Certified Professional Ethical Hacker – C)PEH

The Certified Professional Ethical Hacker (C)PEH course is a comprehensive training program designed to equip cybersecurity professionals with the skills needed to think and act like a hacker—ethically! This course covers advanced penetration testing techniques, vulnerability assessment, exploitation methodologies, and security countermeasures. Participants will gain hands-on experience in ethical hacking tools and methodologies to identify and secure network infrastructures from cyber threats.

Learning Outcomes

By the end of this course, participants will be able to:
✅ Understand ethical hacking principles and cybersecurity frameworks
✅ Conduct penetration testing and vulnerability assessments
✅ Identify and exploit security weaknesses in networks, web applications, and systems
✅ Utilize ethical hacking tools to simulate cyberattacks
✅ Develop countermeasures to protect against cyber threats
✅ Implement security best practices to enhance network security
✅ Gain real-world experience through hands-on labs and exercises

Detailed Outline:

Module 1 – Introduction to Ethical Hacking

• What and Why?
• Differences
• Security Definitions
• Risk Management
• Methodologies

Module 2 – Linux Fundamentals

• Core Concepts
• The shell and other items you need to know
• Managing users
• Basic Commands

Module 3 – Protocols

• Network Models
• Protocols & Services

Module 4 – Cryptography

• Understanding Cryptography
• Symmetric Encryption
• Asymmetric Encryption
• Hashing
• Cryptography in Use
• Crypto Attacks

Module 5 – Password Cracking

• What and Why
• Attacks and Tools of the Trade
• Countermeasures

Module 6 – Malware

• DOS & DDOS
• Viruses & Backdoors
• Trojans and Backdoors
• Ransomware

Module 7 – Security Devices

• Basic Security Elements
• Security Appliances

Module 8 – Information Gathering

• What are we looking for?
• Where/How do we find this information?
• Are there tools to help?

Module 9 – Social Engineering

• Social Engineering Types
• Phishing Scams

Module 10 – Reconnaissance

• What are we looking for?
• Port Scanning
• Are there tools to help?
• Banner Grabbing
• Enumeration

Module 11 – Vulnerability Assessment

• What is a Vulnerability Assessment
• Tools of the Trade
• Testing Internal and External Systems

Module 12 – Network Attacks

• Sniffing Techniques
• Hijacking

Module 13 – Hacking Servers

• Servers, What are they good for?
• What is an Exploit?
• Tools of the Trade

Module 14 – Hacking Web Technologies

• OWASP Top 10
• SQL Injection
• XSS

Module 15 – Hacking Wireless Networks

• Wireless Technologies
• Mobile and IoT Technologies
• Various Tools Used
• Hacking Techniques
• Countermeasures

Module 16 – Maintaining Access and Covering Tracks

• Maintaining Access
• Covering Tracks

 

Detailed Labs Outline:

Lab 1 – Intro to C)PEH Setup 

• Recording Ips and Logging into VMs
• Joining the Domain

Lab 2 – Linux Fundamentals

• Command Line Tips and Tricks
• Linux Networking for Beginners
• Using FTP during a Pentest

Lab 3 – Understanding Protocols 

• Analyze http session

Lab 4 – Cryptography Lab 

• Hashing Data of all Sorts
• The Basics of Cryptographic Algorithms

Lab 5 – Password Cracking 

Lab 6 – Malware 

• Creating a virus
• Beast Trojan

Lab 7 – Information Gathering 

• Google Queries
• Searching Pastebin
• Maltego
• People Search Using the Spokeo Online Tool
• Recon with Chrome
• Nslookup

Lab 8 – Information Gathering – Active Reconnaissance

• Scanning with Nmap
• Scanning with Hping
• Banner Grabbing
• Enumerating a local System with Hyena
• SMTP Enumeration
• Ad Enumeration

Lab 9 – Vulnerability Assessment

• Vulnerability Assessment with Nessus
• Vulnerability Assessment with Saint

Lab 10 – Network Sniffing/IDS

• Sniffing Passwords with Wireshark
• Performing MtM with Cain
• Performing MtM with sslstrip

 Lab 11  – Windows Hacking

• Attack Windows 7 with Client-Side Exploit
• Windows 2012 Reverse TCP Exploit
• Cracking with John the Ripper

Lab 12 – Attacking Databases 

• Attacking MySQL Database
• Manual SQL Injection

Lab 13 – Attacking Web Applications 

• Attacking with XSS
• Attacking with CSRF

Lab 13 – Backdoors 

• Setting up a Backdoor