Certified Ethical Hacker (CEH v13 AI)

The Certified Ethical Hacker (CEH v13 AI) certification is one of the world’s most recognized ethical hacking programs, designed to help cybersecurity professionals think and act like ethical hackers. CEH teaches how to identify vulnerabilities, exploit weaknesses safely, and apply effective countermeasures — with real‑world hands‑on labs using industry tools and techniques.
  • Training
  • Course Outline
  • Careers
  • Exam
Training Options
Training is available online or live with an instructor, giving learners the flexibility to choose the format that fits their schedule and learning style.

Training Hours
40 hours (Instructor-led)

Skills Gained With CEH
Ethical Hacking Techniques
Network Scanning and Enumeration
System and Web Application Exploitation
Malware Analysis
Social Engineering
Wireless and IoT Security
Cryptography and Security Protocols
Incident Response
Security Tools Proficiency
Compliance and Risk Management

Module 01: Introduction to Ethical Hacking
Provides the foundation of ethical hacking and information security, including core principles, legal issues, common attack methodologies, ethical hacking frameworks, and relevant compliance standards.

Module 02: Footprinting and Reconnaissance
Covers techniques and tools used for gathering preliminary information about a target — a critical first step in the ethical hacking process.

Module 03: Scanning Networks
Explains how to use network scanning methods to discover hosts, open ports, and services — and how attackers leverage these techniques.

Module 04: Enumeration
Details active information gathering methods used to enumerate network resources, user accounts, shares, and vulnerabilities.

Module 05: Vulnerability Analysis
Teaches how to identify security weaknesses in systems and networks using vulnerability assessment tools and methodologies.

Module 06: System Hacking
Covers system takeover techniques — including password attacks, privilege escalation, footprint clean‑up, and covering tracks.

Module 07: Malware Threats
Introduces various types of malware (e.g., Trojans, viruses, worms, fileless malware), malware analysis techniques, and countermeasures.

Module 08: Sniffing
Explains packet sniffing attacks, wiretapping, MAC flooding, ARP poisoning, and how to detect and defend against sniffing techniques.

Module 09: Social Engineering
Outlines manipulation techniques that target human psychology, including phishing, impersonation, and insider threats — with prevention strategies.

Module 10: Denial-of-Service
Covers DoS and DDoS attack methods, exploitation tools, and defense strategies to mitigate service disruption risks.

Module 11: Session Hijacking
Focuses on methods attackers use to steal or manipulate session tokens and how to detect and prevent session takeover.

Module 12: Evading IDS, Firewalls, and Honeypots
Teaches techniques used by attackers to bypass perimeter defenses, intrusion detection systems (IDS), firewalls, and honeypot traps — and how to strengthen defenses.

Module 13: Hacking Web Servers
Examines common web server vulnerabilities, exploitation methods, and countermeasures to protect web infrastructure.

Module 14: Hacking Web Applications
Provides insight into attacking web applications — including attack vectors, exploitation techniques, and secure coding practices.

Module 15: SQL Injection
Focuses on SQL injection attack mechanics, detection, and remediation approaches to secure database‑driven applications.

Module 16: Hacking Wireless Networks
Details wireless network vulnerabilities, encryption weaknesses, attack methodologies, and defense tactics to secure wireless communications.

Module 17: Hacking Mobile Platforms
Covers mobile threat vectors, including Android and iOS exploitation, mobile device management security, and platform‑specific attack tools.

Module 18: IoT and OT Hacking
Explores threats and attack techniques targeting Internet of Things (IoT) and Operational Technology (OT) devices, as well as appropriate defensive controls.

Module 19: Cloud Computing
Introduces cloud architecture threats and security strategies, including attacks on cloud services, containers, and secure cloud configurations.

Module 20: Cryptography
Covers encryption algorithms, cryptographic tools, public-key infrastructure (PKI), secure communications, and common cryptanalysis techniques.

Ethical Hacker
Ethical Hackers are authorized professionals who simulate real-world attacks to identify security weaknesses before malicious actors do. They use hacking techniques legally and responsibly to improve an organization’s security posture.

Penetration Tester (Pentester)
Penetration Testers conduct controlled attacks on systems, applications, and networks to uncover exploitable vulnerabilities. Their work results in detailed reports with risk ratings and remediation steps.

Cybersecurity Analyst
Cybersecurity Analysts monitor systems, analyze security events, and help protect organizations from cyber threats through detection and prevention strategies.

Security Analyst
Security Analysts focus on identifying, analyzing, and responding to security threats across IT environments. This role often overlaps with SOC and cybersecurity analyst duties.

SOC Analyst (Tier 1 / Tier 2)
Tier 1: Monitor alerts, triage incidents, escalate issues
Tier 2: Deep investigation, threat hunting, incident response

Information Security Analyst
Responsible for protecting sensitive data by implementing security controls, policies, and monitoring systems to prevent breaches.

Information Security Specialist
A hands-on role focusing on specific security domains such as endpoint protection, IAM, or data security.

Network Security Engineer
Designs, implements, and manages secure network infrastructures including firewalls, VPNs, and intrusion detection systems.

Cyber Defense Analyst
Focused on defending systems against active threats by monitoring, detecting, and responding to cyber attacks in real time.

Vulnerability Analyst
Identifies, assesses, and prioritizes vulnerabilities in systems and applications and works with teams to remediate them.

Threat Analyst
Researches cyber threats, attacker techniques, and emerging malware to provide actionable threat intelligence.

Incident Response Analyst
Leads and supports response efforts during security incidents, including containment, eradication, recovery, and post-incident analysis.

IT Security Consultant
Advises organizations on security best practices, risk management, and compliance, often working across multiple clients and industries.

Security Operations Specialist
Supports day-to-day security operations including monitoring, incident handling, and maintaining security tools.

Red Team Analyst
Simulates real-world attacks to test defenses, focusing on offensive techniques while learning advanced adversary tactics.

Blue Team Analyst
Defensive specialist responsible for detection, monitoring, and strengthening an organization’s security defenses.

Application Security Analyst
Focuses on securing software applications by reviewing code, performing security testing, and integrating security into the SDLC.

Cloud Security Analyst
Secures cloud environments (AWS, Azure, GCP) by managing identity, monitoring configurations, and ensuring compliance.

Risk & Compliance Analyst (GRC)
Focuses on governance, risk management, and compliance by developing policies, conducting risk assessments, and ensuring adherence to standards like ISO 27001, SOC 2, GDPR, and NIST.
Format
Multiple choice

Questions
125

Duration
4 hours

Delivery
Online via the ECC exam portal

Passing score
60% to 85%