Certified Ethical Hacker (CEH) Version 11 (ECC 312-50) Part 3

Learn to be an Ethical Hacker

This is an exciting cyber security training series teaching students hacking techniques and types of attacks to become an ethical hacker. This Extensive CEH v11 Instructional Series Includes 3 Individual online courses covering current security domains and is the path to achieving your ethical hacking certification:

• Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50)
• Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50)
• Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50)
• Instructor – Chrys Thorsen

What is an Ethical Hacker

Ethical hacking, also known as “white hat” hacking, is the practice of using computer skills to test and improve the security of a computer system or network. Ethical hacking uses expertise to identify and fix vulnerabilities in systems, rather than exploit them for personal gain or to cause harm. This type of ethical hacking is typically done with the permission of the owner of the system being tested and is often done by cybersecurity professionals as a way to prevent malicious hackers, who are sometimes referred to as “black hat” hackers, from gaining access to a system.

Certified Ethical Hacker (CEH) Version 11 Part 1: Foundations (ECC 312-50) Course Includes

• Copies of all slides used in course
• Flashcards
• Games
• Practice Exam Questions/Test
• Certificate of Completion

This course is the first in a three-part comprehensive series on ethical hacking. Students will build the foundational skills necessary to not only choose the right tools when performing a cybersecurity penetration test, but to also be able to explain why the chosen technique will work. Throughout this entire series, all lessons and topics are infused with real world examples, walkthroughs of actual penetration testing scenarios, and extensive hands-on learning for ethical hacking.

In this Ethical hacking Foundations course, students will learn network security and how networks, protocols, and networking devices work. They will gain in-depth understanding of the network security limits found in a traditional networks and how to exploit those limits. They will learn ethical hacking concepts, the cyber kill chain process, operating system vulnerabilities, network security and how to use Linux as an attack platform. They will practice essential Windows and Linux commands, research and download the latest exploit source code, and compile and use that code against a target. As a cyber security professional, they will also learn about relevant laws and how best to serve their clients’ needs when auditing a computer or network security. They will examine the controls used to protect a company’s digital assets and what it takes to circumvent such controls.

Certified Ethical Hacker (CEH) Version 11 Part 2: Ethical Hacker (ECC 312-50) Course Includes

• Copies of all slides used in course
• Flashcards
• Games
• Practice Exam Questions/Test covering cybersecurity domain
• Certificate of Completion

Online Ethical Hacking Online Course Description:

Ethical Hacker is the second in a three-part comprehensive series on white-hat hacking. Students will research, discover and scan targets, analyze vulnerabilities and test attack methods and tools for practical experience. The focus of this course is to solve the challenge of breaking into a computer system, collect evidence of success, and escape unnoticed. As before, every lesson and topic are infused with step-by-step guided practice using real hardware and software-based hacking tools. Throughout both lecture and hands-on activities, the instructor provides commentary from the field including tips, tricks and hard-learned lessons.

Students will learn to application hacking with Windows and Linux systems, enumerate targets, steal information, hide secret messages in plain sight, and cover their tracks with this application attacks. They will crack passwords, intercept transmissions, use malware threats to compromise services, social engineer the unsuspecting, and sniff, spoof, escalate, and denial-of-service their way to “pwning” a target*. Along with such venerable tools as nmap and netcat, students will learn how to use the Metasploit Framework and Kali Linux to test a wide array of attacks and find app vulnerability. They will search Exploit-DB, GitHub and other sites for the latest exploit code, using those hacks when existing tools just won’t do.

* To pwn: (pronounced “pone”). In hacker vernacular, to “punk” and “own” (completely take over) a system.

Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50) Course Includes

• Copies of all slides used in course
• Flashcards
• Games
• Practice Exam Questions/Test
• Certificate of Completion

Online Course Description:

Advanced Ethical Hacker is the last in a three-part comprehensive series on white-hat hacking. In this course, students will take their penetrating skills to the next level, branching out into hacking web applications, websites, Wi-Fi, hacking mobile platforms, IoT/OT, hacking web servers, and cloud computing. They will employ encryption, hijack sessions, evade firewalls and intrusion detection, and test honeypots.

Students will evaluate a wide array of concepts of hacking and exploits against web applications and develop a vulnerability analysis. These include website defacement, command/SQL/iFrame injection, man-in-the-browser parameter tampering, cross-site scripting, malicious attacks, request forgeries, and attacks against XXE, SOAP, and AJAX. Students will then learn how to deploy a Wi-Fi “pineapple”, performing Evil Twin, KARMA, and KR00K attacks on wireless clients. They will crack WPA2 and WPS while learning the secret vulnerabilities of WPA3. They will hack mobile devices, steal files from an iPhone, capture audio and video from an Android phone, hack Bluetooth, clone an RFID badge, crack an encrypted NFC card, and plant a Raspberry PI “back door” on a target network. They will then move on to more exotic targets such as the Internet of Things, Industrial Control/SCADA Systems, and cloud-based networks.

Why you should take this course:

This online course ensures that you have the critical background necessary to build a successful career in cyber security. So many hacking classes only teach the tools, or the specific vulnerabilities of a particular target. They often fail, however, to ensure that you have the understanding needed to be more than just a “script kiddie”. Not only does this course and series cover all of the CEH 312-50 exam objectives, it also ensures that you can find and use the latest tools necessary to conduct attack techniques for successful ethical hacking campaign.

Intended audience:

This course is intended for IT professionals including:

• Ethical hackers
• System Administrators
• Security Analyst
• Security Consultant
• Subject Matter Experts
• Cloud Security Experts
• Network Administrators
• Engineers
• Web managers
• Auditors
• Security Professionals
• SOC Security

Course prerequisites:

Before taking this course:

• You should have a basic understanding of networking and operating system essentials (CompTIA Network+ or Security+ certification or equivalent knowledge is helpful though not required).
• You will also need a 64-bit PC that supports VMware Workstation Player virtualization, with a minimum of 8 GB of RAM (16 GB is preferred), 40 GB of free disk space, running Windows 8.1 Professional or later.

Course Outline

Certified Ethical Hacker (CEH) Version 11 Part 3: Advanced Ethical Hacker (ECC 312-50) Course Outline

Download Course Outline

Module 61 – CEH v11 Advanced Ethical Hacker Course Intro

61.1 About This Course: Advanced Ethical Hacker

61.2 About the Instructor

Module 62 – CEH v11 Session Hjacking

62.1 Session Hijacking Concepts

62.2 Token-based Authentication

62.3 Compromising a Session Token

62.4 XSS

62.5 CSRF

62.6 Other Attacks

Module 63 – CEH v11 Defending Against Hijacking

63.1 Network Level Hijacking

63.2 Session Hijacking Tools

63.3 Session Hijacking Countermeasures

63.4 Session Penetration Hijacking

63.5 Review

Module 64 – CEH v11 Implementing Intrusion Detection

64.1 IDS-IPS

64.2 Snort

64.3 Snort Rules

64.4 Syslog

Module 65 – CEH v11 Testing Intrusion Detection

65.1 WIPS

65.2 IDS Considerations

65.3 IDS Tools

65.4 IDS Evasion

65.5 IDS-Firewall Evasion Tools

65.6 IDS Scenerios

Module 66 – CEH v11 Implementing Firewalls

66.1 Firewalls

66.2 Packet Filtering Rules

66.3 Firewall Deployments

66.4 Traffic Flow through Firewalls

66.5 Split DNS

Module 67 – CEH v11 Testing Firewallls

67.1 Firewall Tools

67.2 Firewall Evasion

67.3 Firewall Scenarios

Module 68 – CEH v11 Implementing Honeypots

68.1 Honeypots

68.2 Honeypot Detection

68.3 IDS-Firewall Evasion Countermeasures

68.4 IDS-Firewall Honeypot Penetration Testing

68.5 Review

Module 69 – CEH v11 Attacker Webserver

69.1 Webserver Security Overview

69.2 Common Webservers

69.3 Webserver Attacks

69.4 Misconfiguration Attack Examples

Module 70 – CEH v11 Webserver Defense

70.1 Webserver Attack Tools

70.2 Attack Countermeasures

70.3 Webserver Penetration Testing

70.4 Review

Module 71 – CEH v11 Intro To Web Apps

71.1 Web Application Concepts

71.2 Attacking Web Apps

Module 72 – CEH v11 OWASP Top 5 Web App Vulnerabilities

72.1 A01 – Broken Access Control

72.2 A02 – Cryptographic Failures

72.3 A03 – Injection

72.4 A04 – Insecure Design

72.5 A05 – Security Misconfiguration

Module 73 – CEH v11 OWASP Additional Web App Vulnerabilities

73.1 A06 – Vulnerable and Outdated Components

73.2 A07 – Identification and Authentication Failures

73.3 A08 – Software and Data Integrity Failures

73.4 A09 – Security Logging and Monitoring

73.5 A10 – Server Side Request Forgery

Module 74 – CEH v11 Common Web App Attacks

74.1 XSS Attacks

74.2 CSRF

74.3 Parameter Tampering

74.4 Clickjacking

74.5 SQL Injection

Module 75 – CEH v11 Unauthorized Access Through Web Apps

75.1 Insecure Deserialization Attacks

75.2 IDOR

75.3 Directory Traversal

75.4 Session Management Attacks

75.5 Response Splitting

Module 76 – CEH v11 Web App Overflow Attacks

76.1 Denial of Service

76.2 Overflow Attacks

76.3 XXE Attacks

76.4 Soap Attacks

76.5 Ajax Attacks

Module 77 – CEH v11 Defending Web Apps

77.1 Web App Hacking Tools

77.2 Web Hacking Countermeasures

77.3 Web Application Penetration Testing

77.4 Review

Module 78 – CEH v11 Intro To SQL Injection

78.1 SQL Overview

78.2 SQL Injection Concepts

78.3 Basic SQL Injection

Module 79 – CEH v11 Performing SQL Injection

79.1 Finding Vulnerable Websites

79.2 Error-based SQL Injection

79.3 Union SQL Injection

79.4 Blind SQL Injection

79.5 SQL Injection Scenarios

79.6 Evading Detection

Module 80 – CEH v11 Defending Against SQL Injection

80.1 SQL Injection Tools

80.2 SQL Injection Countermeasures

80.3 Safe Coding Examples

80.4 SQL Wildcards

80.5 SQL Injection Penetration Testing

80.6 Review

Module 81 – CEH v11 Wireless Networking Overview

81.1 Wireless Concepts

81.2 Wireless Signal Encoding

81.3 Wi-Fi Standards

81.4 Wi-Fi Antennas

81.5 Wireless Authentication

Module 82 – CEH v11 Wi-Fi Security

82.1 Wi-Fi Security Standards

82.2 Wireless Network Troubleshooting Tools

82.3 Wi-Fi Discovery Tools

82.4 Sniffing Wi-Fi

Module 83 – CEH v11 Hacking Wi-Fi

83.1 Wi-Fi Attack Types

83.2 Wi-Fi Rogue Access Point Attacks

83.3 Wi-Fi Denial of Service Attacks

83.4 Wi-Fi Password Cracking Attacks

83.5 WEP Cracking

Module 84 – CEH v11 Advanced Wireless Attacks

84.1 WPA-WPA2 Cracking

84.2 WPA3 Attacks

84.3 WPS Cracking

84.4 Wi-Fi Attack Tools for Mobile Devices

84.5 Bluetooth Hacking

84.6 Other Wireless Hacking

Module 85 – CEH v11 Defending Wireless Networks

85.1 Wireless Hacking Countermeasures

85.2 Wireless Security Tools

85.3 Wireless Penetration Testing

85.4 Review

Module 86 – CEH v11 Mobile Platform Overview

86.1 Mobile Platform Overview

86.2 Mobile Device Vulnerabilities

86.3 Mobile Device Attacks

Module 87 – CEH v11 Hacking Android

87.1 Android

87.2 Android Vulnerabilities

87.3 Rooting Android

87.4 Android Exploits

87.5 Android Hacking Tools

87.6 Reverse Engineering an Android App

87.7 Securing Android

Module 88 – CEH v11 Hacking iOS

88.1 iOS

88.2 iOS Vulnerabilities

88.3 Jailbreaking iOS

88.4 iOS Exploits

88.5 iOS Hacking Tools

88.6 Securing iOS

Module 89 – CEH v11 Mobile Platform Defense

89.1 Mobile Device Management

89.2 BYOD

89.3 Mobile Security Guidelines and Tools

89.4 Mobile Device Penetration Testing

89.5 Review

Module 90 – CEH v11 IoT Hacking

90.1 loT Concepts

90.2 loT Infrastructure

90.3 Fog Computing

90.4 loT Vulnerabilities

90.5 loT Threats

Module 91 – CEH v11 IoT Defense

91.1 IoT Hacking Methodologies and Tools

91.2 IoT Hacking Methodolgies and Tools Part 2

91.3 Hacking Countermeasures

91.4 IoT Penetration Testing

91.5 OT Concepts

91.6 Industrial IoT

Module 92 – CEH v11 Operational Technology Overview

92.1 IT-OT Convergence

92.2 ICS

92.3 SCADA

92.4 DCS

92.5 RTU

92.6 PLC

92.7 Addition OT Components

Module 93 – CEH v11 Hacking OT

93.1 OT Variables

93.2 Well-known OT attacks

93.3 OT Attack Methodology and Basic Tools

93.4 OT Reconnaissance

93.5 OT Penetration and Control

Module 94 – CEH v11 Defending OT

94.1 OT Attack Tools

94.2 OT Hacking Countermeasures

94.3 OT Penetration Testing

94.4 Review

Module 95 – CEH v11 Attacking The Cloud

95.1 Cloud Computing Concepts

95.2 Virtualization

95.3 Cloud Types

95.4 Cloud Benefits and Considerations

95.5 Cloud Risks and Vulnerablilities

Module 96 – CEH v11 Cloud Defense

96.1 Cloud Threats and Countermeasures

96.2 Cloud Security Tools

96.3 Cloud Security Best Practices

96.4 Cloud Penetration Testing

96.5 Review

Module 97 – CEH v11 Cryptography Overview

97.1 Cryptography Concepts

97.2 Symetric Encryption

97.3 Asymmetric Encryption

97.4 Public Key Exchange

97.5 PKI

Module 98 – CEH v11 Protecting Data With Crytography

98.1 Digital Certificates

98.2 Digital Signatures

98.3 Hashing

98.4 Email Encryption

98.5 Network Communication Encryption

Module 99 – CEH v11 Protecting Data at Home and in Transit

99.1 Disk Encryption

99.2 VPN Encryption

99.3 Cryptography Tools

Module 100 – CEH v11 Pentesting Cryptography

100.1 Cryptography Attacks

100.2 Cryptography Penetration Testing

100.3 Review

100.4 Conclusion

Your Training Instructor



Chrys Thorsen

Education and Technology Expert

Add to Cart