Cybersecurity Incidents Are Exploding
So are Cyber Jobs !
CEH is a globally-recognised certification with
flexible-learning options to fit your lifestyle and commitments.
Build Your Career with the Most in-Demand Ethical Hacking Certification Program in the World.
From the creators of Certified Ethical Hacker (CEH) comes the new and evolved version 13 with added Al capabilities. Structured across 20 learning modules covering over 550 attack techniques, CEH provides you with the core knowledge you need to thrive as a cybersecurity professional.
The world's first ethical hacking certification to harness the power of Al.
Master the latest advanced attack techniques, trends, and countermeasures.
Advanced threat detection, enhanced decision- making, adaptive learning, enhanced reporting, and automation of repetitive tasks.
Hone your skills in real-world scenarios through hands-on labs, where you practice attack vectors and master advanced hacking tools.
Learn Al-driven techniques to boost efficiency in cyber defense by 40% while streamlining your workflow.
Participate in monthly global hacking competitions, compete with your peers, and make it to the leaderboard.
Gain industry-ready skills by learning the multi-platform strategies and tactics used by today’s most sophisticated cybercriminals (including Al) so you can identify system vulnerabilities before they do.
Read how top cybersecurity professionals excelled in their careers after completing CEH in our 2023 Hall of Fame Report.
CEH is a globally-recognised certification with flexible-learning options to fit your lifestyle and commitments.
CEH follows a unique 4-step framework
Learn
Details
What’s covered
Certify
Details
The knowledge exam
This 4-hour exam with 125 multiple-choice questions will test your skills in:
The practical exam
In 6 hours you’ll complete 20 real-world challenges to test your proficiency. You’ll do this by incorporating a live corporate network of VMs and applications with ethical hacking solutions to uncover any vulnerabilities.
Engage
Details
Compete
Details
Gain exposure to new tools, focus on new attack vectors, and try to exploit emerging vulnerabilities while gaining continuing education credits and keeping your skills and certifications current.
Climb the leaderboard
These 4-hour challenges are open all month long, allowing you to compete whenever you’re ready. All you need is an internet connection and your hacking expertise we provide the attack platform, targets, and all the necessary tools and training.
With CEH you’ll learn how to think like a hacker and uncover any hidden vulnerabilities before hackers do.
Learn the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.
Key topics covered: Elements of Information Security, Classification of Attacks, Hacker Classes, Ethical Hacking, Al-Driven Ethical Hacking, ChatGPT-Powered Al Tools for Ethical Hackers, CEH Ethical Hacking Framework, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Information Assurance (IA), Risk Management, Threat Intelligence Lifecycle, Incident Management, PCI DSS, HIPPA, SOX, GDPR, DPA
Learn how to use the latest techniques and tools to perform footprinting and reconnaissance, a critical pre-attack phase of the ethical hacking process.
Hands-on Labs:
Key topics covered: Reconnaissance, Footprinting Using Advanced Google Hacking Techniques, Footprinting through People Search Services, Dark Web Footprinting, Competitive Intelligence Gathering, Footprinting through Social Networking Sites, Whois Lookup, DNS Footprinting, Traceroute Analysis, Email Footprinting, Footprinting through Social Engineering, Al-Powered OSINT Tools
Learn different network scanning techniques and countermeasures.
Hands-on Labs:
Key topics covered: Network Scanning, Scanning Tools, Host Discovery Techniques, Port Scanning
Techniques, Host Discovery and Port Scanning with Al, Service Version Discovery, OS Discovery/Banner Grabbing, Scanning Beyond IDS and Firewall, Scanning Detection and Prevention
Learn various enumeration techniques, including Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits and associated countermeasures.
Hands-on Labs:
Key topics covered: Enumeration, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, NFS Enumeration, SMTP Enumeration, DNS Cache Snooping, DNSSEC Zone Walking, IPsec Enumeration, VoIP Enumeration, RPC Enumeration, Unix/Linux User Enumeration, SMB Enumeration, Enumeration using Al, Enumeration Countermeasures
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems. Different types of vulnerability assessment and vulnerability assessment tools are included as well.
Hands-on Labs:
Key topics covered: Vulnerability Classification, Vulnerability Scoring Systems and Databases, Vulnerability-Management Life Cycle, Vulnerability Research, Vulnerability Scanning and Analysis, Vulnerability Assessment Tools, Vulnerability Assessment Reports, Al-Powered Vulnerability Assessment Tools
Learn about the various system hacking methodologies used to discover system and network vulnerabilities, including steganography, steganalysis attacks, and how to cover tracks.
Hands-on Labs:
Key topics covered: Password Cracking, Password Attacks, Password-Cracking Tools, Vulnerability Exploitation, Metasploit Framework, Al-Powered Vulnerability Exploitation Tools, Buffer Overflow, Buffer Overflow Detection Tools, Active Directory (AD) enumeration, Privilege Escalation, Privilege Escalation Tools, Executing Applications, Keylogger, Spyware, Rootkits, Steganography, Steganalysis, Steganography Detection Tools, Maintaining Persistence, Linux and Windows Post Exploitation, Covering Tracks, Clearing Logs, Track-Covering Tools
Learn about different types of malware (Trojan, viruses, worms, etc.), APT and fileless malware, malware analysis procedures, and malware countermeasures.
Hands-on Labs:
Key topics covered: Malware, Advanced Persistent Threat Lifecycle, Trojan, Virus, Ransomware, Computer Worms, Fileless Malware, Al-based Malware, Malware Analysis, Static Malware Analysis, Dynamic Malware Analysis, Virus Detection Methods, Malware Countermeasures, Anti-Trojan Software, Al-Powered Malware Detection and Analysis Tools
Learn about packet-sniffing techniques and their uses for discovering network vulnerabilities, plus countermeasures to defend against sniffing attacks.
Hands-on Labs:
Key topics covered: Network Sniffing, MAC Flooding, DHCP Starvation Attack, ARP Spoofing, ARP Spoofing/Poisoning Tools, MAC Spoofing, VLAN Hopping, STP Attack, DNS Poisoning Techniques, DNS Poisoning Tools, Sniffing Tools, Sniffer Detection Techniques, Promiscuous Detection Tools
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.
Hands-on Labs:
Key topics covered: Social Engineering, Types of Social Engineering, Human-based Social Engineering Techniques, Impersonation, Computer-based Social Engineering Techniques, Phishing, Phishing Tools, Perform Impersonation using Al, Identity Theft, Mobile-based Social Engineering Techniques, Social Engineering Countermeasures, Anti-Phishing Toolbar
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, plus the tools used to audit a target and devise DoS and DDoS countermeasures and protections.
Hands-on Labs:
Key topics covered: DoS Attack, DDoS Attack, Botnets, DoS/DDoS Attack Techniques, DoS/DDoS Attack Toolkits, DoS/DDoS Attack Detection Techniques, DoS/DDoS Protection Tools, DoS/DDoS Protection Services
Learn the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.
Hands-on Labs:
Key topics covered: Session Hijacking, Application-Level Session Hijacking, Compromising Session IDs, Session Hijacking, Network-Level Session Hijacking, TCP/IP Hijacking, RST Hijacking, Blind Hijacking, Session Hijacking Tools, Session Hijacking Detection Methods, Session Hijacking Detection Tools, Approaches to Prevent Session Hijacking
Learn about firewall, intrusion detection system (IDS), and honeypot evasion techniques, the tools used to audit a network perimeter for weaknesses, and countermeasures.
Hands-on Labs:
Key topics covered: Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Firewall, Types of Firewalls, Intrusion Detection Tools, Intrusion Prevention Tools, IDS/Firewall Evasion Techniques, NAC and Endpoint Security Evasion Techniques, IDS/Firewall Evading Tools, Honeypot, Types of Honeypots, Honeypot Tools, IDS/Firewall Evasion Countermeasures
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.
Hands-on Labs:
Key topics covered: Web Server Architecture, Web Server Vulnerabilities, Web Server Attacks, DNS Server Hijacking, Web Cache Poisoning Attack, Web Server Footprinting/Banner Grabbing, Directory Brute Forcing, Vulnerability Scanning, Web Server Password Hacking, Web Server Attack Tools, Web Server Attack Countermeasures, Detecting Web Server Hacking Attempts, Web Server Security Tools
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.
Hands-on Labs:
Key topics covered: Web Application, OWASP Top 10 Application Security Risks – 2021, Web
Application Attacks, Footprint Web Infrastructure, Analyze Web Applications, Bypass Client-side Controls, Attack Access Controls, Attack Web Services, Web API, Webhooks, Web API Hacking Methodology, API Security Risks and Solutions, Web Application Security Testing, Web Application Fuzz Testing, Encoding Schemes, Web Application Attack Countermeasures, Web Application Security Testing Tools
Learn about SQL injection attack techniques, evasion techniques, and SQL injection countermeasures.
Hands-on Labs:
Key topics covered: SQL Injection, Types of SQL injection, Error Based SQL Injection, Union SQL Injection, Blind/Inferential SQL Injection, SQL Injection Methodology, Information Gathering and SQL Injection Vulnerability Detection, Launch SQL Injection Attacks, Advanced SQL Injection, SQL Injection Tools, SQL Injection with Al, Evasion Techniques, SQL Injection Countermeasures, SQL Injection Detection Tools
Learn about different types of encryption, threats, hacking methodologies, hacking tools, security tools, and countermeasures for wireless networks.
Hands-on Labs:
Key topics covered: Wireless Networks, Wireless Standards, Wireless Encryption, Wireless Threats, Wireless Hacking Methodology, Wi-Fi Discovery, Wireless Traffic Analysis, Launch of Wireless Attacks, Wi-Fi Encryption Cracking, Wireless Attack Countermeasures, Wi-Fi Security Auditing Tools
Learn mobile platform attack vectors, Android and iOS hacking, mobile device management, mobile security guidelines, and security tools.
Hands-on Labs:
Key topics covered: OWASP Top 10 Mobile Risks – 2024, Anatomy of a Mobile Attack, App
Sandboxing Issues, SMS Phishing Attack (SMiShing), Call Spoofing, OTP Hijacking/Two-Factor Authentication Hijacking, Camera/Microphone Capture Attacks, Android Rooting, Hacking Android Devices, Android Hacking Tools, Android Security Tools, Jailbreaking iOS, Hacking iOS Devices, IOS Device Security Tools, Mobile Device Management (MDM), OWASP Top 10 Mobile Risks and Solutions, Mobile Security Guidelines, Mobile Security Tools
Learn different types of Internet of Things (IoT) and operational technology (OT) attacks, hacking methodologies, hacking tools, and countermeasures.
Hands-on Labs:
Key topics covered: IoT Architecture, loT Technologies and Protocols, OWASP Top 10 loT Threats, IoT Vulnerabilities, IoT Threats, loT Attacks, IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT/OT Convergence (IIOT), OT Technologies and Protocols, OT Vulnerabilities, OT Threats, OT Attacks, OT Hacking Methodology, OT Hacking Tools, OT Security Tools
Learn different cloud computing concepts, such as container technologies and serverless computing, various cloud computing threats, attacks, hacking methodologies, and cloud security techniques and tools.
Hands-on Labs:
Key topics covered: Cloud Computing, Fog Computing, Edge Computing, Container, Docker,
Kubernetes, Serverless Computing, OWASP Top 10 Cloud Security Risks, Cloud Computing Threats, Container Vulnerabilities, Kubernetes Vulnerabilities, Cloud Attacks, Cloud Hacking Methodology, AWS Hacking, Microsoft Azure Hacking, Google Cloud Hacking, Container Hacking, Cloud Network Security, Cloud Security Controls, Cloud Security Tools
Learn about encryption algorithms, cryptography tools, Public Key Infrastructure (PKI), email encryption, disk encryption, cryptography attacks, and cryptanalysis tools.
Hands-on Labs:
Key topics covered: Cryptography, Ciphers, Symmetric Encryption Algorithms, Asymmetric Encryption Algorithms, Message Digest Functions, Quantum Cryptography, Cryptography Tools, Public Key Infrastructure (PKI), Signed Certificate, Digital Signature, Email Encryption, Disk Encryption, Blockchain, Cryptanalysis Methods, Cryptography Attacks, Attacks on Blockchain, Quantum Computing Attacks, Cryptanalysis Tools
Cybersecurity professionals
Drive your cybersecurity career forward with CEH, enhanced by the power of Al
Teams and organizations
Turbocharge your team’s knowledge with certified ethical hacking powered by Al
Government and military
CEH is trusted and highly valued globally by government departments and defense bodies
Educators
Create and grow your own cybersecurity courses and programs
Earn world-class certifications trusted and highly valued globally by government bodies, private organizations, and the defense.
Advance your career with our expert guidance.
CEH is a great place to start your career in cybersecurity, but you’re required to have some knowledge before applying. It’s recommended that you have a minimum of 2 years of IT security experience before attempting CEH
If you don’t have the experience and are just getting started on this path as an entry-level professional, we recommend taking our Cybersecurity Essentials Series, where you can learn the foundations required to pursue mid-level and specialization certifications like CEH, CND, CHFI, CTIA, ECIH, CSA, CCISO, and others.
Organizations hire Certified Ethical Hackers either on a contract or as full-time employees to improve their security posture. Obtaining a CEH certification is often a baseline requirement for many job roles. Ethical hacking involves the methodical practice of identifying, evaluating, testing, and reporting vulnerabilities within an organization.
Ethical hacking is a broad practice that covers various technologies. By systematically applying CEH methodologies, ethical hackers can evaluate almost any application or infrastructure, identify potential vulnerabilities, and provide remediation recommendations.
With CEH v13, Certified Ethical Hackers also use Al tools and techniques to enhance their ability to identify, exploit, and secure vulnerabilities in systems and networks.
By integrating Al into their skills, they automate threat detection, predict security breaches, and respond swiftly to cyber incidents. Moreover, they also have the knowledge to hack Al systems.
In the case of military organizations, ethical hackers are highly trained in offensive and defensive activities and possess the critical skill sets and tactics to evaluate target systems and defend their organization’s assets in real-time.
Holding a CEH certification communicates to your potential or current employer that you possess the baseline knowledge and skills to be an effective member of the security team.
The field of cybersecurity is rapidly growing, with projected job opportunity growth of 33%, according to the US Department of Labor. Globally, there is an insufficient supply of qualified people, creating significant opportunities for Certified Ethical Hackers in nearly every industry.
See the impact of CEH on our top alumni in our Hall of Fame report:
We know not all certifications are created equal, and deciding to get certified is an investment for you in both time and money. For over 20 years, EC-Council has worked to build the best ethical hacking certification on the market, Certified Ethical Hacker.
As a certification body, we ensure the topics covered in our training and examinations directly relate to the job roles and skills employers need. Our ANAB-accredited examination goes through rigorous job task analysis, careful curation of exam domains, extensive work to build world-class training, and hands-on components to provide candidates with an intensive hands-on experience throughout the program.
CEH’s Al cybersecurity skills also help learners drive more efficiency and double productivity gains.
CEH is recognized by various governments around the world, including the US Department of Defense and GCHQ in the UK, among others.
EC-Council employs full-time content teams that work all year long on program design and maintenance, ensuring each CEH student receives the most up-to-date, relevant information as they pursue the certification.
Currently on Version 13, CEH version releases are paced every 12-18 months, depending on trends in the market, new tools, vulnerabilities, operating systems, Al techniques, and much more.
Considering the global need and lack of qualified talent in the workforce, cybersecurity professionals are usually paid exceptionally well.
As of September 2024, a simple search on Salary.com for US-based positions shows that Ethical Hackers make an average of $110,757 per year, which is an increase of $6800 compared to $103,866 in 2022, and with the 90th percentile earning above $137,000.
Experience, education levels, and other certifications typically increase earning potential, but it’s common to see starting salaries for ethical hackers that often exceed six figures.
We recommend searching your local job boards, viewing local salary information, and talking to potential employers to assess your own value in the market. CEH has been ranked in the top 5 highest paid cybersecurity certifications for the last 10 years and continues to grow worldwide.
Currently in its 13th version, CEH is a very well-known certification in the cybersecurity field. A simple search for global job ads on LinkedIn (as of September 2024) shows over 22,000 available jobs seeking candidates with a CEH certification.
CEH v13 is currently mapped to 49 job roles across multiple industries based on job task analysis and a detailed survey of job roles demanding CEH across CareerBuilder, LinkedIn, Dice, Indeed, Monster, and Naukri, a number significantly higher than other certifications such as SANS GPEN, OSCP, and Pentest+.
CEH is the most in-demand cybersecurity certification globally, representing the majority share of job ads seeking certified candidates. It’s also recognized as a baseline certification by the US Department of Defense for its cyber workforce.
CEH serves as the core content for over 1,200 colleges and universities across the globe that run computer science and cybersecurity degree programs. It’s the number one choice and most sought- after course for any candidate and organization looking for an ethical hacking course.
CEH is the world’s first cybersecurity certification recognized by the Department of Defense and ANAB to teach in-demand Al-driven cybersecurity skills.
CEH goes beyond ethical hacking – it’s the fundamental course for any cybersecurity career and can be applied to numerous job roles. The skills you’ll gain from CEH apply to 49 job roles across 25+ industries.
EC-Council’s Certified Ethical Hacker (CEH) certification is the world’s number one ethical hacking certification.
In the CEH Hall of Fame Survey Report, which collected responses from thousands of cybersecurity professionals, we discovered many key findings about the real-life impact of CEH and how the program has benefited its many graduates.
Here are a few of our findings:
