
Explore ethical hacking foundations with CEH version 11 and blueprints version 4.0. Master reconnaissance, scanning, enumeration, vulnerability analysis, system hacking, web application hacking, wireless, mobile, IoT, OT, cloud, and cryptography.
Explore EC-Council's CEH exam process, including three eligibility paths, exam policies, application fees, retake rules, and how ITPro TV training helps you prepare.
Explore the five elements of cybersecurity, confidentiality, integrity, availability, authenticity, and non repudiation, along with the CIA triad, iron triangle, encryption, and hashing concepts.
Explore why attackers act, from curiosity and bragging to money, disruption, hacktivism, politics, religion, and terrorism, and learn how motives shape cyberattack objectives.
Identify five attack classifications—passive, active, close-in, insider threats, and distribution—with examples like sniffing, denial-of-service, social engineering, and supply-chain attacks.
Explore information warfare, including C2 warfare, intelligent based warfare, electronic based warfare, psychological warfare, hacker warfare, and economic warfare.
Explore the cyber kill chain and its seven phases—recon, weaponization, delivery, exploitation, installation, command and control, and actions and objectives—and how they reveal attacker methods.
Identify common adversarial behaviors by threat actors to predict attacks and reinforce defenses. Explore internal recon, pivoting, PowerShell use, and web shells as core attack techniques.
Define ethical hacking and distinguish ethical hackers from malicious attackers, highlighting intent, scope, and the skills needed to defend systems ethically.
Identify, assess, treat, and track and review risks to keep them at an acceptable level; prioritize and mitigate based on severity and likelihood.
Threat modeling guides a systematized five-step process to identify security objectives, decompose systems, and assess threats and vulnerabilities using models like STRIDE, PASTA, and DREAD.
Define and manage security incidents through incident management, identifying, analyzing, prioritizing, and resolving them to restore normal operations, protect CIA, and involve HR, legal, IT security, and third parties.
Explore common cybersecurity laws, standards, and regulations, including PCI DSS, ISO/IEC 27001, HIPAA, SOX, DMCA, FISMA, GDPR, and the Data Protection Act, with compliance guidance.
Learn how Google dorks use advanced search operators to uncover sensitive information and potential vulnerabilities during the footprinting phase, empowering ethical hackers and pen testers to identify and report weaknesses.
Explore how Shodan, Censys, and Thingful help ethical hackers discover internet-connected devices, assess IoT exposure, and perform open-source intelligence gathering for footprinting.
Master geolocation reconnaissance for ethical hacking by mapping target surroundings, identifying entrances and exits, guards, and cameras, using Google Maps and Street View for pre-attack analysis.
Explore how social networking reconnaissance uses platforms to reveal an organization's logos, locations, technologies, emails, and personnel, and learn to use automated tools like the harvester for targeted information gathering.
Perform job board recon to uncover target details—job roles, contact info, locations, and tech stacks like PHP, Angular, SQL, and MongoDB—revealing potential attack surfaces for ethical hacking.
Explore how metadata reveals sensitive information about targets and learn to automate the process with meta goo fill, and inspect files using exif and strings for reconnaissance.
Explore how threat actors use email tracking to collect target data, including IP, OS, read receipts, and 1x1 pixel tracking, with tools like Email Tracker Pro.
Learn how ethical hackers perform public network footprinting by gathering information via ARIN RDAP queries, NS look up, and trace route to map internet facing assets and assess scope.
Explore social engineering techniques like eavesdropping, shoulder surfing, dumpster diving, and impersonation to gain sensitive information and test security controls.
Explores footprinting and recon countermeasures to protect organizations. Discusses security controls, policy and procedure, training, encryption, privacy, whois redaction, and caution with location services.
Explore custom word lists for ethical hacking, from standard dictionaries to tailored one-line-per-entry files. Learn how cewl builds targeted word lists using depth, minimum length, and link following.
Explore widely used footprinting and recon tools, including FOCA for metadata recon, OSINT with the ascent framework, and one-stop platforms like Maltego, Recon-ng, and Recon dog to map targets.
Learn three network scanning types—host discovery, port and service scanning, and vulnerability scanning—and how they reveal live hosts, open ports, services, and known vulnerabilities for ethical hacking.
Explore TCP communications, focusing on the six control flags—SYN, ACK, FIN, RST, PSH, URG—and the three-way handshake that establishes and terminates a connection.
Identify live hosts on a target network as the first stop in host discovery, mapping the attack surface with ICMP ping, ARP, UDP, and Nmap options.
Port scanning reveals open ports and the services on a live host, linking port and service concepts to networking fundamentals and guiding vulnerability discovery.
Explore the stealth scan, also known as the half-open or syn scan, which probes ports with tcp handshake. Note that it can bypass some firewall rules but requires administrative privileges.
Explore Nmap inverse tcp, Xmas, and Maimon scans to uncover open, closed, or filtered ports using fin, push, and urg flags; gain practical ceh insights.
Explore how to map firewall rules with an ACK scan using Nmap, including TTL-based and window-based variations to distinguish filtered, open, and closed ports.
Explore how the Nmap idle IPID scan uses a zombie and IPID increments to detect open ports by spoofing the target and observing responses.
Learn to perform SCTP scans with Nmap, focusing on INIT and COOKIE ECHO handshakes, recognizing open, closed, and filtered ports and interpreting INIT ACK and COOKIE ACK responses.
Learn to use nmap for IPv6 and version scans, enabling IPv6 with -6 and using -sV to reveal service names and versions on target ports.
Learn to optimize Nmap scans by reducing unnecessary checks, using host discovery decisions, port chunking, and timing adjustments to speed up scans while targeting only open ports.
Utilize nmap OS detection and port analysis to identify target operating systems, distinguishing Windows, Linux, and macOS. Apply obfuscation and turn off banners to hinder OS identification by attackers.
Master enumeration basics as a core hacking technique. Learn discovery, listing, and scanning methods to identify hosts, services, banners, and potential credentials.
Enumerate NetBIOS and SMB to map Windows file and printer shares, using nbstat, nbtscan, and nmap to reveal hosts, names, and open shares for assessment.
Explore how LDAP enumeration accesses Active Directory to reveal user attributes—names, addresses, departments, and contact details—through LDAP search tools and queries on port 389.
Learn how network time protocol keeps a unified time across devices, enabling accurate Kerberos authentication, and explore practical NTP enumeration using tools like Shodan, ntpdate, ntpd, and ntpdc.
Explore how NFS enables remote file access by mounting shared directories over port 2049, and learn to enumerate, mount, and review permissions using nmap, rpcinfo, and show mounts.
Identify weaknesses in systems through vulnerability assessments, and use CVSS 3.0 metrics, CVE, NVD, and CWE resources to prioritize and mitigate threats.
Explore vulnerability classifications and how misconfigurations, default credentials, open services, and design flaws drive risk. Learn how patches, the SDLC, and compensating controls mitigate threats through vulnerability assessments.
Explore vulnerability assessment models and tools, distinguishing product-based vs. service-based approaches, and examine popular scanners like Nessus and Greenbone, plus web, database, and mobile scanning strategies.
Learn the CEH hacking methodology and its goals, covering recon and footprinting, scanning, vulnerability assessment, system hacking, gaining access, privilege escalation, maintaining access, and clearing logs.
Explore Windows authentication methods, including SAM for local accounts, NTLM as domain backup, and Kerberos for domain login, detailing password hashes, challenge–response, KDC, and ticket-granting tickets with timestamps.
Explore password cracking from non-technical methods like shoulder surfing and social engineering to online active and offline attacks, using tools such as hydra, medusa, ocl hashcat, and john the ripper.
Explore how password hashes are extracted from Windows and Linux, then cracked with pW dump, FG dump, Mimi cats, John the ripper, and hashcat.
Explore techniques to speed up password cracking in ethical hacking, including combinator attacks, Prince, combining dictionaries, toggle-case, Markov chain, and tools like Hashcat and John the Ripper.
Explore what buffer overflows are, how memory spills and allows arbitrary code execution, and learn common exploitation tools like fuzzers, spikes, and debuggers, plus protections like dep and aslr.
Learn privilege escalation in ethical hacking, comparing vertical and horizontal paths and techniques such as dll hijacking, unquoted service paths, unattended installations, and exploit db usage for Windows and Lennox.
Learn how attackers maintain access after breaching a system, using executing applications, backdoors, remote access trojans, and root kits, while defenders patch systems and deploy antivirus.
Explore steganography by hiding data in the unused space of cover files like images and text, and perform steganalysis with tools such as steg snow and stag hide.
Learn how attackers cover tracks by disabling auditing, clearing logs, and targeting Windows, Linux, and restore points, while defenders use CIS logs and SIEMs to detect it.
Explore the differences between viruses and worms, including infection vectors and life-cycle stages, and examine common attack goals, symptoms, and types like ransomware and macro viruses.
Learn how fileless malware operates in memory, executing commands and injecting into processes without writing to disk, and explore its evidence-based and entry-point classifications, attack lifecycle, and evasion techniques.
Master malware analysis basics, including static and dynamic analysis, file hashes, VirusTotal, and live environments to discover and report IOCs and signatures.
Explore how the dynamic host configuration protocol (dhcp) assigns network information and demonstrate rogue dhcp attacks, including dns and gateway manipulation, and the risks of sniffing and man-in-the-middle threats.
Examine DNS poisoning techniques and DNS cache poisoning, including hosts file manipulation and rogue DNS servers. See how Bettercap and Ettercap enable DNS spoofing demonstrations.
Explore how identity theft works, from stolen IDs to impersonation driven by money. Identify methods used by thieves—hacking, dark web trade, social engineering, and keyloggers—and learn how to spot fraud.
Explore application layer attacks that target web applications, including http attacks using get and post, slowloris floods, and udp floods, causing resource starvation and denial of service to legitimate users.
Explore botnets as a network of compromised hosts controlled by attackers to enable denial-of-service attacks, crypto mining, and other cyber crimes, with toolkit delivery and centralized command channels.
Learn practical DoS and DDoS countermeasures, from detection methods like active profiling and wavelet-based analysis to mitigation strategies such as absorbing, degrading, deflecting, and filtering traffic.
The Complete Guide to Ethical Hacking is a comprehensive course that provides in-depth knowledge and practical skills in ethical hacking and network security. The course is designed to help learners understand the latest tools and techniques used by ethical hackers to test and secure network systems.
The Complete Guide to Ethical Hacking course is an excellent program for individuals looking to enhance their skills and knowledge in ethical hacking and network security. Upon completion of the course, learners can take the certification exam to become a Certified Ethical Hacker, which can open up various career opportunities in the field.
Understand the Principles of Ethical Hacking
Identify Vulnerabilities in Network Systems
Exploit Vulnerabilities in Network Systems
Understand Malware Threats
Analyze Network Traffic
Understand Social Engineering Techniques
Exploit Web Application Vulnerabilities
Hack Wireless Networks
Understand Cryptography Principles
Address Cloud Security Risks
It is recommended that learners complete relevant foundational courses or certifications before enrolling in this course, such as CompTIA Network+, CompTIA Security+, or the EC-Council Certified Security Specialist (ECSS) course. This will provide learners with the necessary foundational knowledge and skills required to successfully complete the CEH v11 course.
The course is suitable for Cybersecurity Professionals, IT Managers, Network Administrators ,Penetration Testers, Security Officers, Law Enforcement Personnel.
Stone River eLearning is not affiliated with EC-Council, and this course is not a certified EC-Council Certified Ethical Hacker CEH v. 11 course.