Certified Ethical Hacker Training Boot Camp

Learn about the ethical hacking tools, techniques and methodologies used security professionals to conduct a penetration test against an organization — and leave fully prepared to earn your Certified Ethical Hacker (CEH) certification on your first attempt.

4.7
(8,755 ratings)
Updated May 2020
93% exam pass rate

Earn your CEH, guaranteed!

  • Exam Pass Guarantee (live online)
  • 100% Satisfaction Guarantee
  • CEH exam voucher
  • Unlimited CEH practice exam attempts
  • Five days live, expert CEH instruction (live online or in-person)
  • Penetration Testing Cyber Range
  • Immediate access to Infosec Skills — including a bonus boot camp prep course — from the minute you enroll to 90 days after your boot camp
  • 90-day access to all boot camp video replays and materials
  • Learn by doing with 100s of additional hands-on courses and labs, including web app pentesting, cloud pentesting and red team operations
  • 90-day access to all boot camp video replays and materials
  • Knowledge Transfer Guarantee

What you'll learn

  • Penetration testing methodologies
  • Stealthy network recon
  • Passive traffic identification
  • Remote root vulnerability exploitation
  • Privilege escalation hacking
  • IPv6 Vulnerabilities
  • Remote access trojan hacking
  • Running shellcode in RAM vs. on disk
  • Wireless insecurity
  • Breaking IP-based ACLs via spoofing
  • Abusing Windows Named Pipes for Domain Impersonation
  • Evidence removal and anti-forensics
  • Attacking network infrastructure devices
  • Hacking by brute forcing remotely
  • Hiding exploit payloads in jpeg and gif image files
  • Hacking Web Applications
  • Breaking into databases with SQL Injection
  • Cross Site Scripting hacking
  • Hacking into Cisco routers
  • Justifying a penetration test to management & customers
  • CEH/PenTest+ review
  • Defensive techniques

Training overview

This boot camp teaches you the knowledge you need to earn your Certified Ethical Hacker (CEH) certification and builds hands-on penetration testing skills you can apply directly to a current or future job role. You’ll master a repeatable, documentable penetration testing methodology that can be used in any pentesting or ethical hacking situation.

Learn by doing in the Penetration Testing Cyber Range

Some of the hands-on labs you’ll perform during your training include:

  • Abusing DNS for host identification
  • Leaking system information from Unix and Windows
  • Windows DNS cache poisoning attacks
  • Unix, Windows and Cisco password cracking
  • Remote buffer overflow exploit lab – heap vs. stack overflows
  • Attacking Kerberos pre-auth hashes
  • Spoofing endpoints of communication tunnels
  • Impersonation of other users – hijacking kernel tokens
  • Attacking RDP (Remote Desktop Protocol)
  • Remote keylogging
  • Data mining authentication information from clear-text protocols
  • Sniffing and hijacking SSL encrypted sessions
  • Breaking wireless security via hacking
  • Malicious event log editing
  • Client-side browser exploits
  • Tunneling through IPSec VPNs by abusing ESP
  • Data retrieval with SQL injection hacking

Who should attend

  • Junior penetration tester
  • Vulnerability assessment analyst
  • Cyber defense analyst
  • Information security analyst
  • SOC analyst
  • Security compliance analyst
  • Cybersecurity auditor
  • Network security engineer
  • Cybersecurity consultant
  • Anyone looking to learn ethical hacking skills

Prerequsites

  • A general understanding of operating systems, including exposure to Linux or Unix-based systems
  • General knowledge of TCP/IP protocols
  • A desire to learn about the ethical side of hacking and network security

Meets 8570.1 requirements

The Certified Ethical Hacker (CEH) helps meet U.S. Department of Defense Directive 8570.1 certification requirements for department employees or contractors engaged in work related to information assurance and security. The CEH is as an approved baseline certification for CCSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder and CSSP Auditor.

Get training resources sent to your inbox

Infosec Skills boot camp

  • Exam Pass Guarantee
  • 100% Satisfaction Guarantee
  • Certified Ethical Hacker (CEH) exam voucher
  • 5 days live, expert instruction (live online or in-person)
  • CEH Boot Camp prep course
  • 90-day access to recordings of daily lessons
  • 100s of additional hands-on courses and labs
  • Knowledge Transfer Guarantee

Infosec Skills

  • On-demand CEH training
  • Penetration Testing Cyber Range
  • 600+ practice exam questions & unlimited practice exam attempts
  • 80+ role-based learning paths (Ethical Hacking, Threat Hunting, etc.)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Skill assessments
  • Infosec peer community support
  • 1,000s of CPE opportunities

Exam Pass Guarantee

We guarantee you’ll pass your exam on the first attempt. Learn more.

Certified Ethical Hacker training schedule

Infosec’s Certified Ethical Hacker (CEH) training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

  • Before your boot camp
    • Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth CEH prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

  • During your boot camp
    • This boot camp covers all the objectives outlined in the latest version of the Certified Ethical Hacker exam, including:

      Background

      • Network and communication technologies
        • Networking technologies (e.g., hardware, infrastructure)
        • Web technologies (e.g., web 2.0, skype)
        • Systems technologies
        • Communication protocols
        • Telecommunication technologies
        • Mobile technologies (e.g., smartphones)
        • Wireless terminologies
        • Cloud computing
        • Cloud deployment models
      • Information security threats and attack vectors
        • Malware (e.g., Trojan, virus, backdoor, worms)
        • Malware operations
        • Information security threats and attack vectors
        • Attacks on a system (e.g., DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
        • Botnet
        • Cloud computing threats and attacks
        • Mobile platform attack vectors
        • Cryptography attack
      • Information security technologies
        • Information security elements
        • Information security management (e.g. IA, defense-in-depth, incident management)
        • Security trends
        • Hacking and ethical hacking
        • Vulnerability assessment and penetration testing
        • Cryptography
        • Encryption algorithms
        • Wireless encryption
        • Bring your own device (BYOD)
        • Backups and archiving (e.g., local, network)
        • IDS, firewalls and honeypots

      Analysis/assessment

      • Information security assessment and analysis
        • Data analysis
        • Systems analysis
        • Risk assessments
        • Vulnerability assessment and penetration testing
        • Technical assessment methods
        • Network sniffing
        • Malware analysis
      • Information security assessment process
        • Footprinting
        • Scanning (e.g., Port scanning, banner grabbing, vulnerability scanning, network discovery, proxy chaining, IP spoofing)
        • Enumeration
        • System hacking (e.g., password cracking, privilege escalation, executing applications, hiding files, covering tracks)

      Security

      • Information security controls
        • Systems security controls
        • Application/file server
        • IDS
        • Firewalls
        • Cryptography
        • Disk encryption
        • Network security
        • Physical security
        • Threat modeling
        • Biometrics
        • Wireless access technology (e.g., networking, RFID, Bluetooth)
        • Trusted networks
        • Privacy/confidentiality (with regard to engagement)
      • Information security attack detection
        • Security policy implications
        • Vulnerability detection
        • IP Spoofing detection
        • Verification procedures (e.g., false positive/negative validation)
        • Social engineering (human factors manipulation)
        • Vulnerability scanning
        • Malware detection
        • Sniffer detection
        • DoS and DDoS detection
        • Detect and block rogue AP
        • Evading IDS (e.g., evasion, fragmentation)
        • Evading firewall (e.g., firewalking, tunneling)
        • Honeypot detection
        • Steganalysis
      • Information security attack prevention
        • Defend against webserver attacks
        • Patch management
        • Encoding schemes for web application
        • Defend against web application attacks
        • Defend against SQL injection attacks
        • Defend against wireless and Bluetooth attacks
        • Mobile platforms security
        • Mobile device management (MDM)
        • BYOD security
        • Cloud computing security

      Tools/systems/programs

      • Information security systems
        • Network/host based intrusion
        • Boundary protection appliances
        • Access control mechanisms (e.g., smart cards)
        • Cryptography techniques (e.g., IPSec, SSL, PGP)
        • Domain name system (DNS)
        • Network topologies
        • Subnetting
        • Routers/modems/switches
        • Security models
        • Database structures
      • Information security programs
        • Operating environments (e.g., Linux, Windows, Mac)
        • Anti-malware systems and programs (e.g., anti-keylogger, anti-spyware, anti-rootkit, anti-trojan, anti-virus)
        • Wireless IPS deployment
        • Programming languages (e.g. C++, Java, C#, C)
        • Scripting languages (e.g., PHP, Javascript)
      • Information security tools
        • Network/wireless sniffers (e.g., Wireshark, Airsnort)
        • Port scanning tools (e.g., Nmap, Hping)
        • Vulnerability scanner (e.g., Nessus, Qualys, Retina)
        • Vulnerability management and protection systems (e.g., Founds tone, Ecora)
        • Log analysis tools
        • Exploitation tools
        • Footprinting tools (e.g., Maltego, FOCA, Recon-ng)
        • Network discovery tools (e.g., Network Topology Mapper)
        • Enumeration tools (e.g., SuperScan, Hyena, NetScanTools Pro)
        • Steganography detection tools
        • Malware detection tools
        • DoS/DDoS protection tools
        • Patch management tool (e.g., MBSA)
        • Webserver security tools
        • Web application security tools (e.g., Acunetix WVS)
        • Web application firewall (e.g., dotDefender)
        • SQL injection detection tools (e.g., IBM Security AppScan)
        • Wireless and Bluetooth security tools
        • Android, iOS, Windows Phone OS, and BlackBerry device security tools
        • MDM solutions
        • Mobile protection tools
        • Intrusion detection tools (e.g., Snort)
        • Hardware and software firewalls (e.g., Comodo Firewall)
        • Honeypot tools (e.g., KFSenser)
        • IDS/firewall evasion tools (e.g., Traffic IQ Professional)
        • Packet fragment generators
        • Honeypot detection tools
        • Cloud security tools (e.g., Core CloudInspect)
        • Cryptography tools (e.g., Advanced Encryption Package)
        • Cryptography toolkit (e.g., OpenSSL)
        • Disk encryption tools
        • Cryptanalysis tool (e.g., CrypTool)

      Procedures/methodology

      • Information security procedures
        • Cryptography
        • Public key infrastructure (PKI)
        • Digital signature and Pretty Good Privacy (PGP)
        • Security architecture (SA)
        • Service oriented architecture
        • Information security incident
        • N-tier application design
        • TCP/IP networking (e.g., network routing)
        • Security testing methodology
      • Information security assessment methodologies
        • Web server attack methodology
        • Web application hacking methodology
        • SQL injection methodology and evasion techniques
        • SQL injection evasion techniques
        • Wireless and Bluetooth hacking methodology
        • Mobile platform (Android, iOS, Windows Phone OS, and BlackBerry) hacking methodology
        • Mobile rooting and jailbreaking

      Regulation/policy

      • Information security policies/laws/acts
        • Security policies
        • Compliance regulations (e.g., PCI-DSS, SOX)

      Ethics

      • Ethics of information security
        • Professional code of conduct
        • Appropriateness of hacking
  • After your boot camp
    • Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your CEH exam, get a head start on your next certification goal or start earning CPEs.

Free CEH training resources

How to become a penetration tester

It’s been a while since we’ve talked penetration testing and offense-oriented network security on the show, and I know some of you have been asking for it, so today’s your lucky day!

On the show we have Dr. Wesley McGrew, the director of Cyber Operations for HORNE Cyber. We’re going to talk about going on the offense as a good defense, the current state of pentesting and the raw work of reverse engineering malicious software and vulnerability testing. If you’re looking for the type of job that gets you out on the cybersecurity battlefield and fighting the bad guys, you’re going to want to give this episode your undivided attention!

Wesley McGrew is the author of penetration testing and forensic tools used by many practitioners. He is a frequent presenter at DEF CON and Black Hat USA. At the National Forensics Training Center, he provided digital forensics training to law enforcement and wounded veterans. As an adjunct professor he designed a course he teaches on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. This effort was undertaken as part of earning National Security Agency CAE Cyber Ops certification for the university. He has presented his work on critical infrastructure security to the DHS joint working group on industrial control systems. Wesley earned his Ph.D. in computer science at Mississippi State University for his research in vulnerability analysis of SCADA HMI systems used in national critical infrastructure. He served as a research professor in MSU’s Department of Computer Science & Engineering and Distributed Analytics and Security Institute.

Listen Now

Frequently asked questions

  • What’s the value in earning an ethical hacking certification?
    • Earning the CEH certification is a definitive way of proving your knowledge and skill to employers and others within the industry. Beyond this, the CEH provides you with the skills and techniques required to identify and prevent system weaknesses and vulnerabilities.

  • What are the pre-requirements for earning the CEH?
    • While there are no hard requirements to sit for the CEH exam, a strong familiarity with the windows operating system and networking concepts (TCP/IP Protocol) is suggested. It’s also recommended that students know at least one programming language.

  • What career opportunities are available to CEH Boot Camp graduates? What’s the job outlook like for CEH professionals?
    • If you want to break into the cybersecurity industry, earning an ethical hacking certification can help you land a great job. The CEH certification is a common prerequisite for security-related job roles, particularly those related to penetration testing and social engineering. Certified professionals typically earn more than non-certified individuals, and you can use your CEH certificate as a bargaining chip when negotiating with employers for a higher salary.

  • How does the CEH examination process work?
    • The CEH exam consists of 125 multiple-choice questions that you must complete within a four-hour duration. You need to score at least a 70% on the exam (88 correct answers) in order to pass. The test can be administered through an ECC test center, a ProctorU testing center, or a Pearson VUE testing center.

  • How has the ethical hacking industry grown in recent years? Has the need for ethical hacking skills changed in the last five or 10 years?
    • The ethical hacking industry has grown by leaps and bounds over the past decade, with no signs of changing pace. As computer technology becomes increasingly complex, the need for white-hat hackers to protect sensitive corporate data will grow along with it. The changing landscape and increasing shift towards mobile computing has introduced a plethora of new vulnerabilities, increasing the demand for qualified penetration testers and ethical hackers.

  • What does this ethical hacking course offer that other certification prep classes do not?
    • Infosec’s CEH training provides the highest certification pass rate in the industry—93%! If you choose to take the course live online, you will also receive our Exam Pass Guarantee, meaning that if you fail the exam on your first attempt, we’ll pay for your second FREE.

  • How long is the CEH certification good for after you pass the test?
    • The EC-Council Continuing Education (ECE) policy states that EC-Council certifications are valid for three years from the date of receiving your CEH certification.

  • What are the renewal requirements for the CEH?
    • During the three-year period of your certification, you must participate in the EC-Council Continuing Education (ECE) Program to remain certified. After those three years are up, if you meet the ECE Program requirements, your certification validity will be extended for another three years.

  • Why is the Ethical Hacking Boot Camp a necessary addition to the other popular certification programs?
    • The CEH certification immerses you in the world of ethical hacking and penetration testing, teaching the skills needed to put you at the top of the field. The CEH dives deep into subject matter that other security certifications, such as the Security+ and CISSP, only cover at a high level.

  • What job titles are most common for people who hold the EC-Council CEH certification?
    • The need for ethical hackers has increased dramatically in recent years. Common job roles include: penetration tester, network security administrator, forensic analyst, and computer network defense analyst, along with many more.