Certified Ethical Hacker (CEH)

• Fundamentals of ethical hacking and penetration testing
• Information security controls and laws
• Cyber kill chain and hacker methodologies

• Open-source intelligence (OSINT) gathering
• Footprinting tools and countermeasures
• Social engineering reconnaissance

• Network scanning techniques and tools
• Host discovery and port scanning
• Firewall, IDS, and IPS evasion techniques

• NetBIOS, SNMP, LDAP, and NFS enumeration
• Active Directory and SMB enumeration
• Countermeasures for enumeration attacks

• Vulnerability assessment process
• Scanning tools and methodologies
• Identifying and prioritizing security weaknesses

• Password cracking techniques
• Privilege escalation
• Malware threats and rootkits
• Clearing logs and covering tracks

• Types of malware (viruses, worms, Trojans, ransomware, etc.)
• Malware analysis and countermeasures
• Advanced persistent threats (APTs)

• Packet sniffing techniques
• ARP poisoning, MAC flooding, and DHCP attacks
• Sniffing detection and prevention

• Psychological manipulation techniques
• Phishing, vishing, and impersonation
• Social engineering countermeasures

• DoS/DDoS attack methods
• Botnets and amplification attacks
• Detection and mitigation strategies

CEH v13 is the latest version of the Certified Ethical Hacker certification from EC-Council. It focuses on ethical hacking techniques, teaching professionals how to identify and exploit vulnerabilities in systems, networks, and applications—legally and ethically—to strengthen organizational defenses. It builds on v12 by incorporating more AI/ML-based threats, quantum computing risks, and updated labs for modern cyber environments.

While v12 emphasized cloud, IoT, and mobile hacking, v13 is expected to expand on AI-powered attacks (e.g., deepfakes, adversarial ML), supply chain vulnerabilities, and zero-trust architectures. It may include more hands-on labs (potentially 4,000+), updated tools like advanced AI scanners, and a stronger focus on regulatory compliance (e.g., GDPR, NIST).

It's ideal for IT professionals, security analysts, penetration testers, network administrators, and anyone entering cybersecurity. No prior hacking experience is required, but basic IT knowledge (e.g., networking, OS fundamentals) is helpful. It's popular in industries like finance, healthcare, and government.

Yes, CEH is ANSI-accredited and DoD 8570-compliant, making it highly regarded worldwide. Over 200,000 professionals are certified, and it's often a requirement for roles in penetration testing and ethical hacking.

No, you can start directly with v13. However, if you're already CEH v12 certified, you may qualify for a streamlined upgrade path through continuing education credits (ECE) or a bridge exam.

The exam voucher costs around $1,199 USD (may vary by region). Official training bundles start at $1,899–$2,999, including labs and study materials. Renewal is required every three years via 120 ECE credits or re-examination, costing about $100–$500.

Roles include ethical hacker, penetration tester, security analyst, vulnerability assessor, and cybersecurity consultant. Average salaries range from $80,000–$150,000 USD annually, depending on experience and location (higher in the US/Europe).

Yes, for offensive security beginners—it's more accessible than OSCP or GIAC. It complements defensive certs like CompTIA Security+ or CISSP. If you're advanced, consider pairing it with practical exams like CEH (Practical) or eJPT.