Training & Certifications

Certified Ethical Hacker (C|EH®) v12

Offered by EC-Council, Certified Ethical Hacker (C|EH®) is the world’s most advanced certified ethical hacking course that covers 20 of the most current security domains any individual will ever want to know when they are planning to beef-up the information security posture of their organization. The C|EH® training program offered by Multimatics is designed to provide the advanced hacking tools and techniques used by hackers and information security professionals. The training material is prepared based on the latest edition of C|EH® v12, accompanied by discussions and exercises to work on the questions.

Multimatics is an Authorized Training Center for the Certified Ethical Hacker (C|EH®) v12 training and certification program accredited by the EC-Council.

Program Objectives

By the end of the program, participants will be able to:

  • Ethical hacking fundamentals, cyber kill chain concepts, an overview of information security, security measures, and numerous information security laws and regulations.
  • Footprinting concepts and methodologies, as well as using footprinting tools and countermeasures.
  • Enumeration techniques include NFS enumeration and related tools, DNS cache snooping, and DNSSEC Zone walking along with the countermeasures.
  • Concepts of vulnerability assessment, its categories and strategies, and first-hand exposure to the technologies used in industry.
  • Phases of system hacking, attacking techniques to obtain, escalate, and maintain access on the victim and covering tracks.
  • Malware threats, analysis of various viruses, worms, and trojans like Emotet and battling them to prevent data. APT and Fileless Malware concepts have been introduced to this domain.
  • Packet sniffing concepts, techniques, and protection against the same.
  • Social engineering concepts and related terminologies like identity theft, impersonation, insider threats, social engineering techniques, and countermeasures.
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, use cases, and attack and defense tools.
  • Security solutions like firewall, IPS, honeypots, evasion, and protection.
  • Operational Technology (OT) essentials, threats, attack methodologies, and attack prevention. The concept of OT is a new addition.
  • Recognizing the vulnerabilities in IoT and ensuring the safety of IoT devices.
  • Encryption algorithms, Public Key Infrastructure (PKI), cryptographic attacks, and cryptanalysis.
  • Cloud computing, threats and security, essentials of container technology, and serverless computing.

Target Audience

The program is designed for Mid-Level Information Security Auditor, Cybersecurity Auditor, Security Administrator, IT Security Administrator, Cyber Defense Analyst, Security Analyst, Information Security Analyst, and any professionals involved in the cybersecurity field.

Duration

The program is a 5-day intensive training class.

Method of Delivery

The program provided by Multimatics will be delivered through interactive presentation by professional instructor(s), group debriefs, individual and team exercises, behavior modelling and roleplays, one-to-one and group discussion, case studies, and projects.

Requirements

There are no specific prerequisites for the C|EH® program, however we strongly recommend participants possess a minimum of 2 years’ experience in IT security before joining the C|EH® program.

Examination Format

Participants will take C|EH® v12 Exam which consists of 125 multiple choice questions. They will be given 4 hours to finish the exam. Participants who successfully passed the exam will be given an official Certified Ethical Hacker (C|EH®) certification from EC-Council.

Program Modules

Module 1: Introduction to Ethical Hacking

  1. Elements of Information Security
  2. Cyber Kill Chain Methodology
  3. MITRE ATT&CK Framework
  4. Hacker Classes
  5. Ethical Hacking
  6. Information Assurance (IA)
  7. Risk Management
  8. Incident Management
  9. PCI DSS
  10. HIPPA
  11. SOX
  12. GDPR

Module 2: Foot Printing and Reconnaissance

  1. Perform foot printing on the target network using search engines, web services, and social networking sites
  2. Perform website, email, whois, DNS, and network foot printing on the target network

Module 3: Scanning Networks

  1. Perform host, port, service, and OS discovery on the target network
  2. Perform scanning on the target network beyond IDS and firewall

Module 4: Enumeration
  1. Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP Enumeration

Module 5: Vulnerability Analysis

  1. Perform vulnerability research using vulnerability scoring systems and databases
  2. Perform vulnerability assessment using various vulnerability assessment tools

Module 6: System Hacking

  1. Perform an active online attack to crack the system’s password
  2. Escalate privileges using privilege escalation tools
  3. Escalate privileges in Linux machine
  4. Hide data using steganography
  5. Clear Windows and Linux machine logs using various utilities
  6. Hiding artifacts in Windows and Linux machines

Module 7: Malware Threats

  1. Malware, Components of Malware
  2. APT
  3. Trojan
  4. Types of Trojans
  5. Exploit Kits
  6. Virus
  7. Virus Lifecycle
  8. Types of Viruses
  9. Ransomware
  10. Computer Worms
  11. Fileless Malware
  12. Malware Analysis
  13. Static Malware Analysis
  14. Dynamic Malware Analysis
  15. Virus Detection Methods
  16. Trojan Analysis
  17. Virus Analysis
  18. Fileless Malware Analysis
  19. Anti-Trojan Software
  20. Antivirus Software
  21. Fileless Malware Detection Tools

Module 8: Sniffing

  1. Network Sniffing
  2. Wiretapping
  3. MAC Flooding
  4. DHCP Starvation Attack
  5. ARP Spoofing Attack
  6. ARP Poisoning
  7. ARP Poisoning Tools
  8. MAC Spoofing
  9. STP Attack
  10. DNS Poisoning
  11. DNS Poisoning Tools
  12. Sniffing Tools
  13. Sniffer Detection Techniques
  14. Promiscuous Detection Tools

Module 9: Social Engineering

  1. Social Engineering
  2. Types of Social Engineering
  3. Phishing
  4. Phishing Tools
  5. Insider Threats/Insider Attacks
  6. Identity Theft

Module 10: Denial-of-Service

  1. DoS Attack, DDoS Attack
  2. Botnets
  3. DoS/DDoS Attack Techniques
  4. DoS/DDoS Attack Tools
  5. DoS/DDoS Attack Detection Techniques
  6. DoS/DDoS Protection Tools

Module 11: Session Hijacking

  1. Session Hijacking
  2. Types of Session Hijacking
  3. Spoofing
  4. Application-Level Session Hijacking
  5. Man-in-the-Browser Attack
  6. Client-side Attacks
  7. Session Replay Attacks
  8. Session Fixation Attack
  9. CRIME Attack
  10. Network Level Session Hijacking
  11. TCP/IP Hijacking
  12. Session Hijacking Tools
  13. Session Hijacking Detection Methods
  14. Session Hijacking Prevention Tools

Module 12: Evading IDS, Firewalls, and Honeypots

  1. Bypass Windows Firewall
  2. Bypass firewall rules using tunneling
  3. Bypass antivirus

Module 13: Hacking Web Servers

  1. Web Server Operations
  2. Web Server Attacks
  3. DNS Server Hijacking
  4. Website Defacement
  5. Web Cache Poisoning Attack
  6. Web Server Attack Methodology
  7. Web Server Attack Tools
  8. Web Server Security Tools
  9. Patch Management
  10. Patch Management Tools

Module 14: Hacking Web Applications

  1. Web Application Architecture
  2. Web Application Threats
  3. OWASP Top 10 Application Security Risks – 2021
  4. Web Application Hacking Methodology
  5. Web API
  6. Webhooks and Web Shell
  7. Web API Hacking Methodology
  8. Web Application Security

Module 15: SQL Injection

  1. SQL Injection
  2. Types of SQL injection
  3. Blind SQL Injection
  4. SQL Injection Methodology
  5. SQL Injection Tools
  6. Signature Evasion Techniques
  7. SQL Injection Detection Tools

Module 16: Hacking Wireless Networks

  1. Wireless Terminology
  2. Wireless Networks
  3. Wireless Encryption
  4. Wireless Threats
  5. Wireless Hacking Methodology
  6. Wi-Fi Encryption Cracking
  7. WEP/WPA/WPA2 Cracking Tools
  8. Bluetooth Hacking
  9. Bluetooth Threats
  10. Wi-Fi Security Auditing Tools
  11. Bluetooth Security Tools

Module 17: Hacking Mobile Platforms

  1. Mobile Platform Attack Vectors
  2. OWASP Top 10 Mobile Risks
  3. App Sandboxing
  4. SMS Phishing Attack (SMiShing)
  5. Android Rooting
  6. Hacking Android Devices
  7. Android Security Tools
  8. Jailbreaking iOS
  9. Hacking iOS Devices
  10. iOS Device Security Tools
  11. Mobile Device Management (MDM)
  12. OWASP Top 10 Mobile Controls
  13. Mobile Security Tools

Module 18: IoT Hacking & OT Hacking

  1. IoT Architecture
  2. IoT Communication Models
  3. OWASP Top 10 IoT Threats
  4. IoT Vulnerabilities
  5. IoT Hacking Methodology
  6. IoT Hacking Tools
  7. IoT Security Tools
  8. IT/OT Convergence (IIOT)
  9. ICS/SCADA
  10. OT Vulnerabilities
  11. OT Attacks
  12. OT Hacking Methodology
  13. OT Hacking Tools
  14. OT Security Tools

Module 19: Cloud Computing

  1. Cloud Computing
  2. Types of Cloud Computing Services
  3. Cloud Deployment Models
  4. Fog and Edge Computing
  5. Cloud Service Providers
  6. Container
  7. Docker
  8. Kubernetes
  9. Serverless Computing
  10. OWASP Top 10 Cloud Security Risks
  11. Container and Kubernetes Vulnerabilities
  12. Cloud Attacks
  13. Cloud Hacking
  14. Cloud Network Security
  15. Cloud Security Controls
  16. Cloud Security Tools

Module 20: Cryptography

  1. Cryptography
  2. Encryption Algorithms
  3. MD5 and MD6 Hash Calculators
  4. Cryptography Tools
  5. Public Key Infrastructure (PKI)
  6. Email Encryption
  7. Disk Encryption
  8. Cryptanalysis
  9. Cryptography Attacks
  10. Key Stretching
Scroll to Top