CEH v10.0 Syllabus or Outline
Syllabus is based on international standard of EC Council. As per as international standard total duration will be 40 hours, based on practical and real scenario. 40 hours will like, how much time we are giving in a day or how many days in a week. As per as standard, will cover network portion and web portion. If candidate want in more details then can plan for Network penetration testing module and web application penetration testing module.
Assignment A - (Day1) Introduction to Ethical Hacking
Assignment B – (Day2) Foot printing and Reconnaissance
Assignment 03 - (Day3) Scanning Networks
Assignment 04 - (Day4) Enumeration
Assignment 05 - (Day5) Vulnerability Analysis
Assignment 06 - (Day6) System Hacking
Assignment 07 – (Day7) Malware Threats
Assignment 08 - (Day8) Sniffing
Assignment 09 - (Day9) Social Engineering
Assignment 10 – (Day10) Denial-of-Service
Assignment 11 - (Day11) Session Hijacking
Assignment 12 – (Day12) Evading IDS, Firewalls, and Honeypots
Assignment 13 - (Day13) Hacking Web Servers
Assignment 14 – (Day14) Hacking Web Applications
Assignment 15 – (Day15) SQL Injection
Assignment 16 – (Day16) Hacking Wireless Networks
Assignment 17 – (Day17) Hacking Mobile Platforms
Assignment 18 - (Day18) IoT Hacking
Assignment 19 – (Day19) Cloud Computing
Assignment 20 – (Day 20) Cryptography
Day1 - Information Intelligence.
Day2 - Information Intelligence
Day3 - Organize Your Information
Day4 - Google/Bing Hacking.
Day5 - Hunting And Profiling People.
Day6 - Gathering Email Accounts Sub domains/host.
Day7 - Whois Lookup
Day8 - OS Info Hunting
Day9 - Uptime Info Hunting
Day10 - Webserver Info Hunting
Day11 - Traceroute Target IP Address
Day12 - TCP Port Scanning
Day13 - TCP SYN Port Scanning
Day14 - TCP ACK Firewall Scanning
Day15 - Finding Live Hosts
Day16 - UDP Sweeping And Probing
Day17 - Database Enumerating
Day18 - MySQL Server Enumerating
Day19 - DNS Enumerating
Day20 - SNMP Enumerating
Day21 - Password Attacks
Day22 - Advanced Web Server Fingerprinting
Day23 - Advanced Web Application Fingerprinting
Day24 - Advanced Web Application Firewall Fingerprinting
Day25 - Advanced OS Fingerprinting
Day26 - Attacking DHCP Servers
Day27 - Writing Virus Codes
Day28 - Writing Advance Backdoors for Windows
Day29 - Attacking Network Switches
Day30 - Attacking FTP Servers
Day31 - Advanced Social Engineering Attacks
Day32 - Advanced Cross Site Scripting attacks
Day33 - From Reflected XSS To Reverse Shell
Day34 - From Stored XSS To Reverse Shell
Day35 - Advanced File Handling Attacks
Day36 - From File Upload To Reverse Shell
Day37 - From Remote File Inclusion To Reverse Shell
Day38 - From Local File Inclusion To Reverse Shell.
Day39 - From SQL Injection To Reverse Shell
Day40 - Advanced CSRF Attacks
Day41 - Session Hijacking Attacks
Day42 - Advanced System Command Injection Attack
Day43 - Sniffing Network Passwords
Day44 - Sniffing HTTP Passwords
Day45 - Sniffing Ftp And Telnet Passwords
Day46 - Advanced Sniffing
Day47 - Sniffing Facebook Cookies
Day48 - Advanced SSL Sniffing
Day49 - Advanced Network Attacks
Day50 - From Man In The Middle Attack To Full Network
Day51 - Advanced Mobile Hacking Tactics
Day52 - Attacking WEP Protected 802.11 Networks
Day53 - Attacking WPA/WPA2 Protected 802.11 Networks
Day54 - Attacking Apache Web Server
Day55 - Attacking IIS Web Server
Day56 - Buffer Overflow Attacks
Day57 - Advanced Stateful Packet Inspection Firewall Evasion And Bypassing
Day58 - Advanced Antivirus Detection Evasion And Bypassing
Day59 - Advanced Windows User Access Control (UAC) Evasion And Bypassing
Day60 - Advanced Firewall Outbound/Inbound Rules Evasion And Bypassing
Day61 - Vulnerability Vs Penteration Testing
# Ethical Hacker
# Cyber Security Engineer
# Cyber Security Expert
# Cyber Security Administrator
# Cyber Security Advisor
# IT Security Engineer
# IT Security Expert
Accordingly we can plan for our carrier and courses. It depends on qualification of the candidate or may be candidate belong to technical field. If student belong to the technical field like BCA, MCA, BTech, MTech, BSC(IT), MSC(IT), Etc then easily continue his/her carrier in their relevant field.
If any candidate belong to the not technical field like BA, BCOM and BCS then need to start from the beginning. Before security must have the networking and hardware background. Will be good if candidate has some knowledge of the programming knowledge about C Programming, C++ programming, Python Programming, Core Java Programming, Android and etc.
Technical candidate has some plus point to understand the technology because candidate has expended some time for their technical degree. There are many certification in EC Council for beginner or expert level. Take example of some EC Council Certification
As a security expert, we must have the strong knowledge of certified ethical hacker, this is the combination of two different modules, first is network penetration testing and other is web application penetration testing.
CHFI is the higher level of the certification from the EC Council, actually it is based on computer hacking and computer investigator, this certification is designed for the person who belong to the legal department, belong to the account department, belong to the computer IT, Belong to any technical field of computer and etc.
ECSA-EC Council Certified Security Analyst is the higher level of the certification after the CEH. After the CEH certification can easily plan for ECSA course. If you want to become security checker, security auditor, security advisor then must have this certification. All the above courses belong to the EC Council organization, we must have the certificate once will complete the course, if we have a knowledge of networking before EC Council courses then will be good for the strong base. If will join any organization for above courses then must have the certificate from Global institute of cyber security & ethical hacking or if we have certificate from the international organization then will add more value for the resume or profile. Before above subjects candidates must have the knowledge of linux networking, programming, hardware, etc. Will be good for the base and will easy to understand the security module. If we are planning for any of the courses then can plan for the networking too, in networking cisco is very popular now so can plan for below course.
CCNA 3.0 cisco certified network associate 3.0 with exam code 200-125
Actually this subject has two different module, ICND1 and ICND2, ICND1 has two parts, first is volume1 and second is volume2. If will talk about ICND2 then again we have two modules volume1 and Volume2. CCNA divided in two parts, will be good if will plan for both the modules otherwise if we have sort duration then can go with only one module, that will be ICND1 only.
CEH 10.0 is belong to the network penetration testing and web application penetration testing, after this course, if we want to go in more details then also can plan for NPT level 1 and NPT Level2 and After the network penetration testing can go with WAPT1 and WAPT2, means web application penetration testing module1 and web application penetration testing module2.
Now a days we have some combination courses, as per as industry demand in IT Company. CCNA 3.0 and CEH 10.0 is the excellent combination as per as the real industry.
The role of python programming language 3.7 is very important if we are planning for cyber security track, ethical hacking track or machine learning field or some other field. Python programming has many flexibility as per as the industrial demand. Before python nothing will be required to understand this technology but if we have good knowledge of c programming then will add more value in our resume or if we have knowledge of core java then will be good for the understanding level of the program.