Certified Ethical Hacker

CEH

Practical objective

The production of staff capable of conducting hacking testing operations, identifying weaknesses and how to deal with them, in addition to taking the necessary security measures for preventing future hackings and detecting and identifying the hacker.

This course represents the theoretical and practical basis for any information engineer and any communications engineer who seeks to excel by acquiring the skills needed by specially banks, and generally the large companies to secure their digital data.

Through this course, you become a priority in jobs related to information security and security systems and their branches.

Trainee requirements

The trainee must have completed the course entry to the networks within his / her curriculum or have followed the CCNA R & S course.

Summary of the course

The course offers a curriculum that provides a gateway to jobs in information security, networking and a career in IT. The curriculum consists of 60 hours divided into 30 two-hour sessions each. The sessions are divided into two sections: the first section is 10 non-synchronized sessions that contain the theoretical part of the curriculum and the student finds them on Moodle to study them by himself/herself, as discussions are held with the instructor during the second part of the sessions. The second part of the sessions consists of 20 synchronized sessions containing the practical subjects that will be carried implemented using the programs specially for ethical hacking which will be provided to the trainees during the course, in addition to solving a set of questions of previous examinations on the theoretical ideas related to the subject of the session.

Through both recorded sessions and synchronized sessions, the student receives all the information given in EC-Council courses as well as additional training on exam questions and the way they come.

The course will teach the new curriculum of 2018 with all its tools and references. This will be reflected in both the tools and the experimental method and the following axes will be added:

Analysis of weaknesses.
The security of the Internet of things.

Training Course Topics

Introduction to Ethical Hacking

Footpriting and Reconnaissance

Scanning Networks

Enumeration

Vulnerability Analysis

System Hacking

Malware threats

Sniffing

Social Engineering

Denial-of-Service

Session Hijacking

Evading IDS, Firewall and Honeypots Technology

Hacking Web servers

Hacking Web Applications

SQL Injection

Hacking Wireless Networks

Hacking Mobile Platforms

IoT Hacking

Cloud Computing

Cryptography

Targeted group

Students of information and communication faculties of all years
Graduates of all faculties of information and communications
Students and graduates of the Intermediate Institute of Computers
Students and graduates of informatics secondary school.
Students and graduates of colleges, institutes and other high schools with an engineering degree
All interested in the networking world

Learning outcomes

	Learning Outcomes
LO1	Practical expertise and practical and theoretical experience in the use of open source electronic intelligence tools and technologies, and research and electronic survey
LO2	How to Prepare a Hacking Test Lab
LO3	How to collect information, security check and techniques in social engineering and other important topics
LO4	Investing Operating system Kali

Theoretical Sessions

Session No.	Title	Brief Description
A-1	Ticket (1)	Wired and wireless Networks and cellular Networks
B-1	Ticket (2)	Web Technology and programming sites and Database
A-2	Introduction in Ethical Hacking	A look at Information Security, Information Security Threats and Axis of Attack, Hacking phases, Patterns and Principles, Principles and axes of Ethical Hacking - Controls of Information Security, Laws and Parameters of Information Security
B-2	Fingerprint and reconnaissance	Fingerprint principles, Fingerprint methodology, Fingerprint tools, Fingerprint precautionary procedures, Fingerprint penetration test.
A-3	Network Scanning	A look at Network Scanning, Working Systems Detection Techniques, Open Gates Detection Techniques, Scanning Techniques, Evading IDS systems techniques, Banner Grabbing, Vulnerability Scanning, Network Charting, How to Use Proxies and in Attacks, Detection Techniques, Scanning penetration testing.
B-3	Enumeration	Enumeration Principles, NetBIOS Enumeration, SNMP Enumeration, LDAP Enumeration, NTP Enumeration, SMTP and DNS Enumeration - Precautionary Enumeration Procedures, Enumeration Hacking Test
A-4	Systems Hacking	Decoding passwords, Transferring, Executing applications - Hiding files, trace coverage, Hacking Test
B-4	Malware threats	Introduction to malware software, Trojans principles, Principles of viruses and computer worms, Reverse malware software engineering, Malware detection, Preventive measures, Anti-malware programs, Hacking test
A-5	Sniffing	sniffing principles, MAC attacks, DHCP attacks, ARP poisoning, Phishing attack, DNS poisoning, Sniffing tools, Precautionary measures, sniffing detection techniques, sniffing hacking test
B-5	Social Engineering	Principles of social engineering, Social engineering techniques, Impersonation on social networking sites, Identity theft, Precautionary measures, hacking test
A-6	Denial of Service	DoS and DDoS fundamentals, DoS and DDoS attack techniques, Botnets, DDoS case study, DoS and DDoS attack tools, Precautionary measures, DoS and DDoS protection tools, Hacking test
B-6	Session Hijacking	Principles of hijacking session, Session hijacking at the application level, Session hijacking at the network level, Session hijacking tools, Precautionary measures, Hacking test
A-7	Hacking Web servers	Web server principles, Web server attacks, Attack methodology, Web server attack tools, Precautionary measures, Patch management, Web server security tools, hacking testing
B-7	Hacking Web servers	Web application principles, Web application threats, hacking methodology, Web application hacking tools, Precautionary measures, Security tools, Hacking test.
A-8	SQL Injection	SQL injection fundamentals, SQL injection patterns, SQL injection methodology, SQL injection tools, Evasion techniques, Precautionary measures
B-8	Hacking Wireless Networks	Principles of wireless networks, Wireless network encryption, Wireless network threats, Wireless network hacking methodology, Wireless networks hacking tools, Bluetooth hacking, Precautionary measures, Wireless security tools, Wi-Fi hacking test
A-9	Hacking mobile Platforms	Attack axes on mobile phones, Hacking of Android Operating Systems, IOS hacking, hacking of Windows Phone Operating Systems, BlackBerry hacking, Cellular Phone Management, Cellular Phone Security Tools and Guidance, Cellular Phone hacking test
B-9	Evading IDS, Firewall and Honeypots Technology	Principles of IDS, firewall and honeypots systems, IDS solutions, firewalls and honeypots, evading IDS systems, Evading firewalls, IDS and firewall evading tools, honeypots detection, Precautions to avoid IDS and firewall systems, hacking test.
A-10	Cloud Computing	Introduction to cloud computing, Cloud computing threats, Cloud computing attacks, Cloud security, Cloud security tools, Cloud hacking testing.
B-10	Cryptography	Encryption principles, Encryption algorithms, Encryption tools, PKI, Electronic mail encryption, Disk encryption - Encryption attacks, Analysis tools

Synchronized practical sessions

Session No.	Session Title	Brief Description
1	Fingerprint and reconnaissance	Windows command editor tools, Persons’ Internet search services, Firebug, Web Data Extractor, HT track, Email tracking, Whois, Path Analyzer Pro, Maltego, Recon-ng, FOCA, SearchDiggity
2	Network Scanning part 1	HPING3, Colasoft Packet Builder, MegaPing, Nmap, various scanning technologies, Netscan Tools Pro, Evading scan detection
3	Network Scanning part 2	Nessus, GFI LanGuard, Network Technology Mapper, The Dude, Proxy Workbench, Proxy Switcher, CyberGhost
4	Enumeration	Global Network Inventory, Advanced IP Scanner, SuperScan, Heyna, Enumeration services, ADExplorer, SNMPCHECK, DNS interrogation tools
5	Systems Hacking part 1	Decoding SAM fingerprints to access password, Creating and using rainbow tables, L0phtCrack, Exploiting customer weaknesses and creating a VNC session, Gaining an account with authority by exploiting customer weaknesses, Using FreeSSHd vulnerabilities and accessing the targeted system, Metasploit / Meterpreter - RemoteExec
6	Systems Hacking part 2	NTFS, Hiding files using Data strings, SpyTech SpyAgent, Power Spy Open Stego, Quick Stego, Data Stego using white spaces, ADS Spy, Auditpol
7	Malware threats Part 1	HTTP RAT, Mo Sucker, njRAT, SwayzCryptor, ProRAT, Theef, Atelier, Web Remte Commander, Umbra Loader
8	Malware threats Part 2	JPS Virus Maker, Ghost Eye, Thing, IDA Pro, VirusTotal, OllyDbg, CurrPorts, Trojans Detection
9	Sniffing	WireShark, Capsa Network Analyzer, OmniPeek Network Analyzer, SMAC, Xarp, Detection of ARP poisoning in a network based on switches, Executing DNS poisoning in a Network based on switches
10	Social Engineering	Netcraft, Phish Tank, SET
11	Service Denial	Metaspoilt, hping3, DoSHTTP, Sloloris, HOIC, KFsensor
12	Session Hijacking	ZAP, Firebug, sslstrip, Websploit
13	Hacking Web Servers	Skipfish, httprecon, ID serve, Metaspoit, Shellshock, Dictionary Attack
14	Hacking Web Services	XSS, WPScan , Metasploit, DVWA, w3af, Acunetix WVS
15	SQL Injection	MS SQL, DVWA, AppScan, WebCruiser, N-Stalker
16	Hacking Wireless Networks	AirPcap, OmniPeek, Aircrack-ng
17	Hacking Mobile Platforms	Securing Android Platforms, Android, SET, DoS
18	Evading IDS, Firewall and Honeypots Technology	HoneyBot, KFSensor Honepot IDS, Nmap, HTTP/FtP Tunneling
19	Cloud Computing	OwnCoud, Building a secure channel for cloud information - Hacking the cloud by getting passwords, zANTI
20	Cryptography	Checksum Verifier, Hash Calc, MD5 calculator, CryptoForge, Encryption Package, BCTextEncoder, HeartBleed, VeraCrypt, Rohos Disk, Cryptool, Self-signed Certificates

Certificates

The student who successfully completes the course receives the following certificates:

Attendance certificate: For students who attended 80% of synchronized sessions.
Passing Certificate Equivalent to the EC-Council Certificate: Students who have received a certificate of attendance and have passed the course’s exam (which is an exam similar to the ones held by the EC-Council) with a minimum degree of 75%.

Students who have received an attendance certificate and could not pass the exam can only repeat the exam with a subsequent course to obtain the second certificate. Students who do not have a certificate of attendance must repeat the entire course to obtain the certificates.

Social links

SVU

Mede publishings

Certified Ethical Hacker

Certified Ethical Hacker

CEH

Social links

Search form

Mede publishings

Certified Ethical Hacker

CEH