Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Ethical Hacker Training for the v13 Exam
Rating: 4.5 out of 5(732 ratings)
5,111 students

Ethical Hacker Training for the v13 Exam

Learn how to become an Ethical Hacker with Tools and Techniques of Modern Ethical Hacking and Cybersecurity Defense
Last updated 5/2026
English

What you'll learn

  • Students will gain an understanding of the fundamentals of information security, ethical hacking, and risk management.
  • Students will learn how to use open-source intelligence (OSINT) tools and techniques for footprinting and reconnaissance.
  • Students will acquire the skills to conduct network scanning and enumeration for potential vulnerabilities.
  • Students will gain an understanding of the process of vulnerability analysis and how to exploit system vulnerabilities.
  • Students will learn to identify, analyze, and mitigate malware threats and denial-of-service attacks.
  • Students will gain knowledge of various hacking methods for web servers, web applications, and mobile platforms.
  • Students will understand the risks and vulnerabilities associated with cloud computing and IoT devices.
  • Students willl learn the principles of cryptography and how to use cryptographic tools and techniques for data protection.

Course content

22 sections319 lectures68h 23m total length
  • Getting The Most Out of this Course2:13
  • 1.0 Introduction to the Ethical Hacking v131:56

    In this module of the Certified Ethical Hacker (CEH) version 13 course, instructor Chris Thorsen introduces the course structure and highlights the exciting new content that includes artificial intelligence applications in ethical hacking. With nearly thirty years of experience in IT and numerous certifications, Chris sets the stage for a comprehensive learning experience that includes practical activities and a master lab challenge.


    • Introduction to Certified Ethical Hacker version 13

    • Instructor background and experience

    • Overview of new topics and tools in CEH version 13

    • Utilization of artificial intelligence in ethical hacking

    • Practical activities and master lab challenge

    • Case study as a CEH pen tester

  • 1.1 Elements of Security29:40

    In this video module, we will explore the fundamentals of information security, focusing on its core principles, the importance of balancing security with functionality, and the various types of security controls. We will also discuss active defense strategies, essential terminology, and the different access control models that are crucial for protecting systems and data.


    • Definition of Information Security

    • The CIA Triad: Confidentiality, Integrity, Availability

    • Balancing Security, Functionality, and Usability

    • Defense in Depth: Layered Security Approach

    • Types of Active Defense: Annoyance, Attribution, Attack

    • Essential Terminology: Hack Value, Vulnerability, Threat, Exploit, Payload, Zero Day Attack

    • Daisy Chaining and Pivoting Attacks

    • Doxing and Non-repudiation

    • Types of Security Controls: Physical, Administrative, Technical

    • Preventive, Detective, Deterrent, Mitigating, and Corrective Controls

    • Network Security Zoning

    • Identity and Access Management: Authentication, Authorization, User Management

    • Access Control Models: Mandatory, Discretionary, Role-Based, Rule-Based

  • 1.2 Cyber Kill Chain7:19

    In this video, we will explore the concept of the Cyber Kill Chain, a model developed by Lockheed Martin that outlines the various phases of a cyber attack. Understanding this model is crucial for cybersecurity professionals as it enables them to anticipate and mitigate potential threats. The video will cover each stage of the Cyber Kill Chain, from reconnaissance to actions on objectives, providing insights into how attackers operate and how to defend against them.


    • Introduction to the Cyber Kill Chain

    • Phases of a Cyber Attack

    • Reconnaissance: Passive and Active

    • Weaponization of Attacks

    • Delivery Methods for Payloads

    • Exploitation of Vulnerabilities

    • Installation of Malware

    • Command and Control Mechanisms

    • Actions on Objectives

  • 1.3 MITRE ATT&CK Framework3:51

    In this video module, we will explore the Mitre ATT&CK framework, a comprehensive tool used for understanding and analyzing cyber threats. Unlike the cyber kill chain, the ATT&CK framework provides a detailed matrix of tactics and techniques utilized by adversaries throughout the attack lifecycle. This framework is essential for both red and blue teams to enhance their security posture and identify potential risks.


    • Introduction to the Mitre ATT&CK framework

    • Comparison with the cyber kill chain

    • Usage by threat hunters, red teamers, and blue teamers

    • Tracking adversaries' tactics and techniques

    • Database and indices of attack information

    • Strengthening organizational security posture

    • Understanding adversary motivations

    • Overview of the three matrices: enterprise, mobile, and industrial control systems

    • Detailed tactics and techniques for enterprise

    • Mobile attack categories

    • ICS and IoT specific tactics

    • Adoption of the ATT&CK framework by governments

  • 1.3.1 ACTIVITY - Examining MITRE ATT&CK6:43

    In this module, we will explore the MITRE ATT&CK framework, a crucial resource for ethical hackers. The session will cover how to navigate the MITRE website, understand various tactics and techniques used by advanced persistent threat (APT) groups, and examine specific examples of cyber attacks and their methodologies. This framework serves as a guide for ethical hacking practices and helps in building effective defense strategies.


    • Introduction to MITRE ATT&CK framework

    • Navigation of the MITRE website

    • Understanding tactics and techniques

    • Reconnaissance and its subcategories

    • Examples of APT groups and their techniques

    • Software used by APTs

    • Cyber campaigns and their impact

    • Importance of frameworks in ethical hacking

  • 1.4 Hacking9:27

    This video module provides an in-depth exploration of hacking, including its definitions, phases, types of hackers, and the implications of hacking on security. It covers essential terminology and the motivations behind different hacker classes, as well as the concept of state-sponsored hacking and insider threats.


    • Definition of hacking

    • Phases of hacking: reconnaissance, penetration, and maintaining control

    • Types of hackers: black hat, white hat, gray hat, script kiddies, state-sponsored hackers, hacktivists, suicide hackers, and cyber terrorists

    • Advanced Persistent Threats (APTs)

    • Examples of notorious hacking groups

    • Insider threats and their implications

  • 1.5 Ethical Hacking21:54

    In this video module, we will explore the fundamentals of ethical hacking, including its purpose, the skills required, and the processes involved in penetration testing. Ethical hacking aims to enhance security by identifying vulnerabilities before they can be exploited by malicious actors. We will discuss the differences between ethical hacking and penetration testing, the necessary technical and non-technical skills, and the importance of compliance with legal and industry standards. Additionally, we will cover the methodologies and tools used in ethical hacking, as well as how to develop these skills effectively.


    • Definition of ethical hacking

    • Purpose and intent of ethical hacking

    • Vulnerabilities and security analysis

    • Difference between hacking and penetration testing

    • Skills required for ethical hackers

    • Technical skills: operating systems, networking, software

    • Non-technical skills: social engineering, communication

    • Legal compliance and ethical considerations

    • Penetration testing process and methodologies

    • Types of penetration tests: white box, gray box, black box

    • Phases of ethical hacking: reconnaissance, scanning, exploitation, maintaining access, covering tracks

    • Handling sensitive information and legal issues

    • Developing hacking skills through practice and labs

    • Using virtual machines and containers for skill development

  • 1.6 Information Assurance18:10

    In this video module, we will explore the concept of information assurance (IA) and its critical role in maintaining the CIA triad: confidentiality, integrity, availability, and authenticity of data and systems. We will discuss the frameworks and policies necessary for implementing a robust information security management program, the importance of risk assessment, and the role of metrics in measuring security effectiveness. Additionally, we will examine the various types of security policies and the significance of organizational support in enforcing these policies.


    • Definition of Information Assurance

    • CIA Triad: Confidentiality, Integrity, Availability

    • Security Architecture and Management Programs

    • Information Security Frameworks

    • Common Security Frameworks (PCI, ISO, Common Criteria)

    • Risk Assessment and Mitigation

    • Security Metrics and Measurement

    • Policies, Procedures, and Guidelines

    • Types of Security Policies

    • Role of HR and Legal in Security Policy Implementation

    • Challenges in Enforcing Security Policies

  • 1.7 Risk Management36:13

    In this video, we will explore the critical aspects of risk management in the context of ethical hacking. The discussion will cover the definition of risk, various types of attacks and threats, and how to effectively manage these risks. We will also delve into the importance of threat intelligence, risk assessment methodologies, and the phases of the threat intelligence life cycle. By the end of this module, viewers will gain a comprehensive understanding of how to identify, evaluate, and prioritize risks to better protect their clients' information systems.


    • Definition of risk

    • Types of attacks and threats

    • Risk management strategies

    • Cybersecurity risk categories

    • Threat intelligence and its life cycle

    • Risk assessment methodologies

    • Qualitative vs. quantitative risk assessment

    • Risk response strategies

    • Business impact analysis

    • Threat modeling

  • 1.8 Incident Management9:52

    This video module focuses on the essential processes involved in incident management and response, emphasizing the importance of preparation, detection, containment, and post-incident analysis. It outlines the steps necessary to effectively handle incidents that could disrupt organizational operations, from cyber threats to natural disasters, and highlights the significance of communication and continuous improvement in incident response strategies.


    • Introduction to Incident Response

    • Preparation for Incidents

    • Detection of Incidents

    • Containment and Eradication

    • Recovery from Incidents

    • Post-Incident Analysis

    • Understanding Incidents

    • Incident Management Processes

    • Communication during Incidents

    • Role of Incident Response Team

    • Regulatory Compliance in Incident Management

    • Scenario Analysis and Containment Strategies

  • 1.9 Information Security Laws and Standards9:37

    In this video module, we will explore the various laws and standards that govern the field of ethical hacking and cybersecurity. We will discuss key organizations involved in setting these standards, the important regulations such as GDPR, PCI DSS, and various U.S. laws, as well as the significance of compliance in protecting sensitive information.


    • Introduction to cybersecurity laws and standards

    • Key organizations influencing cybersecurity

    • Overview of U.S. cybersecurity laws

    • International regulations like GDPR

    • Standards such as PCI DSS, ISO, and COBIT

    • Importance of compliance and ethical considerations

  • 1.10 Using AI in Ethical Hacking23:37

    This video module explores the integration of artificial intelligence (AI) in ethical hacking, detailing its applications, models, and tools that enhance cybersecurity practices. It covers the fundamental concepts of AI, the importance of training models, and how AI can automate and improve both offensive and defensive operations in ethical hacking.


    • Introduction to AI and its role in ethical hacking

    • Understanding AI models and their applications

    • Training AI models with data and parameters

    • AI in offensive operations: reconnaissance, exploit generation, and social engineering

    • AI in defensive operations: threat detection, incident response, and anomaly detection

    • Benefits of AI for ethical hackers: speed, accuracy, and automation

    • Different types of AI models used in cybersecurity

    • Use cases of AI in ethical hacking tools

    • ChatGPT and its applications in ethical hacking

    • Future of AI in cybersecurity and ethical hacking

  • 1.11 Information Security and Ethical Hacking Review10:03

    In this video module, we will explore the fundamental concepts of information security, focusing on the CIA triad—confidentiality, integrity, and availability. We will discuss layered security approaches, the cyber kill chain model, and the MITRE ATT&CK framework for understanding attacker tactics. Additionally, we will delve into ethical hacking, the importance of information assurance, risk management strategies, incident management, and the role of AI in enhancing cybersecurity measures.


    • CIA triad: confidentiality, integrity, availability

    • Defense in depth and layered security

    • Policies, procedures, and controls in security

    • Cyber kill chain model

    • MITRE ATT&CK framework

    • Types of hackers: ethical vs. malicious

    • Advanced persistent threats (APTs)

    • Ethical hacking and its phases

    • Insider threats and vulnerabilities

    • Information assurance vs. information security

    • Attack classifications and threat intelligence life cycle

    • Risk management: qualitative and quantitative assessments

    • Incident management phases

    • Information security laws and standards

    • AI applications in ethical hacking

Requirements

  • There are no requirements or prerequisites needed in order to tke this course.

Description

Course overview

This course is an independent training resource to help students prepare for the CEH® v13 exam. We are not affiliated with EC-Council, and this course is not an official EC-Council training program. CEH® and Certified Ethical Hacker® are registered trademarks of EC-Council.

Embark on a transformative journey with our ethical hacking course, purpose-built to prepare you for EC-council v13 exam. You’ll explore the principles of ethical hacking and learn to think like an ethical hacker, mastering techniques for identifying and exploiting vulnerabilities before malicious actors can.

What you’ll learn

  • How to apply ethical hacking methodologies to assess system security

  • Tools and tactics used by an ethical hacker for reconnaissance, footprinting, and scanning

  • Techniques for system hacking, privilege escalation, and post-exploitation

  • Strategies to analyze malware threats and implement effective countermeasures

  • Best practices for reporting findings and remediating vulnerabilities

Key topics covered

  • Information security fundamentals and the mindset of an ethical hacker

  • Footprinting, reconnaissance, and ethical hacking reconnaissance tools

  • Network scanning, enumeration, and vulnerability analysis

  • System hacking, malware threats, and web application attacks

  • Wireless network hacking, cryptography, and evasion techniques

  • Challenge labs aligned to v13 objectives, reinforcing your ethical hacking certification readiness

Explore and work with common hacking tools when performing activities throughout the course using both Kali Linux and Windows Server.  Some include:

Reconnaissance / OSINT

  • Maltego — visual link-analysis and relationship mapping for people, domains, and infrastructure.

  • theHarvester — gather e-mail addresses, subdomains and hostnames from public sources.

  • Shodan — search engine for internet-connected devices and services.

  • Recon-ng — modular framework for automated web reconnaissance.

Scanning / Enumeration

  • Nmap — host discovery, port scanning and service fingerprinting.

  • Netcat — lightweight network read/write utility often used for banner grabbing and simple connections.

  • Masscan — very fast internet-scale port scanner.

Vulnerability assessment

  • Nessus — commercial vulnerability scanner (widely used in CEH labs).

  • OpenVAS / Greenbone — open-source vulnerability scanning.

  • Nikto — web server vulnerability scanner.

Web application testing

  • Burp Suite (Community/Professional) — web proxy, request/response inspection, scanner and many web testing utilities.

  • OWASP ZAP — open-source web application security scanner and proxy.

  • sqlmap — automated SQL injection discovery and exploitation tool (discussed from a testing/defensive perspective).

Exploitation frameworks

  • Metasploit Framework — widely used for exploit development, payloads and post-exploitation demos (taught ethically).

  • Empire / PowerShell frameworks — post-exploitation and lateral-movement demos (usually in controlled lab contexts).

Password attacks / credential tools

  • John the Ripper — password cracking utility for hashes.

  • Hashcat — GPU-accelerated password cracking.

  • Hydra / Medusa — online password brute-force tools for many protocols.

Network sniffing / traffic analysis

  • Wireshark — packet capture and deep protocol analysis.

  • tcpdump — command-line packet capture and filtering.

Wireless testing

  • Aircrack-ng suite — capture and analyze wireless traffic, recover weak WEP/WPA-PSK keys (for lab learning).

  • Kismet — wireless network detector, sniffer and IDS.

Reverse engineering & malware analysis (introductory)

  • Ghidra — open-source reverse engineering tool (disassembler/Decompiler).

  • Radare2 — reverse engineering framework.

  • IDA Pro — commercial disassembler (often referenced).

Digital forensics

  • Autopsy / Sleuth Kit — disk and file system forensics analysis tools.

  • Volatility — memory forensics framework.

Social engineering / phishing

  • Social-Engineer Toolkit (SET) — framework for social-engineering simulations (used in training and awareness exercises).

  • King Phisher — phishing campaign simulation tool (used in authorised assessments).

OSINT & mapping misc

  • Google Dorks — advanced search queries methodology (covered conceptually).

  • SpiderFoot — automated OSINT reconnaissance.

This ethical hacking course is ideal for:

  • IT professionals aiming to become a certified in ethical hacking

  • Security analysts and network administrators seeking ethical hacking certification

  • Aspiring ethical hackers preparing for the newest version exam

  • Anyone interested in a comprehensive ethical hacking training path

Why choose this course

• Over 68 hours of in-depth video lectures and interactive labs
• Real-world scenarios that mirror actual hacking challenges
• Downloadable resources and toolkits to support continual practice

Exam preparation and career outcomes

Aligned directly with the EC-council v13 exam blueprint, this course equips you for the official V13 exam. On completion, you’ll hold the knowledge and practical experience to pursue roles such as ethical hacker, Penetration Tester, or Security Analyst—and achieve recognized ethical hacking certification.


Who this course is for:

  • Information security professionals seeking to enhance their skills in ethical hacking and cybersecurity.
  • IT administrators interested in understanding vulnerabilities and improving security measures within their organizations.
  • Network engineers looking to gain insights into network security and attack detection.
  • Software developers aiming to learn secure coding practices and how to defend against web application attacks.
  • Business leaders and executives who want to understand the implications of cybersecurity threats on their organizations.
  • Students and recent graduates aspiring to start a career in cybersecurity and ethical hacking.
  • Compliance officers needing to stay informed about security laws and standards relevant to their industry.
  • Incident response teams wanting to refine their skills in managing and mitigating security incidents.
  • Individuals interested in developing advanced skills in penetration testing and vulnerability assessment.
  • Those seeking to understand the intersection of artificial intelligence and cybersecurity.