Certified Ethical Hacker – CEH








Course Duration: 6 Weeks & 6 Months


Chandigarh School of Ethical Hacking is offering Certified Ethical Hacker (CEH) course in both 6 Weeks and 6 Months Format. Following is the syllabus,which we trainees will cover in this course. Ethical Hacking is a vast field and 6 Weeks are not enough to understand the whole things. Still, we are doing our best to make these 6 weeks of trainees most valuable for them. On the other hand, in 6 Months format we do cover all the topics in detail.


Syllabus (6 Weeks)

  • Basics of Network Security (Study of TCP/IP Protocol, Various Type of Ports, IPv4, IPv6 and many more.)
  • Architecture of Linux OS
  • Hands on Various Commands of Linux Operating System (VM Ware Workstation)
  • WiFi Hacking & Its Security
  • Possible Network Attacks & Countermeasures
  • IP Packet Capturing
  • Packet Crafting
  • Port Scanning & Security
  • Network Firewall (Recommended Rule For A Secure Network)
  • Various Case Studies For Network Security
  • OWASP Overview
  • SQL Injection Attack
  • Cross Site Scripting Attack
  • Local File Inclusion & Remote File Inclusion
  • CSRF (Cross Site Request Forgery) Attack
  • Web Application Firewall
  • Windows Hacking & Security
  • Remote Access Attack (RAT)
  • Social Engineering Attacks (Facebook Hacking Etc.)
  • Phishing
  • Email Spoofing
  • Man in the Middle Attack (MITM)
  • DoS Attack (Denial of Service)
  • Browser Security
  • Malware Analysis (Basic)
  • ISO 27001 (Overview)


Syllabus (6 Months)

Part 1 (Network Security)

  • Basics of Network (For Beginners)
  • How Network Architecture Works?
  • Study of Open Systems Interconnection (OSI) Model
  • Working Architecture of Linux Operating System (Backtrack 5, Kali Linux)
  • Various commands of Linux
  • Network Scanning & Security Management
  • Need of Network Firewalls & Recommended Rule sets for a secure network
  • Hacking a Network to Get Root Access
  • Packet Capturing
  • Manual Packet Crafting
  • Metasploit
  • WiFi Hacking & Security Countermeasures
  • Network Hijacking With a RAT (Remote Access Trojan)
  • Taking Down a Website by performing DoS (Denial of Service) Attack
  • DoS Attack Security Mitigations
  • Best Security Practices to Make A Network Secure
  • Various Case Studies


Part 2 (Web Security)

  • Working Architecture of Website & Web Server
  • Browser Security
  • Intercepting Requests & Responses of Browser
  • OWASP Overview
  • SQL Injection Attack (Blind SQLi, Error Base SQLi, Time-Based SQLi, Boolean Based SQLi)
  • Security Techniques to Secure a Website from SQL Injection Attack
  • Cross Site Scripting Attack (Persistent XSS, Stored XSS, DOM Based XSS)
  • Security Techniques to Secure a Website from XSS (Cross Site Scripting) Attack
  • CSRF (Cross Site Request Forgery) Attack (In Detail)
  • Local File Inclusion (LFI) & Remote File Inclusion (RFI) Attack (In Detail)
  • Security Misconfiguration Vulnerabilities
  • Social Engineering
  • Phishing (Gmail, Facebook and Other Social Websites)
  • Email Spoofing
  • Google Hacking
  • Information Gathering
  • Web Application Penetration Testing (VAPT)
  • Best Practices to Secure MySQL, MSSQL and Web Servers
  • Various Case Studies


Part 3 (Operating System Security)

  • Windows Architecture & File System
  • Possible Windows Attacks & Countermeasures
  • Hacking Windows (Remote Code Execution and RAT)
  • User Account Password Bypassing
  • Windows Server Hardening
  • Linux Architecture & File System
  • Linux Server Hardening
  • Study of Various Kali Linux Tools
  • User Experience of VMware Workstation
  • Common Linux & Windows Mistakes Which Cause Cyber Attacks
  • Best Practices to Secure Linux & Windows Operating System
  • Various Case Studies


Part 4 (Digital Forensics)

  • Basics of Digital Forensics
  • Browser Investigation (Cookies, Session Keys, Cache)
  • Disk Based Forensics(Investigation of External Storage Devices USB, Hard Drives, Memory Cards etc)
  • Data Recovery
  • 6 A’s of Digital Forensics
  • Network Forensics & Collecting Evidences for a particular case
  • Windows Registry Forensics
  • Log Analysis
  • Malicious Packet Tracing
  • Malware Removal
  • Memory Analyzing of Linux & Windows OS
  • Use of Volatility & Encase
  • Various Case Studies


Part 5 (Compliance)

  • IT Laws & Acts
  • ISO 27001:2005

Final Exam: After 10 Days of Course Completion