What is C|EH v12?
The Certified Ethical Hacker has been battle-hardened over the last 20 years, creating hundreds of thousands of Certified Ethical Hackers employed by top companies, militaries, and governments worldwide.
In its 12th version, the Certified Ethical Hacker provides comprehensive training, hands-on learning labs, practice cyber ranges for engagement, certification assessments, cyber competitions, and opportunities for continuous learning into one comprehensive program curated through our new learning framework: 1. Learn 2. Certify 3. Engage 4. Compete.
The C|EH v12 also equips aspiring cybersecurity professionals with the tactics, techniques, and procedures (TTPs) to build ethical hackers who can uncover weaknesses in nearly any type of target system before cybercriminals do.
Cybersecurity Incidents Are Exploding. So Are Cyber Jobs!
Build Your Career With the Most In-Demand Ethical Hacking Certification in the World, Certified Ethical Hacker.
- The World's Number 1 Ethical Hacking Certification
- A Structured Professional Course for Aspiring Cyber Professionals
- Work Anywhere With C|EH- It’s Globally Recognized
- Comprehensive Program to Master the 5 Phases of Ethical Hacking
- Hands-On Learning With CyberQTM
- Flexible Learning Options : Live, Online, or Hybrid
How C|EH v12 Empowers You
Unique
Learn, Certify, Engage and Compete Methodology
for Aspiring Cyber Professionals. Learn Ethical Hacking in a Structured Setting Across 20 Domains.
Build Skills With over
220 Challenge-Based, Hands-On Labs with CyberQ™ Labs.
Gain Experience With over 500 Unique Attack Techniques.
Learn
Commercial-Grade Hacking Tools and Techniques.<
Engage: "Hack" a Real Organization With C|EH Elite to Get Experience.
Compete With Hackers Around the World
as Part of the C|EH Elite Program. Attain the Most Recognized Credential in the Cybersecurity Industry :C|EH.
What's New in the C|EH v12?
Our exclusive Learn | Practice | Certify | Compete framework covers not only a comprehensive training program to prepare you for the certification exam, but also the industry’s most robust, in-depth, hands-on lab experience of any cybersecurity program available. C|EH v12 will teach you the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organizations.
Gain Skills
- 5 days of training
- 20 modules
- Over 220 hands-on-labs with competition flags
- Over 3,500 hacking tools
- Learn how to hack multiple operating systems
(Windows 11, Windows Servers, Linux, Ubuntu, Android)
Gain Experience
C|EH Knowledge Exam
- 125 multiple-choice questions
- 4 hours
C|EH Practical Exam
- 6 hours practical exam
- 20 scenario based questions
- Prove your skills and abilities
- ANSI 17024 accredited
Gain Recognition
- Conduct a real-world ethical hacking assignment
- Apply the 5 phases
- Reconnaissance
- Scanning
- Gaining Access
- Maintaining Access
- Covering Your Tracks
Gain Respect
- New challenges every month
- 4 hour competition
- Compete with your peers all over the world
- Hack your way to the top of the Leaderboard
- Gain recognition
- Challenges
Enter the Hackerverse™ With the C|EH v12 Enhance Your Ethical Hacking Career
What You Will Learn
C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.
Ethical Hacking Labs
With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.
How You Will Get Certified
Prove Your Skills and Abilities With Online, Practical Examinations
C|EH Certification
Certified Ethical Hacker Certification
The C|EH exam is a 4-hour exam with 125 multiple-choice questions. This knowledge-based exam will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more!
C|EH Practical Certification
C|EH Practical is a 6-hour, rigorous exam that requires you to demonstrate the skills and abilities of ethical hacking techniques such as:
- Port scanning tools (e.g., Nmap, Hping)
- Vulnerability detection
- Attacks on a system (e.g., DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
- SQL injection methodology and evasion techniques
- Web application security tools (e.g., Acunetix WVS)
- SQL injection detection tools (e.g., IBM Security AppScan)
- Communication protocols
This is the next step to becoming a C|EH Master after you have achieved your C|EH certification. Within C|EH Practical, you have a limited amount of time to complete 20 challenges that test your skills and proficiency in a performance-based cyber range. This exam is NOT a simulation and incorporates a live corporate network of VMs and applications with solutions to uncover vulnerabilities.
C|EH Master
Upon Completing the C|EH (Master) program, which consists of C|EH and C|EH (Practical), the C|EH (Master) designation is awarded. C|EH Masters have shown proficiency at a master level in the knowledge, skills, and abilities of ethical hacking with a total 6 hours of testing to prove their competency. Top top 10 performers in both C|EH and C|EH Practical exams are showcased on the C|EH Master Global Ethical Hacking Leaderboard.
The C|EH Exam at a Glance
How You Will Engage
The C|EH v12 program helps you develop real-world experience in ethical hacking through the hands-on C|EH practice environment. C|EH Engage equips you with the skills to prove that you have what it takes to be a great ethical hacker.
Your security assessment objectives will be presented as a series of flags (questions you must answer in the Cyber Range by performing ethical hacking activities on the target organization).
New to C|EH v12, students will embark on their first emulated ethical hacking engagement. This 4-phase engagement requires students to think critically and test the knowledge and skills gained by capturing a series of flags in each phase, demonstrating the live application of skills and abilities in a consequence-free environment through EC-Council’s new Cyber Range.
As you complete your training and hands-on labs, C|EH Engage lets you apply everything you have learned in a mock ethical hacking engagement. This 4-part security engagement gives you a real ethical hacking engagement experience from start to finish against an emulated organization. Using our capture-the-flag-style range, you will complete your engagement by answering "flag" questions as you progress.
Where You Will Compete
The C|EH Global Challenges occur every month, providing capture-the-flag style competitions that expose students to various new technologies and platforms, from web applications, OT, IoT, SCADA, and ICS systems to cloud and hybrid environments. Our Compete structure lets ethical hackers fight their way to the top of the leaderboard each month in these 4-hour curated CTFs. Objective-based flags are designed around the ethical hacking process, keeping skills current, testing critical thinking abilities, and covering the latest vulnerabilities and exploits as they are discovered. Hosted 100% online in EC-Council’s Cyber Range, candidates race the clock in scenario-based engagements against fully developed network and application environments with real operating systems, real networks, tools, and vulnerabilities to practice, engage, compete, build, and hone their cyber skills against various new target organizations.
New Challenges Every Month
Duration
40 hours - 2 classes per week
Eligibility
- Basic Knowledge of Software, Database and Networking
- If you do not have the above knowledge, please complete our "INDUSTRY READY" Courses to be eligible -
Industry Ready C Programming
Industry Ready Data Structure
Industry Ready RDBMS
What You Will Get?
40 Hours
in-depth training by best faculties from cyber security industry
Study Materials
and examination voucher
CEH
Certificate of Completion after examination and alumni status
Important Notice for International Students: The EC-Council global course fee and Exam Voucher fee will depend on the candidate's location and foreign currency exchange rate.
Key Updates of C|EH v12
Features:
- New Learning Methodology: Learn – Certify – Engage – Compete
- Compete: new challenges every month to test your job-ready skills!
- 100% Compliance to NICE 2.0 Framework
- Based on a comprehensive industry-wide job-task analysis
- Hands-on learning labs
- Practice Range
- Global C|EH community competitions
- Cheat Sheet
- Coverage of the latest malware
- Lab-intensive program (Every learning objective is demonstrated using labs)
- Hands-on program (More than 50% of training time is dedicated to labs)
- Lab environment simulates a real-time environment(Lab setup simulates real-life networks and platforms)
- Covers the latest hacking tools (Based on Windows, macOS, and Linux)
- Latest OS covered and a patched testing environment
- All the tool screenshots are replaced with the latest version
- All the tool listing slides are updated with the latest tools
- All the countermeasure slides are updated
Technology Updates:
- MITRE ATTACK Framework
- Diamond Model of Intrusion Analysis
- Techniques for Establishing Persistence
- Evading NAC and Endpoint Security
- Fog Computing
- Edge Computing
- Grid Computing
Updated OS
- Windows 11 - Windows Server 2022
- Parrot Security - Windows Server 2019
- Android - Ubuntu Linux
Course Content
- 3000+ Student Manual Pages
- 1900+ Lab Manual Pages
- 3500+ Hacking & Security Tools
- 220 Hands-On Lab Practicals
- 519 Attack Techniques
- 20 Refreshed Modules
Course Details
This course is designed as per latest EC-Council's CEH exam syllabus (CEH v12).
C|EH v12 Exam Information
C|EH (ANSI)
- Exam Title: Certified Ethical Hacker (ANSI)
- Exam Code: 312-50 (ECC EXAM), 312-50 (VUE)
- Number of Questions: 125
- Duration: 4 hours
- Availability: ECCEXAM/VUE
- Test Format: Multiple Choice
- Passing Score: Please refer to https://cert.eccouncil.org/faq.html
C|EH PRACTICAL
- Exam Title: Certified Ethical Hacker (Practical)
- Number of Practical Challenges: 20
- Duration: 6 hours
- Availability: ASPEN iLabs
- Test Format: iLabs cyber range
- Passing Score: 70%
20 Modules that help you master the foundations of Ethical Hacking and prepare to challenge the CEH certification exam.
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered:
- Elements of Information Security (Day 1)
- Cyber Kill Chain Methodology (Day 1)
- MITRE ATT&CK Framework (Day 1)
- Hacker Classes, Ethical Hacking (Day 1)
- Information Assurance (IA) (Day 1)
- Risk Management (Day 1)
- Incident Management (Day 1)
- PCI DSS (Day 1)
- HIPPA (Day 1)
- SOX (Day 1)
- GDPR (Day 1)
Learn how to use the latest techniques and tools to perform foot printing and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-On Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform foot printing on the target network using search engines, web services, and social networking sites (Day 2)
- Perform website, email, whois, DNS, and network foot printing on the target network (Day 2)
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Hands-On Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform host, port, service, and OS discovery on the target network (Day 3)
- Perform scanning on the target network beyond IDS and firewall (Day 3)
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, plus associated countermeasures.
Hands-On Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration (Day 4)
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform vulnerability research using vulnerability scoring systems and databases (Day 5)
- Perform vulnerability assessment using various vulnerability assessment tools (Day 5)
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.
Hands-On Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform Online active online attack to crack the system’s password (Day 6)
- Perform buffer overflow attack to gain access to a remote system (Day 6)
- Escalate privileges using privilege escalation tools (Day 6)
- Escalate privileges in linux machine (Day 6)
- Hide data using steganography (Day 6)
- Clear Windows and Linux machine logs using various utilities (Day 6)
- Hiding artifacts in Windows and Linux machines (Day 6)
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.
Hands-On Lab Exercises:
Over 20 hands-on exercises with real-life simulated targets to build skills on how to:
- Gain control over a victim machine using Trojan (Day 7)
- Infect the target system using a virus (Day 7)
- Perform static and dynamic malware analysis (Day 7)
Key topics covered:
- Malware (Day 7)
- Components of Malware (Day 7)
- APT (Day 7)
- Trojan (Day 7)
- Types of Trojans (Day 7)
- Exploit Kits (Day 7)
- Virus (Day 7)
- Virus Lifecycle (Day 7)
- Types of Viruses (Day 7)
- Ransomware (Day 7)
- Computer Worms (Day 7)
- Fileless Malware (Day 7)
- Malware Analysis (Day 7)
- Static Malware Analysis (Day 7)
- Dynamic Malware Analysis (Day 7)
- Virus Detection Methods (Day 7)
- Trojan Analysis (Day 7)
- Virus Analysis (Day 7)
- Fileless Malware Analysis (Day 7)
- Anti-Trojan Software (Day 7)
- Antivirus Software (Day 7)
- Fileless Malware Detection Tools (Day 7)
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.
Hands-On Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack (Day 8)
- Spoof a MAC address of Linux machine (Day 8)
- Perform network sniffing using various sniffing tools (Day 8)
- Detect ARP poisoning in a switch-based network (Day 8)
Key topics covered:
- Network Sniffing (Day 8)
- SWiretapping (Day 8)
- MAC Flooding (Day 8)
- DHCP Starvation Attack (Day 8)
- ARP Spoofing Attack (Day 8)
- ARP Poisoning (Day 8)
- ARP Poisoning Tools (Day 8)
- MAC Spoofing (Day 8)
- STP Attack (Day 8)
- DNS Poisoning (Day 8)
- DNS Poisoning (Day 8) Tools
- Sniffing Tools (Day 8)
- Sniffer Detection Techniques (Day 8)
- Promiscuous Detection Tools (Day 8)
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-On Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform social engineering using Various Techniques (Day 9)
- Spoof a MAC address of a Linux machine (Day 9)
- Detect a phishing attack (Day 9)
- Audit an organization’s security for phishing attacks (Day 9)
Key topics covered:
- Social Engineering (Day 9)
- Types of Social Engineering (Day 9)
- Phishing (Day 9)
- Phishing Tools (Day 9)
- Insider Threats/Insider Attacks (Day 9)
- Identity Theft (Day 9)
Learn about different Denial-of-Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform a DoS and DDoS attack on a target host (Day 10)
- Detect and protect against DoS and DDoS attacks (Day 10)
Key topics covered:
- DoS Attack (Day 10)
- DDoS Attack
- Botnets
- DoS/DDoS Attack Techniques
- DoS/DDoS Attack Tools
- DoS/DDoS Attack Detection Techniques
- DoS/DDoS Protection Tools
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-On Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform session hijacking using various tools (Day 11)
- Detect session hijacking (Day 11)
Key topics covered:
- Session Hijacking (Day 11)
- Types of Session Hijacking (Day 11)
- Spoofing (Day 11)
- Application-Level Session Hijacking (Day 11)
- Man-in-the-Browser Attack (Day 11)
- Client-side Attacks (Day 11)
- Session Replay Attacks (Day 11)
- Session Fixation Attack (Day 11)
- CRIME Attack (Day 11)
- Network Level Session Hijacking (Day 11)
- TCP/IP Hijacking (Day 11)
- Session Hijacking Tools (Day 11)
- Session Hijacking Detection Methods (Day 11)
- Session Hijacking Prevention Tools (Day 11)
Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.
Hands-On Lab Exercises:
Over 7 hands-on exercises with real-life simulated targets to build skills on how to:
- Bypass Windows Firewall (Day 12)
- Bypass firewall rules using tunneling (Day 12)
- Bypass antivirus (Day 12)
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.
Hands-On Lab Exercises:
Over 8 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform web server reconnaissance using various tools (Day 13)
- Enumerate web server information (Day 13)
- Crack FTP credentials using a dictionary attack (Day 13)
Key topics covered:
- Web Server Operations (Day 13)
- Web Server Attacks (Day 13)
- DNS Server Hijacking (Day 13)
- Website Defacement (Day 13)
- Web Cache Poisoning Attack (Day 13)
- Web Server Attack Methodology (Day 13)
- Web Server Attack Tools (Day 13)
- Web Server Security Tools (Day 13)
- Patch Management (Day 13)
- Patch Management Tools (Day 13)
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-On Lab Exercises:
Over 15 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform web application reconnaissance using various tools (Day 14)
- Perform web spidering (Day 14)
- Perform web application vulnerability scanning (Day 14)
- Perform a brute-force attack (Day 14)
- Perform Cross-Site Request Forgery (CSRF) Attack (Day 14)
- Identify XSS vulnerabilities in web applications (Day 14)
- Detect web application vulnerabilities using various web application security tools (Day 14)
Key topics covered:
- Web Application Architecture (Day 14)
- Web Application Threats (Day 14)
- OWASP Top 10 Application Security Risks – 2021 (Day 14)
- Web Application Hacking Methodology (Day 14)
- Web API (Day 14)
- Webhooks and Web Shell (Day 14)
- Web API Hacking Methodology (Day 14)
- Web Application Security (Day 14)
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.
Hands-On Lab Exercises:
Over 4 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform an SQL injection attack against MSSQL to extract databases (Day 15)
- Detect SQL injection vulnerabilities using various SQL injection detection tools (Day 15)
Key topics covered:
- SQL Injection (Day 15)
- Types of SQL injection (Day 15)
- Blind SQL Injection (Day 15)
- SQL Injection Methodology (Day 15)
- SQL Injection Tools (Day 15)
- Signature Evasion Techniques (Day 15)
- SQL Injection Detection Tools (Day 15)
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools
Hands-On Lab Exercises:
Over 3 hands-on exercises with real-life simulated targets to build skills on how to:
- Foot Print a wireless network (Day 16)
- Perform wireless traffic analysis (Day 16)
- Crack WEP, WPA, and WPA2 networks (Day 16)
- Create a rogue access point to capture data packets (Day 16)
Key topics covered:
- Wireless Terminology (Day 16)
- Wireless Networks (Day 16)
- Wireless Encryption (Day 16)
- Wireless Threats (Day 16)
- Wireless Hacking Methodology (Day 16)
- Wi-Fi Encryption Cracking (Day 16)
- WEP/WPA/WPA2 Cracking Tools (Day 16)
- Bluetooth Hacking (Day 16)
- Bluetooth Threats (Day 16)
- Wi-Fi Security Auditing Tools (Day 16)
- Bluetooth Security Tools (Day 16)
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Hack an Android device by creating binary payloads (Day 17)
- Exploit the Android platform through ADB (Day 17)
- Hack an Android device by creating APK file (Day 17)
- Secure Android devices using various Android security tools (Day 17)
Key topics covered:
- Mobile Platform Attack Vectors (Day 17)
- OWASP Top 10 Mobile Risks (Day 17)
- App Sandboxing, SMS Phishing Attack (SMiShing) (Day 17)
- Android Rooting (Day 17)
- Hacking Android Devices (Day 17)
- Android Security Tools (Day 17)
- Jailbreaking iOS (Day 17)
- Hacking iOS Devices (Day 17)
- iOS Device Security Tools (Day 17)
- Mobile Device Management (MDM) (Day 17)
- OWASP Top 10 Mobile Controls (Day 17)
- Mobile Security Tools (Day 17)
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.
Hands-On Lab Exercises:
Over 2 hands-on exercises with real-life simulated targets to build skills on how to:
- Gather information using Online foot printing tools (Day 18)
- Capture and analyze IoT device traffic (Day 18)
Key topics covered:
- IoT Architecture (Day 18)
- IoT Communication Models (Day 18)
- OWASP Top 10 IoT Threats (Day 18)
- IoT Vulnerabilities (Day 18)
- IoT Hacking Methodology (Day 18)
- IoT Hacking Tools (Day 18)
- IoT Security Tools (Day 18)
- IT/OT Convergence (IIOT) (Day 18)
- ICS/SCADA, OT Vulnerabilities (Day 18)
- OT Attacks (Day 18)
- OT Hacking Methodology (Day 18)
- OT Hacking Tools (Day 18)
- OT Security Tools (Day 18)
Learn different cloud computing concepts, such as container technologies and server less computing, various cloud-based threats and attacks, and cloud security techniques and tools.
Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on how to:
- Perform S3 Bucket enumeration using various S3 bucket enumeration tools (Day 19)
- Exploit open S3 buckets (Day 19)
- Escalate IAM user privileges by exploiting misconfigured user policy (Day 19)
Key topics covered:
- Cloud Computing (Day 19)
- Types of Cloud Computing Services (Day 19)
- Cloud Deployment Models (Day 19)
- Fog and Edge Computing (Day 19)
- Cloud Service Providers (Day 19)
- Container (Day 19)
- Docker (Day 19)
- Kubernetes (Day 19)
- Serverless Computing (Day 19)
- OWASP Top 10 Cloud Security Risks (Day 19)
- Container and Kubernetes Vulnerabilities (Day 19)
- Cloud Attacks (Day 19)
- Cloud Hacking (Day 19)
- Cloud Network Security (Day 19)
- Cloud Security Controls (Day 19)
- Cloud Security Tools (Day 19)
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
Hands-On Lab Exercises:
Over 10 hands-on exercises with real-life simulated targets to build skills on how to:
- Calculate MD5 hashes (Day 20)
- Perform file and text message encryption (Day 20)
- Create and use self-signed certificates (Day 20)
- Perform email and disk encryption (Day 20)
- Perform cryptanalysis using various cryptanalysis tools (Day 20)
Key topics covered:
- Cryptography (Day 20)
- Encryption Algorithms (Day 20)
- MD5 and MD6 Hash Calculators (Day 20)
- Cryptography Tools (Day 20)
- Public Key Infrastructure (PKI) (Day 20)
- Email Encryption (Day 20)
- Disk Encryption (Day 20)
- Cryptanalysis (Day 20)
- Cryptography Attacks (Day 20)
- Key Stretching (Day 20)
Hacking Tutorials
Read All Tutorials »
Building a career in Digital Forensic - How promising is the future? A thorough career guide
Read Details »Hacking Videos
Explore All Videos »How to Hiding Your Secret File using Steganography?
View On Youtube »Enroll Now
Fields marked with * are mandatory.
21 years of experience working in India, New Zealand & Singapore; in Information Security domain as Ethical Hacker, ISO 27001 Lead Auditor / Tutor, BS 10012 Privacy Lead Auditor, Mr. Sandeep Sengupta has conducted security audit in companies like ONGC, KPMG, PWC, Airtel, Vodafone, Accenture, Capgemini, Vedanta, PayU, Bandhan Bank, ABP, etc.
He has been invited as a speaker at FICCI, VIT (Vellore), Nasscom, CII, BCCI, ICAI, ISACA, FICCI, CeBIT, US High Commission (Kolkata), etc. He has taken part in several Television shows on ABP, ETV, NDTV, AajTak, Times Now, etc. In 2005, Sandeep founded the online community "Hackers Library"; which had 80,000+ members, making it the largest Indian online forum for cyber-security professionals at its time. Mr. Sengupta is the committee member at Nasscom (East) & CII ICT-East.
A Penetration Tester with 6 years of experience, Kirit has the expertise in Mobile Application Pentesting Network, IoT Penetration Testing, Source-code review, Fuzzing, Red teaming, Social Engineering, Digital Forensic and Incident Response, Dev(Sec)Ops, Malware Analysis as well as SOC analysis. He has been acknowledged for reporting critical vulnerabilities to Uber, Apple, Flipkart, and MIT. Mr. Kirit Sankar Gupta is the member of Data Security Council of India (Kolkata).
Mr. Saumitra Biswas is M.Tech in computer science from Netaji Subhash Engineering College, GATE qualified in computer science and a MSC in statistics from Kalyani University. He has 20 years of experience. His technical interests include Machine Learning, Neural Networks, Genetic Algorithms and Object Oriented Programming. He is skilled in C, C++, C#, Dotnet, Java, Python, Matlab, Unix, MS Windows XP, Windows 7, My SQL, Oracle, MS Access, HTML, XML, CSS and PHP. He take classes on AI & ML in ISOAH, as well as act as mentors to interns & project trainees.
After completion of her Master degree, she has worked with ISOAH as an intern for few years before joining full time as security analyst. She has been involved in internal audit, policy design, ISMS consultancy for more than 2 years. She is well versed in Kali Linux, Nmap, Metasploit, ITGC, ISO 27001 & COBIT framework. ISOAH clients she has provided active consultancy are CESC, Diadem, Lexplosion, Diamond Beverages, etc. As part of her hobby, she has been a professional model in her free time.
Ratings & Reviews
Course: CEH
Batch: 2022-24
My name is Lakpa Sangay Yolmo, and I am currently in the final semester of the Advanced Diploma in Cybersecurity program. I grew up in Darjeeling, specifically in Ghoom Jorebunglow. After completing my graduation, I began looking for a place to deepen my knowledge of cybersecurity. I came across ISOEH in Siliguri, which is conveniently close to my hometown. At ISOEH, I received guidance from outstanding mentors who taught me about hacking and practical scenarios, giving me a thorough understanding of what hacking involves. The experience of becoming a successful Certified Ethical Hacker (CEH) and training at ISOEH have significantly advanced my cybersecurity career.
Course: CEH
Batch: 2022-24
My name is Nissim Tamang, and I am currently enrolled in the Advanced Diploma in Cyber-Security. I am in my last semester of the diploma. I am from Kurseong but I was raised in Nepal, Kathmandu. After completing class 10+2 I was wondering where I would be able to learn about cyber-security and I found out about ISOEH which was located in Siliguri, near my home town. ISOEH provided me with the best mentors to learn about hacking and real-life scenarios to learn about what hacking really meant. It has been quite a great opportunity which has been provided by ISOEH and a boost up in my cybersecurity career as a Certified Ethical Hacker (CEH) as well.
Course: CEH
It is quite true to say that I was a student of English (Hons) before when I came to know about this course which made me feel so interested and alluring. Throughout the journey of CEH (Ethical Hacking) at the Indian School of Ethical Hacking, I would like to say that my respected mentors and fellow mates at this institute helped me a lot in chasing my goal and provided me a widespread information about technology which was the sole reason of cracked such a very tough and hard global CEH exam. Thank you very much to ISOEH for all of my endeavours.
Course: CEH
I am profoundly grateful for my decision to join ISOEH. I have gained invaluable knowledge and embarked on an exciting journey with ISOEH. To all those in the Cybersecurity and IT fields, I wholeheartedly recommend joining ISOEH without hesitation. I am confident that you will not regret it.
Course: CEH v10
One of the finest institutes for industrial training in Kolkata. Got an opportunity to learn Ethical Hacking from amazing teachers. Special thanks to Mr. Samyajit Mukherjee for introducing and guiding me through this course.
Course: CEH v10
One of the best institutions for learning ethical hacking in west bengal Saumyajit nody mukharjee a very helpful person, helps during the time of admission and during many times.
Date: 19.07.2019
Course: CEH v10
Trainers are very friendly and co-operative. Environment is healthy and the course is project based so it is very interesting to learn Topics covered are relevant to our works.
A Comprehensive Guide to the New CEHv12 Learning Framework: Learn, Certify, Engage & Compete
A Guide to CEHv12 - Phase 1 Learning Framework: Learn
A Guide to CEHv12 - Phase 2 Learning Framework: Certify
A Guide to CEHv12 Engage - Phase 3 Learning Framework: Engage
A Guide to CEHv12 - Phase 4 Learning Framework: Compete
Why People Love C|EH
Job Prospects & Job Sources
The CEH v12 course opens up numerous career advancement opportunities, it helps to prepare you for different roles in infosec domain like computer network defence analyst, infrastructure support, infosec incident responder, infosec auditor, intrusion analyst, security manager, and other related high-profile roles.
The following are the career prospects of CEH enumerated.
Cyber security is a blooming field
Cyber security is a blooming field with excellent potential in the IT market, and is a very important aspect of any company.
The rising demands for cyber security
The demands for cyber security is rising exponentially both in Indian market as well as abroad.
United States faced a shortfall of cyber security professionals
According to Cyber Seek, an initiative funded by the National Initiative for Cyber Security Education (NICE), the United States faced a shortfall of almost 314,000 cyber security professionals as of January 2019. Same can be said for India as well.
Course designed for cybercrime department or any Government organization
This course is not only for IT sector but also for professionals who are in the cybercrime department or any Government organization dealing with cybercrimes, espionage or cyber security as a whole.
According to NASSCOM India requires 77,000 ethical hackers
As according to a study by NASSCOM India requires 77,000 ethical hackers every year out of which the job market can only provide 15000. The demand being way more than the supply Ethical Hacking is one of the most sought after and promising professions at the moment.
Common Job Roles for C|EH
| Mid-Level Information Security Auditor | Cybersecurity Auditor |
| Security Administrator | IT Security Administrator |
| Cyber Defense Analyst | Vulnerability Assessment Analyst |
| Warning Analyst | Information Security Analyst 1 |
| Security Analyst L1 | Infosec Security Administrator |
| Cybersecurity Analyst level 1, level 2, & level 3 | Network Security Engineer |
| SOC Security Analyst | Security Analyst |
| Network Engineer | Information Security Analyst 1 |
| Senior Security Consultant | Information Security Manager |
| Senior SOC Analyst | Solution Architect |
| Cybersecurity Consultant |
Average earning of a Certified Ethical Hacker
Financially also this profession is paying and secure enough. In India on an average a certified ethical hacker earns an average salary of Rs 367,249 per year which increases with experience cumulatively upto more than 15 lakh per year.
| Designation | Salary in Rs. |
|---|---|
| Security Analyst | 3.7 lakhs |
| Information Security Analyst | 4.3 lakhs |
| Certified Ethical Hacker (CEH) | 3.5 lakhs |
| Security Consultant (Computing / Networking / Information Technology) | 5.5 lakhs |
| Information Security Manager | 12 lakhs |
| Experience | Salary in Rs. |
|---|---|
| Less than 1 year | 3 lakhs |
| 1-4 years | 3.8 lakhs |
| 5-9 years | 7.7 lakhs |
| 10-19 years | 5.5 lakhs |
| 20 years and more | 14.4 lakhs |
| Employers | Salary in Rs. |
|---|---|
| Tata Consultancy Services Limited | 1.5 to 9 lakhs |
| Wipro Technologies Limited | 2.5 to 14.5 lakhs |
| International Business Machines (IBM) Corp. | 3 to 6 lakhs |
| EY (Ernst & Young) | 2.4 to 6 lakhs |
| HCL Technologies Ltd. | 2 to 7 lakhs |
FAQs
C|EH v12 Program
CEH is a great place to start your career in Cyber Security, but you are required to have some requisite knowledge before getting into CEH. It’s recommended you have a minimum of 2 Years IT Security experience before attempting the C|EH. If you do not have the above knowledge, please complete our "INDUSTRY READY" Courses to be eligible -
Industry Ready C Programming
Industry Ready Data Structure
Industry Ready RDBMS
Certified Ethical Hackers are hired by organization’s either on contract or as full-time employees to help improve the organizations security posture. C|EH is a required baseline certification for many different job roles, but the function of ethical hacking itself involves a methodical practice of identifying, evaluating, testing, and reporting on vulnerabilities in an organization. Ethical Hacking is a broad practice that covers many different technologies, but by systematically applying the methodologies taught in the C|EH program, ethical hackers can evaluate nearly any application or infrastructure they are tasked with, identify potential vulnerabilities, and provide recommendations on how those vulnerabilities can be remediated. In the case of military organizations, ethical hackers are highly trained in offensive and defensive activities and possess the critical skill sets and tactics to evaluate target systems and defend their own organization’s assets in real time.
While this is very much a personal decision for most, holding a C|EH certification communicates to your potential or current employer that you possess the baseline knowledge and skills to be an effective and productive member of the security team. The field of cybersecurity is rapidly growing with projected Job opportunity growth of 33%, according to U.S. Department of Labor, globally there is an insufficient supply of qualified people creating amazing opportunities for Certified Ethical Hackers in nearly every industry.
We know not all certifications are created equal, and deciding to get certified is an investment for you in both time and money. For over 20 years, EC-Council has worked to build the best Ethical Hacking Certification on the market, the Certified Ethical Hacker. As a certification body, we ensure the topics covered in our examinations as well as the training that prepares you directly relates to the job roles and skills employers need. Our ANSI 17024 accredited examination goes through rigorous job task analysis, careful curation of exam domains, extensive work to build world-class training and hands-on components to provide candidates with an intensive hands-on experience throughout the program. C|EH is recognized by various governments around the world including the United States Department of Defense, GCHQ in the UK, and various others. EC-Council employs full-time content teams that work all year long on program design and maintenance ensuring each C|EH student receives the most up to date, relevant information as they pursue the certification. Currently on Version 12, C|EH version releases are paced every 12-18 months, depending on major trends in the market, new tools, vulnerabilities, operating systems, and much more.
Considering the global need and lack of qualified talent in the workforce, cybersecurity professionals are paid exceptionally well in most cases. As of August 2022, a simple search in Salary.com for United States based positions show that Certified Ethical Hackers make an average of $103,866 per year, with the 90th percentile earning above $130,000. Experience, education levels, and other certifications provide even more value in most cases, but it is common to see starting salaries for Ethical Hackers that stretch well into six figures. We recommend searching your local job boards, viewing local salary information, and talking to potential employers to assess your own value in the market. C|EH has been ranked in the top 5 highest paid cybersecurity certifications for the last 10 years and continues to grow worldwide.
Currently in its 12th version, C|EH is a very well-known certification in the cybersecurity space. A simple search for global job ads on LinkedIn (as of August 2022) shows over 32,000 available jobs requesting candidates with a C|EH Certification representing over 72% market share in job ads placed by employers combined across Career Builder, LinkedIn, Dice, Indeed, Monster, and Naukri, while being compared to other certifications like SANS GPEN, OSCP, and Pentest+.
Like the question above, is C|EH a popular certification, C|EH is the most in demand cybersecurity certification globally representing the majority share of job ads requesting certified candidates. C|EH is also recognized as a baseline certification by the United States Department of Defense for its cyber workforce. C|EH is also the backend content for over 1,200 colleges and universities across the globe running computer Science and cybersecurity degree programs.
Knowledge, skills, opportunity, respect, proof… These are all words that circle the C|EH for many of our certified members. The knowledge and Skills attained through the program are second to none covering the widest possible set of domains in cybersecurity, while the Certification itself shows employers you are qualified for the job and serious about proving it. Holding Industry recognized, ANSI accredited Certifications proves to your current or prospective employer that a third party (EC-Council) has evaluated your knowledge and skills and conferred a certification to you based on your accomplishments in the program. C|EH opens many doors as the practice of Ethical Hacking serves as the backbone to a variety of specialized roles in cybersecurity. With very reasonably priced training and certification, available globally, C|EH is a small, short-term investment of your time and money with the potential of a lifetime of high-value returns.
Certification Questions
The C|EH Exam is an ANSI 17024 exam which means it goes through extensive external validation to ensure the examination itself is fair for the knowledge and experience level of our certification challengers. With the recommendation of 2 years’ experience in IT Security or 0fficial training, candidates attempting the exam need to possess strong knowledge in computing systems, networks, and a variety of other IT topics. The examination itself uses Cut-Scores to determine pass/fail results and cut scores are carefully set by psychometricians who regularly evaluate test question performance and average pass/fail results throughout the life of the program. Reviews from our certification members with limited experience or background have rated our exam as difficult, while more seasoned IT and IT security professionals rate the exam as moderately challenging even after official training. You may review the exam domains and the exam blueprint here to learn more: https://cert.eccouncil.org/certified-ethical-hacker.html
- Attend official training through our online learning provided by iClass, through an Authorized Training Center (ATC) located in 140+ countries around the world, or at a college or university that is also an official EC-Council Academia Partner. All candidates attending official training at an official EC-Council partner if deemed eligible to attend the training will have direct access to the examination which can be proctored at the training center, online using EC-Council’s remote proctoring service, or at over 4,500 VUE testing centers across the world.
- Eligibility Application – If you possess the experience and don’t feel training is necessary in the domains of the exam, you may wish to skip the training and go straight to challenging the exam. If you do not attend official training, you will need to apply for exam eligibility here: https://cert.eccouncil.org/application-process-eligibility.html. After the application is processed and approved, EC-Council will work directly with you to determine the best delivery method for the exam, and you may then challenge the 4-hour certification exam as scheduled.
While EC-Council doesn’t publish pass rates for the exam, typical pass rates globally range from 60%-80%. We offer a variety of test preparation materials and official training to help you ensure you are ready to challenge the exam when the time comes.
Yes, candidates who wish to bypass the official training and jump straight to the exam may apply for eligibility. If eligibility is granted, you may directly challenge the examination. See “How do I get certified?” in the FAQ above for the eligibility guidelines and application process.
While we recognize there are some great resources on YouTube, many informative and entertaining topics are available there, EC-Council does not publish its official training on YouTube, nor do our authorized partners. There are many self-published videos that claim to prepare you for the C|EH Exam, and while they may provide valuable information, these are not a substitute for Official C|EH Training and will not be accepted as a method of study when it comes to applying for exam eligibility.
The most common path students take to prepare for C|EH is official training. The certified EC-Council instructors utilize official EC-Council training materials carefully designed to take you through the various domains covered on the certification exam. Accompanying the training materials, C|EH also includes over 50% hands-on activities in a live Cyber Range where you will practice and apply the knowledge and skills learned in the course against live virtual systems in the controlled environment. Students also receive official exam Prep test banks where you can practice with mock exam questions broken up by domain to assess your level of readiness for the certification. We strongly recommend utilizing these resources to prepare, however if you choose the direct eligibility route, review the domains covered in the exam and the exam blueprint, based on your own knowledge and experience levels, you can self-assess your competency in each area and decide if you are ready to attempt the exam. Students in official C|EH training from V12 on receive free retakes based on the package they enroll into, and retake exams are available for others if required for a fee.
EC-Council’s official exam retake policy is available here: https://cert.eccouncil.org/exam-retake-policy.html
The CEH exam is a 4-hour, scenario-based examination with multiple choice questions. Each question is carefully weighted to the domain and objective and carries its own cut score. The C|EH exam itself has multiple exam forms that rotate along with rotating questions in each exam form. Because the questions and forms rotate, each exam has a cumulative cut score that is calculated as the aggregate of all question cut scores. This rotation creates multiple variations of passing scores based on the exam form you receive; typical passing cut scores range from 65% to 80% providing the most equitable and fair approach to exam performance per ANSI 17024 testing standards. Cut Scores and your achieved score will be shown on your exam transcript available immediately after completing the examination.
Yes, all legitimate professional certifications have a recertification and maintenance process. The requirements are published under our EC-Council Continuing Education (ECE) Policy available here: https://cert.eccouncil.org/ece-policy.html
Depending on which program you are in, your options may vary, but we are here to help! If you are studying through EC-Council University, simply login to your myeccu account and connect with your counselor. If you are studying at an EC-Council Academia Partner, speak with your professor and ask if the university has included certification in the student resources, if not, you can write to [email protected] and connect directly with our student services team.
C|EH v12 Training
The total time it takes to become a C|EH can vary by student, but the typical answer is 5 days. C|EH official training is structured as 5-day Bootcamp style training with testing typically delivered at the end of the 5th day as a 4-hour exam. Students who follow an on-demand or self-paced course through iClass or decide to defer their testing date may take longer to achieve certification.
The C|EH program and C|EH exam cover a variety of topics that center around the Tactics and Procedures required to be a tactical cybersecurity professional. Focusing on the entire kill-chain process, C|EH covers a variety of topics from foot printing and reconnaissance, to scanning, gaining access, maintaining access, and covering your tracks. This 5-phase ethical hacking process applies to a variety of scenarios including traditional on-premises networks, cloud, hybrid, IoT systems, and stretches across a variety of topologies and application environments. Students will learn a variety of tools and techniques across this evaluation process as well as how hackers will utilize the same TTPs to hack into organizations.
There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them. (Example: C|EH will teach the process of host evaluation leading to enumeration, in this process trainees will scan downrange targets using common scanning techniques such as Nmap which will respond with a list of ports, enumerating those ports and the services running on them can be used to expose common vulnerabilities and weaknesses in systems. The C|EH program will not teach you what a port is, that is essential knowledge you must have to be successful in the class.) If you do not possess the foundational skills in IT and Networking, we recommend starting with our "INDUSTRY READY" Courses to be eligible -
Industry Ready C Programming
Industry Ready Data Structure
Industry Ready RDBMS
Students attending official training for C|EH, either through our online division iClass, or in person at an authorize training center will receive the most comprehensive ethical hacking program on the market. The training resources stretch well beyond what you may be used to in a typical bootcamp style course as C|EH not only supports you in the training program but also supports you after training and well into your career as a C|EH. Our new framework in C|EH, Learn, Certify, Engage, Compete provides you with all the courseware, documentation, cheat sheets, and hands-on labs hosted in our Cyber Range to complete the 5 days of training. Students also receive exam vouchers to attempt the certification exam and free retakes in the event you aren’t successful on your first attempt. To help prepare you for the exam, you will also receive exam prep where you can practice in a mock exam environment. Supporting you post certification; we have designed our Engage practice range with a mock organization where you will take place (on your own time and at your own pace) in a complete ethical hacking engagement. Starting with your initial scanning and recon exercise, you will foot print the target network, identify vulnerabilities and follow the entire process learned in C|EH as you assess the target organization, leading all the way up to full exploitation of the targets where you will hack into web servers, IoT devices, as well as IT and OT systems. After you complete your first engagement against the target organization, you will move onto Compete, where you can take part in monthly Global Hacking Competitions available exclusively to Certified Ethical Hackers. With new competition scenarios each month, you will be able to test your skills in malware analysis and ransomware, SCADA, and ICS environments as you hack your way into a Power Grid System or potentially take over a water treatment facility, Hack into Web Applications as we focus on web server vulnerabilities, and much more. To further support your continuous learning and skill development, Students of the Official C|EH training program also receive our curated Ethical Hacking Video Libraries through CodeRed where you will have access to focused titles, 2 to 4 hour courses delivered online in topics like Python for Pen testers, Opensource intelligence, Wireshark for Ethical Hackers, Ethical Hacking with Nmap, Windows Penetration Testing Essentials, Next Gen Firewalls, Applied Secure Smart City, Burp Suite: Web App Pen Testing, and more. The C|EH training program was designed to support you as you learn the ethical hacking practice, provide you with hands-on labs and challenges, expose you to your first ethical hacking engagement, hone your skills through competition, and support your continuous learning with specially curated titles directly related to the ethical hacking space.
Yes! Every concept taught in C|EH is backed up by hands on labs hosted in our Cyber Range. The training itself is divided roughly 50/50 into lecture & discussion (50%) and hands-on labs (50%). Additional hands-on practice is available in our labs with objective based CTF style flags to challenge your critical thinking and applied knowledge, then reinforced with our practice range, followed by 12 months of live competitions all executed in our Cyber Range 100% hands-on and applied. We believe strongly you can’t really learn to hack by reading a book, you must practice, if you are considering C|EH, roll your sleeves up and get ready for an intensive hands-on program where you will practice and hone your trade craft as an ethical hacker!
Like the question above “What does CEH Cover” Security professionals attending this program will learn the professional practice of ethical hacking. You will get hands-on with the Cyber Kill chain, you will learn how to evaluate target systems for vulnerabilities, misconfiguration and weaknesses, you’ll learn how to find the weakest link in an organization through concepts like social engineering, most of all, you will learn how hackers operate, what tactics they use, and how to apply those tactics in a professional setting to identify weaknesses in your organization and apply remediation strategies before your organization becomes the next victim of a cyberattack or breach.
Batches
Weekend Batches for Kolkata Center:
Dec, 2024
Dec, 2024
Feb, 2025
Select Your Course Kit
While all C|EH course kits have complete access to eCourseware and include an exam voucher, a few additional features and learning materials can be added to build deeper expertise and gain practical experience. This means that there is a C|EH package to suit everyone’s learning requirements.
Learn, Certify, Engage & Compete
eCourseware
Exam Voucher*
Next Version of eCourseware
6 Months of Official Labs
C|EH Engage
Global C|EH Challenges
Exam Preparation
C|EH Practical Exam
Ethical Hacking Video Library
10
Exam Retakes**
5
Rs. 64,500/-
+ 18% GST
Learn, Certify
eCourseware
Exam Voucher*
Next Version of eCourseware
6 Months of Official Labs
C|EH Engage
Global C|EH Challenges
Exam Preparation
C|EH Practical Exam
Ethical Hacking Video Library
Exam Retakes**
Rs. 39,500/-
+ 18% GST
*Exam Vouchers: New to C|EH, EC-Council now includes a free retake voucher for EVERY courseware package: 1 exam retake for standard C|EH courseware, 3 retakes for C|EH Pro, and unlimited retakes for C|EH Elite. Candidates may activate this benefit through the EC-Council student portal (ASPEN).
**Exam Retakes: This benefit provides candidates with the respective exam voucher on the ECC EXAM portal but excludes proctor administration fees which will apply for each attempt of the examination. Applicable to CEH Exam only. Please contact your training provider for details.
#Maximum 4 exam retakes allowed per year as per exam policy.
Member of:
