot Printing and Reconnaissance
Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-on Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform footprinting on the target network using search engines, web services, and social networking sites
- Perform website, email, whois, DNS, and network footprinting on the target network
Key topics covered:
Footprinting, Advanced Google Hacking Techniques, Deep and Dark Web Footprinting, Competitive Intelligence Gathering, Website Footprinting, Website Mirroring, Email Footprinting, Whois Lookup, DNS Footprinting, Traceroute Analysis, Footprinting Tools
Module 03: Scanning Networks
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform host, port, service, and OS discovery on the target network
- Perform scanning on the target network beyond IDS and Firewall
Key topics covered:
Network Scanning, Host Discovery Techniques, Port Scanning Techniques, Service Version Discovery, OS Discovery, Banner Grabbing, OS Fingerprinting, Packet Fragmentation, Source Routing, IP Address Spoofing, Scanning Tools
Module 04: Enumeration
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration
Key topics covered:
Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, Enumeration Tools
Module 05: Vulnerability Analysis
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Vulnerability Research using Vulnerability Scoring Systems and Databases
- Perform Vulnerability Assessment using Various Vulnerability Assessment Tools
Key topics covered:
Vulnerability, Vulnerability Research, Vulnerability Assessment, Vulnerability-Management Life Cycle, Vulnerability Classification, Vulnerability-Management Life Cycle, Vulnerability Assessment Tools, Vulnerability Assessment Reports
Module 06: System Hacking
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.
Hands-on Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an Active Online Attack to Crack the System’s Password
- Perform Buffer Overflow Attack to Gain Access to a Remote System
- Escalate Privileges using Privilege Escalation Tools
- Escalate Privileges in Linux Machine
- Hide Data using Steganography
- Clear Windows and Linux Machine Logs using Various Utilities
- Hiding Artifacts in Windows and Linux Machines
Key topics covered:
Password Cracking, Password Attacks, Wire Sniffing, Password-Cracking Tools, Vulnerability Exploitation, Buffer Overflow, Privilege Escalation, Privilege Escalation Tools, Keylogger, Spyware, Anti-Keyloggers, Anti-Spyware, Rootkits, Anti-Rootkits, Steganography, Steganography Tools, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Post Exploitation, Clearing Logs, Covering Tracks, Track-Covering Tools
Module 07: Malware Threats
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
Hands-on Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Gain Control over a Victim Machine using Trojan
- Infect the Target System using a Virus
- Perform Static and Dynamic Malware Analysis
Key topics covered:
Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle, Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Trojan Analysis, Virus Analysis, Fileless Malware Analysis, Anti-Trojan Software, Antivirus Software, Fileless Malware Detection Tools
Module 08: Sniffing
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform MAC Flooding, ARP Poisoning, MITM and DHCP Starvation Attack
- Spoof a MAC Address of Linux Machine
- Perform Network Sniffing using Various Sniffing Tools
- Detect ARP Poisoning in a Switch-Based Network
Key topics covered:
Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack, ARP Poisoning, ARP Poisoning Tools, MAC Spoofing, STP Attack, DNS Poisoning, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools
Module 09: Social Engineering
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Social Engineering using Various Techniques
- Spoof a MAC Address of Linux Machine
- Detect a Phishing Attack
- Audit Organization’s Security for Phishing Attacks
Key topics covered:
Social Engineering, Types of Social Engineering, Phishing, Phishing Tools, Insider Threats/Insider Attacks, Identity Theft
Module 10: Denial-of-Service
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform a DoS and DDoS attack on a Target Host
- Detect and Protect Against DoS and DDoS Attacks
Key topics covered:
DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Tools, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools
Module 11: Session Hijacking
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Session Hijacking using various Tools
- Detect Session Hijacking
Key topics covered:
Session Hijacking, Types of Session Hijacking, Spoofing, Application-Level Session Hijacking, Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack, CRIME Attack, Network Level Session Hijacking, TCP/IP Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Prevention Tools
Module 12: Evading IDS, Firewalls, and Honeypots
Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.
Hands-on Lab Exercises:
Over 7 hands-on exercises with real-life simulated targets to build skills on how to:
Bypass Windows Firewall
Bypass Firewall Rules using Tunneling
Bypass Antivirus
Key topics covered:
Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Honeypot, Intrusion Detection Tools, Intrusion Prevention Tools, IDS Evasion Techniques, Firewall Evasion Techniques, Evading NAC and Endpoint Security, IDS/Firewall Evading Tools, Honeypot Detection Tools
Module 13: Hacking Web Servers
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.
Hands-on Lab Exercises:
Over 8 hands-on exercises with real-life simulated targets to build skills on how to:
Perform Web Server Reconnaissance using Various Tools
Enumerate Web Server Information
Crack FTP Credentials using a Dictionary Attack
Key topics covered:
Web Server Operations, Web Server Attacks, DNS Server Hijacking, Website Defacement, Web Cache Poisoning Attack, Web Server Attack Methodology, Web Server Attack Tools, Web Server Security Tools, Patch Management, Patch Management Tools
Module 14: Hacking Web Applications
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-on Lab Exercises:
Over 15 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Web Application Reconnaissance using Various Tools
- Perform Web Spidering
- Perform Web Application Vulnerability Scanning
- Perform a Brute-force Attack
- Perform Cross-site Request Forgery (CSRF) Attack
- Identify XSS Vulnerabilities in Web Applications
- Detect Web Application Vulnerabilities using Various Web Application Security Tools
Key topics covered:
Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks – 2021, Web Application Hacking Methodology, Web API, Webhooks, and Web Shell, Web API Hacking Methodology, Web Application Security
Module 15: SQL Injection
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
Hands-on Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an SQL Injection Attack Against MSSQL to Extract Databases
- Detect SQL Injection Vulnerabilities using Various SQL Injection Detection Tools
Key topics covered:
SQL Injection, Types of SQL injection, Blind SQL Injection, SQL Injection Methodology, SQL Injection Tools, Signature Evasion Techniques, SQL Injection Detection Tools
Module 16: Hacking Wireless Networks
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.
Hands-on Lab Exercises:
Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
- Footprint a Wireless Network
- Perform Wireless Traffic Analysis
- Crack a WEP, WPA, and WPA2 Networks
- Create a Rogue Access Point to Capture Data Packets
Key topics covered:
Wireless Terminology, Wireless Networks, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Encryption Cracking, WEP/WPA/WPA2 Cracking Tools, Bluetooth Hacking, Bluetooth Threats, Wi-Fi Security Auditing Tools, Bluetooth Security Tools
Module 17: Hacking Mobile Platforms
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Hack an Android Device by Creating Binary Payloads
- Exploit the Android Platform through ADB
- Hack an Android Device by Creating APK File
- Secure Android Devices using Various Android Security Tools
Key topics covered:
Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing, SMS Phishing Attack (SMiShing), Android Rooting, Hacking Android Devices, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, iOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Controls, Mobile Security Tools
Module 18: IoT and OT Hacking
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks
Hands-on Lab Exercises:
Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
- Gather Information using Online Footprinting Tools
- Capture and Analyze IoT Device Traffic
Key topics covered:
IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), ICS/SCADA, OT Vulnerabilities, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools
Module 19: Cloud Computing
Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
Hands-on Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools
- Exploit Open S3 Buckets
- Escalate IAM User Privileges by Exploiting Misconfigured User Policy
Key topics covered:
Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing, Cloud Service Providers, Container, Docker, Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Container and Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools
Module 20: Cryptography
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
Hands-on Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Calculate MD5 Hashes
- Perform File and Text Message Encryption
- Create and Use Self-signed Certificates
- Perform Email and Disk Encryption
- Perform Cryptanalysis using Various Cryptanalysis Tools
Key topics covered:
Cryptography, Encryption Algorithms, MD5 and MD6 Hash Calculators, Cryptography Tools, Public Key Infrastructure (PKI), Email Encryption, Disk Encryption, Cryptanalysis, Cryptography Attacks, Key Stretching
certified ethical hacking skills Prove Your Skills and Abilities With Online, Practical Examinations
Learn
Certify
Engage
Compete
Learn
What You Will Learn
C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.
Ethical Hacking Labs
With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.
Certify
How You Will Get Certified
Engage
How You Will Engage
The C|EH v12 program helps you develop real-world experience in ethical hacking through the hands-on C|EH practice environment. C|EH Engage equips you with the skills to prove that you have what it takes to be a great ethical hacker.
Your security assessment objectives will be presented as a series of flags (questions you must answer in the Cyber Range by performing ethical hacking activities on the target organization).
New to C|EH v12, students will embark on their first emulated ethical hacking engagement. This 4-phase engagement requires students to think critically and test the knowledge and skills gained by capturing a series of flags in each phase, demonstrating the live application of skills and abilities in a consequence-free environment through EC-Council’s new Cyber Range.
As you complete your training and hands-on labs, C|EH Engage lets you apply everything you have learned in a mock ethical hacking engagement. This 4-part security engagement gives you a real ethical hacking engagement experience from start to finish against an emulated organization. Using our capture-the-flag-style range, you will complete your engagement by answering “flag” questions as you progress.
PHASE 1
PHASE 2
PHASE 3
PHASE 4
Vulnerability Assessment
Gaining Access
Perimeter and Web App Exploitation
Mobile, IoT, OT Exploitation
Compete
Where You Will Compete
The C|EH Global Challenges occur every month, providing capture-the-flag style competitions that expose students to various new technologies and platforms, from web applications, OT, IoT, SCADA, and ICS systems to cloud and hybrid environments. Our Compete structure lets ethical hackers fight their way to the top of the leaderboard each month in these 4-hour curated CTFs. Objective-based flags are designed around the ethical hacking process, keeping skills current, testing critical thinking abilities, and covering the latest vulnerabilities and exploits as they are discovered. Hosted 100% online in EC-Council’s Cyber Range, candidates race the clock in scenario-based engagements against fully developed network and application environments with real operating systems, real networks, tools, and vulnerabilities to practice, engage, compete, build, and hone their cyber skills against various new target organizations.
New Challenges Every Month
Month
Skill Challenge
October 2022
OWASP Top 10 Web Application Threat Vectors
November 2022
Ransomware/Malware Analysis
January 2023
System Hacking and Privilege Escalation
February 2023
Web Application Hacking and Pen Testing
March 2023
Cloud Attack/Hacking
April 2023
Social Engineering/Phishing attacks
May 2023
IoT Attack/Hacking
June 2023
Wi-Fi Network Attack/Hacking
July 2023
DOS/DDoS Attack
August 2023
Mobile Attack/Hacking
September 2023
Supply Chain Cyber Attacks
What is included
Learn, Certify, Engage and Compete
Learn
- 5 days of training
- 20 modules
- 3000+ pages of student manual
- 1900+ pages of lab manual
- Over 200 hands-on labs with competition flags
- Over 3,500 hacking tools
Learn how to hack multiple operating systems (Windows 11, Windows servers, Linux, Ubuntu, Android)
- MITRE Attack Framework
- Diamond model of intrusion analysis
- Techniques for establishing persistence
- Evading NAC and endpoint security
- Understand Fog, Edge, and Grid Computing Model
Certify
C|EH® ANSI
- 125 Multiple-Choice Questions
- 4 hours
C|EH® Practical
- 6-hour Practical Exam
- 20 Scenario-Based Questions
Engage
- Conduct a real-world ethical hacking assignment
- Apply the 5 phases
- Reconnaissance
- Scanning
- Gaining Access
- Maintaining Access
- Covering Your Tracks
Compete
- New challenges every month
- 4-hour competition
- Compete with your peers all over the world
- Hack your way to the top of the leaderboard
- Techniques for establishing persistence
- Gain recognition
- Challenges include:
- OWASP Top 10 Web Application Threat Vectors
- Ransomware/ Malware Analysis
- Outdated/Unpatched Software
- System Hacking and Privilege Escalation
- Web Application Hacking and Pen Testing
- Cloud Attack/Hacking
- and many more...
Course Link: Ethical Hacking Certification Course
Duration: 5 days
Delivery: In-person training, Live Online Classes, Self-Paced Learning
Best Ethical Hacking Courses to Get Started: Beginners
Get familiar with basic security concepts and master the tools and techniques needed for the initial stages of ethical hacking.
Course 2: Ethical Hacking Essentials (FREE Course for Beginners / Freshers)
Ethical Hacking Essentials is an introductory cybersecurity course that covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cybersecurity. This course will introduce learners to computer and network security concepts such as threats and vulnerabilities, password cracking, web application attacks, IoT and OT attacks, cloud computing, pentesting fundamentals, and more.
This course provides hands-on practical experience to learners thus giving them the skills necessary for a future in cybersecurity.
EHE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. This improves their prospects for employment advancement, higher salaries, and greater job satisfaction.
Course outline:
- Information Security Fundamentals
- Ethical Hacking Fundamentals
- Information Security Threats and Vulnerabilities
- Password Cracking Techniques and Countermeasures
- Social Engineering Techniques and Countermeasures
- Network Level Attacks and Countermeasures
- Web Application Attacks and Countermeasures
- Wireless Attacks and Countermeasures
- Mobile Attacks and Countermeasures
- IoT and OT Attacks and Countermeasures
- Cloud Computing Threats and Countermeasures
- Penetration Testing Fundamentals
What is Included
- Duration: 15+ hrs. of premium self-paced video training
- Official eCourseware from EC-Council
- CodeRed's Certificate of Achievement
- 11 Lab Activities in a simulated lab environment (Available Only with the Labs Package)
- Proctored Exam and Official EC-Council Certification (Available Only with the Ultimate Package)
Course 3: Ethical Hacking for Career Starters
- Course Overview – Hands-on overview of tools and techniques used for cyberattacks
- Course Link – Ethical Hacking for Career Starters | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 4 hours
- No. of Videos – 32
- No. of Assessments – 35
- What You Will Learn
- Get equipped with the basics of internet and computer security.
- Learn methods used by hackers use to attack systems.
- Understand the common types of attacks such as denial of service, man in the middle, and phishing attacks and methods used to secure devices.
Course 4: Google Hacking and Social Media Self-Defense
- Course Overview – Protect your sensitive information from hacking.
- Course Link – Google Hacking and Social Media Self-Defense | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 4 hours
- No. of Videos – 27
- No. of Assessments – 25
- What You Will Learn
- Learn how Google as a search engine functions.
- Understand the structure of domains, and how SEO is used and abused for Google.
- Analyze and apply Google dorks to find information through searches.
Course 5: Recover Lost Data by Hacking Windows
- Course Overview – Recover your data in Windows by hacking into the system.
- Course Link – Recover Lost Data by Hacking Windows | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 6 hours
- No. of Videos – 22
- No. of Assessments – 30
- What You Will Learn
- The importance of backup as a preventive measure to avoid data loss.
- How to review and analyze data forensic related information?
- How to recover data for directly attached or removable drives?
Course 6: Open-Source Intelligence
- Course Overview – Recover your data in Windows by hacking into the system.
- Course Link – Open Source Intelligence | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 4 hours
- No. of Videos – 23
- No. of Assessments – 20
- What You Will Learn
- Establish a clear understanding of what Open-Source Intelligence is and what it is not.
- Learn how to create a safe and privacy-aware environment (lab) for conducting your OSINT investigations.
- Learn about various tools for searching, gathering, analyzing, and documenting information which can (and will) help you in protecting yourself and your company.
Course 7: Mastering Web and Infrastructure Reconnaissance
- Course Overview – Learn and understand various tools to perform Penetration Testing and how you can use it to your advantage and protection in a virtual Linux environment.
- Course Link – Mastering Web and Infrastructure Reconnaissance | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 8 hours
- No. of Videos – 48
- No. of Assessments – 36
- What You Will Learn
- Understand a structured approach to reconnaissance to ensure completeness and accuracy.
- Level-up your existing tool knowledge by getting more out of the ones that you know about and learning new ones.
- Analyze some of the typical reconnaissance results that will affect testing like hosted environments, content delivery networks, outsourced DNS, domain controllers, print servers, etc.
Course 8: Hands-on Network Security
- Course Overview – Encounter Money Laundering, Identity Theft, Online Fraud, Cyber-Attacks, and others by Analyzing the Network
- Course Link – Hands-on Network Security | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 4 hours
- No. of Videos – 25
- No. of Assessments – 35
- What You Will Learn
- Learn network security from scratch.
- Learn about routers and firewall attacks.
- Learn about major network attacks and security.
Course 9: Wireshark for Ethical Hackers
- Course Overview – Learn Wireshark practically and learn how to analyze and interpret network protocols and leverage Wireshark for what it was originally intended: Deep Packet Inspection and network analysis.
- Course Link – Wireshark for Ethical Hackers | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 6 hours
- No. of Videos – 31
- No. of Assessments – 16
- What You Will Learn
- A structured approach to database testing and exploitation
- A solid understanding of SQL syntax and operation
- Exploit SQL Injections in Websites and Exfiltrate Data
Course 10: Ethical Hacking with Nmap
- Course Overview – Nmap Tips, Tricks, and Secrets every hacker should know!
- Course Link – Wireshark for Ethical Hackers | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 6 hours
- No. of Videos – 31
- No. of Assessments – 16
- What You Will Learn
- Explore network theory with a pragmatic approach and learn how weaving this knowledge into your Nmap usage can advance your hacking skills!
- Master tuning Nmap for timing and performance, operating system detection, service detection, and version detection.
- Examine advanced enumeration techniques for DNS, HTTP, MySQL, SMB, FTP, SSH, and much more.
Top Ethical Hacking Courses for Core Skill Development: Intermediate Level
Step into real-world ethical hacking with tools and methods for vulnerability exploitation and management
Course 11: Getting Started with Vulnerability Analysis and Management
- Course Overview – Practical vulnerability and threat assessment, insight on protecting company.
- Course Link – Getting Started with Vulnerability Analysis and Management (eccouncil.org)
- Course Level – Beginner
- Duration – 5 hours
- No. of Videos – 25
- No. of Assessments – 20
- What You Will Learn
- Framework to be used for Vulnerability Assessment
- Detect and identify network-based Vulnerabilities
- Automatic and manual method to detect Vulnerability
Course 12: Hands-on Vulnerability Management with QualysGuard
- Course Overview – In this beginner-friendly course, you will learn to effectively manage vulnerabilities with the Qualys Cloud Platform.
- Course Link – Hands-on Vulnerability Management with QualysGuard | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 3 hours 31 minutes
- No. of Videos – 17
- No. of Assessments – 35
- What You Will Learn
- Understanding the six phases of a vulnerability management lifecycle: Discover assets, prioritize assets, conduct a vulnerability assessment, generate reports, remediate vulnerabilities, and verify remediation.
- Learn to Create and manage your asset inventory on Qualys cloud platform.
- Understand the assessment of vulnerabilities in specific environments.
Course 13: Windows Penetration Testing Essentials
- Course Overview – A Comprehensive Guide to Exploiting the Windows Operating System with Real-world Exploits and Vulnerabilities.
- Course Link – Windows Penetration Testing Essentials | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 4 hours
- No. of Videos – 25
- No. of Assessments – 15
- What You Will Learn
- Learn how to set up your own virtual penetration testing lab with active directory and how to obtain evaluation copies of Windows.
- Learn how to perform information gathering and enumeration of Windows-specific services with Nmap and OpenVAS.
- Learn how to identify vulnerabilities like EternalBlue, perform exploitation with Metasploit, and perform system pivoting to establish a foothold on a network.
Course 14: Malware Analysis Fundamentals
- Course Overview – Explore how to find, analyze, and reverse engineer malware.
- Course Link – Malware Analysis Fundamentals | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 4 hours
- No. of Videos – 26
- No. of Assessments – 30
- What You Will Learn
- You will learn what virus, worm, Trojan, rootkit, ransomware, mobile malicious code, etc., are.
- Learn how malicious software works and propagates and how they use exploits.
- Learn how to apply your skills to reverse engineer non-malicious software and gain insight into how they operate.
Course 15: Metasploit like a Pro
- Course Overview – Learn to use Metasploit in this beginner-friendly and hands-on course.
- Course Link – Online Course for Penetration Testing with Metasploit | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 13 hours
- No. of Videos – 30
- No. of Assessments – 40
- What You Will Learn
- Understand the basic purpose and use of Metasploit & its history.
- Master techniques used for scanning and enumerating targets.
- Understand how to utilize Metasploit to maintain access and persistence.
Course 16: Mastering Database Reconnaissance and Exploitation
- Course Overview – Learn how to identify, enumerate, and exploit SQL databases and NOSQL databases to PWN modern web applications.
- Course Link – Mastering Database Reconnaissance and Exploitation | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 4 hours
- No. of Videos – 15
- No. of Assessments – 20
- What You Will Learn
- After taking this course, you will have an absolute mastery of database exploitation techniques.
- Skills to record findings as you conduct your testing.
- Techniques and methods to help prevent database misconfigurations and common attacks.
Course 17: Getting Started with Kali Linux Penetration Testing
- Course Overview – Learn how to use Kali Linux tools for vulnerability analysis from this hands-on course.
- Course Link – Getting Started with Kali Linux Penetration Testing | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 5 hours
- No. of Videos – 38
- No. of Assessments – 15
- What You Will Learn
- Learn various Information Gathering tools and techniques.
- Perform Network and Web Vulnerability analysis.
- Learn Database Assessment techniques.
Course 18: Mastering Pentesting using Kali Linux
- Course Overview – Learn Kali Linux tools to become a professional in Penetration Testing.
- Course Link – Master Penetration Testing with Kali Linux Online | CodeRed (eccouncil.org)
- Course Level – Intermediate
- Duration – 5 hours
- No. of Videos – 38
- No. of Assessments – 21
- What You Will Learn
- Learn Sniffing and Spoofing Tools and Techniques.
- Perform Social Engineering Attacks.
- Learn Forensics Analysis using Forensics Tools.
Course 19: Hands-on Password Attacks and Security
- Course Overview – Learn how attackers can bypass passwords and how you can prevent them from doing so.
- Course Link – Hands-on Password Attacks and Security | CodeRed (eccouncil.org)
- Course Level – Beginner
- Duration – 2 hours
- No. of Videos – 27
- No. of Assessments – 25
- What You Will Learn
- Prevent brute force attacks, dictionary attacks, rainbow table attacks, and sniffing via keyloggers.
- Bypass passwords using brute force attacks, dictionary attacks, rainbow table attacks, and keyloggers.
- Create strong passwords that you will never forget.
Course 20: Burp Suite: Web Application Penetration Testing
- Course Overview – Simulate attacks through a hands-on approach within your web application with this integrated platform.
- Course Link – Burp Suite: Web Application Penetration Testing (eccouncil.org)
- Course Level – Intermediate
- Duration – 2 hours 46 minutes
- No. of Videos – 21
- No. of Assessments – 15
- What You Will Learn
- Set up your Burp Suite environment and examine target websites using Burp 2x
- Scan your web application and interpret your results
- Simulate Hybrid Spidering your web application
About the Author
Leaman Crews is a former newspaper reporter, publisher, and editor with over 25 years of professional writing experience. He is also a former I.T. director specializing in writing about tech in an enjoyable way.
