Shopping Cart  [0]

Call 800.698.5501

EC-Council - Certified Ethical Hacker CEH Boot Camp

ceh Certification Training
TrainingCamp Twitter Feed
CEH Certification Training

Our 5-day CEH v9 Boot Camp prepares candidates for the CEH 312-50 exam offered by EC-Council, which is taken onsite at the end of the class. The course focus is on hacking techniques and technology from an offensive perspective, and is regularly updated to reflect latest developments in hacking techniques.

As you prepare for the CEH certification exam, you will master an ethical hacking methodology that can be used in a penetration testing or ethical hacking situation. “To beat a hacker, you need to think like a hacker”. Our EC-Council Master instructors will immerse you into the hacker mindset so that you will be ready to defend against future attacks.

In addition to our public course schedule, we can also offer Private Group Training with the Official EC-Council CEH exam hosted at your office or any location in the world.

Enrollment Information

CEH Training Pricing View Pricing
CEH Certification Schedule Course Schedule

CEHv9 Boot Camp

Duration: 5 days
Exam Voucher: Included
Testing: Delivered On-Site
GI Bill Eligible: ≤ 100% of Fees
GSA Catalog: GS-02F-0044T
CEHv9 Certification Training
ceh Certification Training Details

  • Official CEH v9 Courseware
  • Training Camp's Exam Prep Study Guide
  • 2200 Hacking Tools
  • 20+ Hours of Interactive Self-Study Materials
  • 400+ Realistic Practice Exam Questions

  • 1 CEH Exam Voucher
  • Onsite Testing
  • 100% Certification Guarantee
  • 140 Scenario-Based Labs
  • CEH Re-Certification Package

  • Post 9/11 G.I. Bill
    Your G.I. Bill benefits may cover up to 100% of tuition, courseware, lodging, testing and other training-related costs as well.

    NICE Framework
    CEH v9 maps to National Initiative for Cybersecurity Education (NICE) framework speciality area category 'Protect and Defend.

    DoD/Military Discounts
    We offer expanded options to maximize training budget, within micro-purchase threshold for Government & Military personnel

    ceh  Certification Training Leader

    Training Camp has successfully delivered hands-on, accelerated training courses for I.T. Certification to over 85% of Fortune 500 companies. Training Camp pioneered the first exam-focused Security Certification Training Program "Boot Camp" in 1999, and has since successfully certified thousands of professionals.

    Our experience at preparing students for the CEH certification has resulted in numerous Circle of Excellence recognitions as an EC-Council partner.

    ceh Courseware
    Highest Rated Custom CEH Courseware

    Our Add-on Courseware was designed by an extensive team of leading industry authors, subject matter experts, and courseware designers, constantly incorporating feedback from our thousands of alumni students. This program was built from the ground up for this format, not mixed together from other courseware.

    ceh Instructors
    EC-Council Certified Instructors

    We utilize Certified CEH instructors who are Subject Matter Experts well-versed in accelerated learning and exam preparation during our CEH Boot Camp. Their delivery accommodates every student's learning needs through individualized instruction, lab partner and group exercises, independent study, self-testing, and question/answer drills.

    ceh Exam Practice Tests
    Detailed Evening Review & Realistic CEH Practice Exams

    This zero-distraction, accelerated CEH program includes value-added evening review sessions & constantly updated practice exam review drills - representative of the actual exam questions delivered during the official certification tests.

    ceh Exam
    Hosted Onsite Official CEH Exam

    We host the official CEH Certification exam during the class on day 5 for our students. Because the examinations are delivered as part of the class, our students leave certified, guaranteed.

    ceh Candidate
    This Ethical hacking training course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

    Professionals that are interested testing and securing the information security posture of their organization, and earn the highly sought-after certified ethical hacker certification, this is the right class for you.

    ceh Certification Course Outline

    Overview of Ethical Hacking

    • Reports on Internet Crime and Data Breach Investigations
    • Typical Data Stolen
    • Common Terms and InfoSec Elements
    • Non-Repudiation and Authenticity
    • Triangle of Security, Functionality, and Usability
    • Challenges in Security and the Aftermath of Hacking
    • Overview of a Hacker
    • Hacktivism
    • 5 Phases of a Hack
    • Various Types of System Attacks
    • Purpose of Ethical Hacking and Necessary Skills
    • Scope and Limitations
    • Vulnerability Research
    • Overview of and Methods for Pen Testing

    Footprinting and Recon

    • Common Terms and Overview of Footprinting
    • Objectives and Common Threats of Footprinting
    • Uncovering URLs, Public and Restricted Sites
    • Uncovering Company Information Online
    • Search Engine Footprinting
    • Gathering Information About Location and People
    • Uncovering Financial Services Information
    • Utilizing Job Sites
    • Utilizing Alerts for Target Monitoring
    • Gathering Competitive Intelligence
    • Overview of and Tools for WHOIS Lookup
    • Extracting Information about DNS
    • Locating Network Range
    • Traceroute Tools
    • Website Mirroring Techniques and Tools
    • Utilizing and Website Watcher
    • Email Tracking
    • Google Hacking Techniques
    • Google Advance Search Operators
    • Google Hacking Database (GHDB) and Other Google Hacking Tools
    • Additional Tools
    • Countermeasures and Penetration Testing for Footprinting

    Network Scanning

    • Overview of and Tools for Network Scans
    • ICMP Scanning
    • Tools for Ping Sweep
    • 3-Way Handshake
    • TCP Communication Flags and Custom Packets
    • Hping2 / Hping3 and Commands for Hping
    • Techniques for Network Scanning
    • IDS Evasion
    • Tools for IP Fragmentation
    • Overview of Scanning Tools
    • IP Addresses to Avoid Scanning
    • Countermeasures for Scanning
    • Overview of War Dialing Tools and Countermeasures
    • OS Fingerprinting
    • Overview of the ID Serve Tool
    • GET REQUESTS Command Line
    • Netcraft and Other Banner Grabbing Tools
    • Banner Grabbing Countermeasures
    • Hiding File Extensions
    • Vulnerability Scanning Tools and Network Vulnerability Scanners
    • LANsurveyor
    • Network Mappers
    • Overview and Uses of Proxy Servers
    • MultiProxy, Free Proxy Servers and Proxy Workbench
    • Proxifier
    • SocksChain
    • TOR and TOR Proxy Chaining Software
    • HTTP Tunneling Overview and Techniques
    • Super Network
    • Httptunnel for Windows and other HTTP Tunneling Tools
    • SSH Tunneling
    • Overview of the Tool for SSL Proxy
    • Other Types of Proxy Tools
    • Anonymizers Overview, Types and Tools
    • Avoid Filters
    • Circumventing Censorship
    • G-Zapper
    • IP Address Spoofing, Detection and Countermeasure Techniques
    • Scanning – Pen Testing


    • Enumeration Overview and Techniques
    • Netbios Tools
    • Enumerating User Accounts and Systems
    • SNMP Tools
    • UNIX/Linux Tools
    • LDAP Tools
    • NTP Tools
    • SMTP Tools
    • nslookup for DNS Zone Transfer
    • Countermeasures
    • Enumeration – Penetration Testing

    System Hacking

    • Gathering Information
    • Establishing Goals and CEH Hacking Method
    • Password Cracking Techniques
    • Microsoft Authentication
    • Overview of Hash Passwords in Windows SAM
    • LAN Manager Hash
    • Authentication Protocol – Kerberos
    • Cryptographic Salts
    • Password Dumping Tools
    • Password Cracking Tools
    • LM Hash Backward Compatibility
    • Password Cracking Defense Techniques
    • Privilege Escalation, Tools and Defense Techniques
    • Active@ Password Changer
    • Executing Applications and Remote Execution Tools
    • Overview and Types of Keystroke Loggers
    • Acoustic/CAM Keylogger
    • Overview and Types of Spyware
    • Keylogger Defense Techniques
    • Spyware Defense Techniques
    • Rootkits Overview, Types, Detection and Defense
    • NTFS Data Stream
    • Steganography Types, Techniques and Tools
    • Image, Document, Video, Audio, Folder, Spam/Email and Natural Text Steganography
    • Steganalysis Methods/Attacks
    • Steganography Detection Tools
    • Tools for Clearing Your Tracks
    • System Hacking – Pen Testing

    Trojans and Backdoors

    • Introduction to Trojans and Their Purpose
    • Overt and Covert Channels
    • Infecting a System with a Trojan and Signs of a Trojan Attack
    • Common Ports Used and Ways to Get a Trojan into a System
    • Wrappers
    • Deploying Trojans
    • Evading Anti-Virus
    • Trojan Types
    • Destructive Trojans
    • Notification Trojans
    • Credit Card Trojans
    • Encrypted Trojans
    • PhoneSnoop – Blackberry Trojan
    • DNSChanger and Hell Raiser – MAC OS X Trojans
    • Trojan Detection
    • Monitoring Tools
    • Registry Entry Scanning and Monitoring Techniques
    • Device Drivers Scanning
    • Windows Services Scanning
    • Startup Programs Scanning
    • Files and Folders Scanning
    • Network Activities Scans
    • Trojan and Backdoor Countermeasures
    • Trojan Horse Construction Kit
    • Types of Anti-Trojan Software
    • Trojans and Backdoors – Pen Testing

    Viruses and Worms

    • Overview of Viruses and 2010 Virus and Worm Statistics
    • Virus Life Stages
    • Virus Infection and Attack Phases
    • Signs of an Attack
    • Virus Hoaxes
    • Analysis of a Virus
    • Virus Types
    • Transient and Terminate and Stay Resident Viruses
    • Making a Simple Virus
    • Overview of Worms
    • Worms vs. Viruses
    • Analysis of Worms
    • Creating a Worm
    • Sheep Dip Computer
    • Anti-Virus Sensors Systems
    • Process for Malware Analysis
    • Bintext – String Extraction Tool
    • UPX – Compression and Decompression Tool
    • Process Monitor – Process Monitoring Tools
    • NetResident – Log Packet Content Monitoring Tools
    • Ollydbg – Debugging Tool
    • IDA Pro – Virus Analysis Tool
    • Tools for Online Malware Testing and Analysis Services
    • Methods for Virus Detection and Countermeasures
    • Immunet Protect
    • Anti-virus Tools
    • Virus – Pen Testing


    • Lawful Intercept
    • Wiretapping
    • Overview of a Sniffer and Prevalent Threats
    • Switch Attacks
    • Active and Passive Sniffing
    • Vulnerable Protocols
    • OSI Model – Data Link Layer Ties
    • Analyzers for Hardware Protocol
    • SPAN Port
    • MAC Flooding
    • DHCP Overview and Attacks
    • ARP Overview and Attacks
    • DHCP Snooping and Dynamic ARP Inspection Configuration on Cisco Switches
    • MAC Spoofing/Duplicating
    • Domain Name System Poisoning Techniques
    • Sniffing Tools
    • Discovery Tools
    • Password and Packet Sniffing Tools
    • OmniPeek
    • Observer
    • NetWitness
    • Big-Mother
    • Packet Builder
    • Other Sniffing Tools
    • Network Hacking with Sniffers
    • Sniffing Defense and Prevention Techniques
    • Detecting a Sniffer
    • Promiscuous Detection Tools

    Social Engineering

    • Overview and Effectiveness of Social Engineering
    • Vulnerable Behaviors
    • Signs of a Social Engineering Attack
    • Attack Phases
    • Organizational Impact
    • Command Injection Attacks
    • Common Targets
    • Social Engineering Types
    • Insider Attacks
    • Intrusion Tactics and Prevention Strategies
    • Social Engineering on Social Networks
    • Social Networking Risks
    • 2010 Statistics on Identity Theft
    • Countermeasures
    • Phishing Detection
    • Identity Theft Countermeasures
    • Social Engineering – Pen Testing

    Denial of Service

    • Overview of a DoS Attack
    • DoS Attack Symptoms
    • Cyber Criminals
    • ICQ – Internet Chat Query
    • IRC – Internet Relay Chat
    • Techniques for a DoS Attack
    • Botnets
    • WikiLeak Operation Payback
    • DoS Tools for Attack
    • Detection Techniques
    • Strategies for Countermeasures
    • DoS/DDoS Attack Countermeasures
    • Forensics After the Attack
    • Botnets Defensive Techniques
    • DoS/DDoS ISP Level Protection
    • TCP Intercept on Cisco IOS Software
    • IntelliGuard DDoS Protection System (DPS) – Advanced DDoS Protection
    • DoS/DDoS Protection Tools
    • DoS – Penetration Testing

    Session Hijacking

    • Overview of Session Hijacking
    • Dangers of Hijacking
    • Why Session Hijacking is Successful?
    • Hijacking Techniques
    • Brute Force Attack
    • HTTP Referrer Attack
    • Spoofing vs. Hijacking
    • The Hijacking Process
    • Local Session Hijack Packet Analysis
    • Session Hijacking Types
    • Predictable Session Token
    • Man-in-the-Middle and Man-in-the-Browser Attacks
    • Client-Side and Cross-Site Script Attacks
    • Session Fixation
    • Hijacking at the Network Level Session
    • Three-Way Handshake
    • Sequence Numbers
    • TCP/IP Hijacking
    • IP Spoofing: Source Routed Packets
    • RST and Blind Hijacking
    • Packet Sniffer for Man-in-the-Middle Attack
    • UDP Hijacking
    • Tools for Session Hijacking
    • Countermeasures
    • Session Hijacking Protection
    • Methods for Web Developers to Prevent Session Hijacking
    • Methods for Web Users to Prevent Session Hijacking
    • Defense for Session Hijack Attacks
    • Session Hijacking Remediation
    • IPSec
    • Session Hijacking – Penetration Testing

    Hijacking Webservers

    • Webserver Market Shares
    • Open Source and IIS Webserver Architectures
    • Defacing a Website
    • Webserver Attack Impacts and Misconfiguration
    • Directory Traversal Attacks
    • HTTP Response Splitting Attack
    • Web Cache Poisoning Attack
    • HTTP Response Hijacking
    • SSH Bruteforce Attack
    • Man-in-the-Middle Attack
    • Webserver Password Cracking Tools and Techniques
    • Application Attacks
    • Methods and Tools for a Webserver Attack
    • Attack Countermeasures
    • Defense Options for Web Server Attacks, Web Cache Poisoning and HTTP Response Splitting
    • Patches and Hotfixes
    • Overview of Patch Management
    • Sources for Updates and Patches
    • Patch Installation and Patch Management Tools
    • Sandcat
    • Wikto
    • HackAlert
    • Webserver Security Tools
    • Web Server – Pen Testing

    Hacking Web Apps

    • Introduction and Statistics of Web Applications
    • App Components and Architecture
    • Web 2.0 Apps
    • Vulnerability Stack
    • Web Attack Vectors
    • Threats to Web Applications
    • Unvalidated Input
    • Tampering Parameters and/or Forms
    • Directory Traversal
    • Misconfigured Security
    • Injection Flaws and Attacks
    • Overview of LDAP Injection
    • Manipulating Hidden Fields
    • XSS Attacks Overview and Types
    • Web App DoS Attack
    • Buffer Overflow Attacks
    • Cookie Poisoning
    • Session Fixation Attacks
    • Insufficient Transport Layer Protection
    • Improper Error Handling
    • Cryptographic Storage Insecurities
    • Broken Authentication and Session Management
    • Unvalidated Redirects and Forwards
    • Web Services Architecture and Attacks
    • Types of Footprint Web Infrastructure
    • Burp Suite for Web Spidering
    • Web Server Hacks
    • Web Applications Analysis
    • Mechanisms for Attack Authentication
    • Username Enumeration
    • Types of Password Attacks
    • Session Attack Types
    • Exploiting Cookies
    • Tampering for an Authorization Attack
    • Session Management Attack
    • Injection Attacks
    • Data Connectivity Attacks
    • Web App Client and Web Services Attacks
    • Probing Attacks
    • Tools for Web Services Attacks
    • Tools for Web Application Hacks
    • Encoding Schemes
    • Countermeasures to Web App Attacks
    • Types of Firewalls for Web Applications
    • Web Application – Penetration Testing

    SQL Injection

    • Overview and Threats of SQL Injection
    • Types of SQL Injection Attacks
    • Server Side Technologies
    • HTTP Post Request
    • Attack Detection
    • Black Box Pen Testing for SQL Injection
    • Blind SQL Injection
    • Methods for SQL Injection
    • Extracting Information
    • Advanced Enumeration
    • Various DBMSs Features
    • Grabbing and Extracting Server Hashes
    • Database Transfer to Attacker’s Machine
    • OS Interaction
    • FileSystem Interaction
    • Full Query Network Reconnaissance
    • Tools for SQL Injection
    • Intrusion Detection System Evasion Techniques
    • Defense Methods and Detection Tools
    • Snort Rule for Detection

    Hacking Wireless Networks

    • Introduction to Wireless Networks
    • U.S. Wi-Fi Usage
    • Wi-Fi Public Hotspots and Home Networks
    • Types of and Standards for Wireless Networks
    • Service Set Identifier (SSID)
    • Authentication Process for Wi-Fi
    • Common Terms
    • Wi-Fi Chalking
    • Popular Hotspot Finders
    • Wireless and Parabolic Grid Antennas
    • Wireless Encryption Types – WEP, WPA, WPA2
    • Differences in Encryption Types
    • Issues with WEP
    • Weak Initialization Vectors (IV)
    • Breaking WEP and WPA/WPA2 Encryption
    • WPA Defense Techniques
    • Types of Wireless Threats
    • Types of Attacks through Unauthorized Access Point
    • DoS Attacks
    • Jamming Signal Attacks and Wi-Fi Jamming Devices
    • Methods for Wireless Hacking
    • Wi-Fi Network Scanning
    • Wireless Network Footprinting
    • Wi-Fi Discovery Tools
    • GPS Mapping
    • Wardriving
    • Analyzing Wireless Traffic
    • Wireless Cards and Chipsets
    • AirPcap
    • Wi-Fi Packet Sniffers
    • Spectrum Analysis
    • Wireless Sniffers
    • Aircrack-ng Suite
    • Uncovering Hidden SSIDs
    • Fragmentation Attack
    • Launching a MAC Spoofing Attack
    • Deauthentication and Disassociation – DoS Attacks
    • Man-in-the-Middle Attack – Aircrack-ng
    • ARP Poisoning Attack and Rogue AP
    • Creating a Hotspot Evil Twin
    • Cracking WEP with Aircrack
    • Cracking WPA-PSK with Aircrack?
    • WPA Cracking Tools
    • WEP/WPA Cracking with Cain & Abel
    • WEP/WPA Cracking Tools
    • Wi-Fi Sniffers
    • Wardriving Tools
    • RF Monitoring Tools
    • Tools for Wi-Fi Connection Manager
    • Tools for Wi-Fi Traffic Analyzer
    • Tools for Wi-Fi Raw Packet Capturing
    • Tools for Wi-Fi Spectrum Analyzing
    • Overview and Tools for Hacking Bluetooth
    • BlueJack a Victim
    • Bluetooth Defense
    • Rogue AP Detection and Defense Techniques
    • Layers for Wireless Security
    • Wireless Attack Defense Measures
    • Wireless IPS and IPS Deployment
    • Wi-Fi Security Auditing Tools
    • Wi-Fi IPS
    • Tools for Wi-Fi Predictive Planning
    • Tools for Wi-Fi Vulnerability Scanning
    • Wireless – Pen Testing

    IDS, Honeypot and Firewall Evasion

    • Overview and Detection Techniques for IDS
    • IDS Types
    • System Integrity Verifiers (SIV)
    • Signs of Intrusion and System Intrusion
    • Firewall Architecture
    • DMZ
    • Firewall Types
    • Identifying Firewalls
    • Types of Honeypots and Configuration Steps
    • Tools for Intrusion Detection
    • IDS – Tipping Point
    • Firewall – Sunbelt Personal Firewall
    • Honeypot Tools
    • Insertion Attack
    • Evasion
    • DoS
    • Obfuscating
    • False Positive Generation
    • Session Splicing
    • Unicode Evasion
    • Fragmentation Attack
    • Overlapping Fragments
    • Time-To-Live
    • Invalid RST Packets
    • Urgency Flag
    • Polymorphic Shellcode
    • ASCII Shellcode
    • Application-Layer Attacks
    • Desynchronization
    • Pre and Post Connection SYN
    • Evasion Types
    • Bypassing Blocked Sites
    • Bypassing Firewalls
    • Honeypot Detection Tools and Techniques
    • Firewall Evasion Tools
    • Packet Fragment Generators
    • Countermeasures
    • Firewall/IDS – Pen Testing

    Buffer Overflow

    • Introduction to Buffer Overflows
    • Program and Application Vulnerability
    • Understanding Stacks
    • Buffer Overflow – Stack-Based
    • Understanding Heap
    • Stack Operations
    • Programming Buffer Overflow Exploits
    • Steps in the Buffer Overflow Process
    • Simple Uncontrolled Overflow
    • Simple Buffer Overflow in C
    • Code Analysis
    • Exploiting Semantic Comments in C
    • Mutation of Buffer Overflow Exploitation
    • Buffer Overflows Identification and Detection
    • Buffer Overflow Utility
    • heap.exe
    • OllyDbg Debugger for Testing Stack Overflow
    • IDA Pro for Testing Format String Conditions
    • BoF Detection Tools
    • Defense Options
    • Data Execution Prevention
    • Enhanced Mitigation Experience Toolkit (EMET) Systems Settings and Application Window
    • /GS
    • BoF Security Tools
    • Buffer Overflow – Pen Testing


    • Overview and Types of Cryptography
    • Government Access to Keys
    • Ciphers
    • Advanced Encryption Standard and Data Encryption Standard
    • Algorithms: RC4, RC5, RC6
    • DSA and Related Signature Schemes
    • RSA Algorithm and Signature Scheme
    • One-way Bash Functions
    • Secure Hashing Algorithm
    • Overview of SSH
    • Types of MD5 Hash Calculators
    • Cryptography Tools
    • PKI
    • Certification Authorities
    • Digital Signature
    • SSL
    • Transport Layer Security
    • Disk Encryption Tools
    • Attacks on Cryptography
    • Methods for Code Breaking Attacks
    • Meet-in-the-Middle Attack – Digital Signature Schemes
    • Cryptanalysis Tools
    • Online MD5 Decryption Tools

    Penetration Testing

    • Overview of Pen Testing
    • Security and Vulnerability Assessments
    • Details of a Good Pen Test
    • Pen Testing ROI
    • Testing Points and Locations
    • Testing Types
    • Pen Testing Techniques
    • DNS Domain Name and IP Address Information
    • Enumerating Information about Hosts through Publicly-Available Networks
    • Pen Testing Attack Phases and Methodology
    • Outsourcing Services
    • Evaluating Tools
    • Application and Network Security Assessment Tools
    • Tools for Assessing Wireless/Remote Access
    • Tools for Assessing Telephony Security
    • Testing Network-Filtering Device Tools

    Click here to view our online course schedule and receive an instant price quote.