📞 (800) 555-2678 Sales & enrollment, Mon–Fri
BoosteLearning IT Certification Training · Live Labs
Free Trial Contact Sales
EC-Council Ethical Hacking

Certified Ethical Hacker (CEH) Online Training & Certification Prep

Master the five phases of ethical hacking and earn the world's most recognised offensive-security credential — CEH v13 — through instructor-led training, Live Labs on real attack infrastructure, and EC-Council exam prep backed by our Pass Guarantee.

Pass Guarantee Live Labs Available SCORM / xAPI EC-Council Aligned
Certified Ethical Hacker (CEH) Online Training & Certification Prep

Course Overview

The Certified Ethical Hacker (CEH) is EC-Council’s flagship penetration-testing credential and one of the most sought-after certifications in enterprise security hiring. CEH v13 maps to the five phases of ethical hacking — Reconnaissance, Scanning, Gaining Access, Maintaining Access, and Covering Tracks — while incorporating contemporary attack surfaces including AI-assisted threats, cloud infrastructure, and IoT ecosystems.

Boost eLearning’s CEH course delivers the full EC-Council official curriculum through Certified Partner instructors who bring active red-team experience to every module. Learners don’t just watch demonstrations; they execute live attacks and defenses in Boost Live Labs, a persistent cloud environment provisioned with real vulnerable targets, network appliances, and logging stacks — no local VM setup required.

The curriculum covers more than 340 attack techniques across 20 domains, including network scanning with Nmap and Masscan, exploitation frameworks, web application hacking, session hijacking, malware analysis, SQL injection, cryptography attacks, cloud hacking on AWS and Azure lab tenants, and AI-driven threat methodologies introduced in CEH v13. Each domain is paired with hands-on iLabs scenarios aligned directly to the 312-50 exam blueprint.

Organisations that mandate DoD 8570/8140 compliance, ISO 27001 red-team readiness, or NICE Framework KSAs will find CEH an efficient certification path. Security analysts moving into offensive roles, SOC engineers who need to understand attacker tradecraft, and IT generalists pursuing a structured entry into penetration testing all represent strong candidate profiles.

The course concludes with a proctored practice exam session, exam-strategy coaching from your instructor, and full access to the Boost question bank — all backed by our money-back Pass Guarantee.

What You'll Learn

  • Enumerate targets using passive and active reconnaissance techniques including OSINT, DNS interrogation, and network scanning
  • Conduct vulnerability analysis with Nessus, OpenVAS, and Nikto and interpret results in the context of the CEH exam domains
  • Exploit system vulnerabilities using Metasploit Framework and manual techniques, demonstrating the Gaining Access phase
  • Perform web application attacks including SQL injection, XSS, CSRF, and directory traversal against live lab targets
  • Execute network sniffing, session hijacking, and man-in-the-middle attacks in isolated lab environments
  • Apply social engineering and phishing methodologies within the CEH ethical-use framework
  • Attack and assess cloud environments (AWS, Azure) using techniques covered in CEH v13's cloud hacking domain
  • Analyse malware samples statically and dynamically to understand payload behaviour and evasion techniques
  • Cover tracks by manipulating logs, timestamps, and artifacts, then articulate corresponding defensive controls
  • Prepare and sit the 312-50 exam with confidence using Boost's structured exam-readiness assessments

Who This Course Is For

  • Security analysts and SOC engineers seeking to formalise offensive knowledge
  • Network and systems administrators pursuing DoD 8570/8140 compliance
  • IT professionals targeting a transition into penetration testing or red-team roles
  • Vulnerability management and GRC practitioners who need attacker-perspective skills
  • Cybersecurity students and recent graduates building a certification pathway
  • Consultants advising on security posture who need a recognised credential

Course Outline

Introduction to Ethical Hacking & the CEH Framework2 hours
  • Five phases of ethical hacking
  • Legal and compliance context (CFAA, GDPR, scope agreements)
  • CEH v13 exam blueprint and domain weights
  • Setting up and navigating Boost Live Labs
Reconnaissance & Footprinting4 hours
  • Passive OSINT: WHOIS, Shodan, Maltego
  • Active footprinting: DNS zone transfers, traceroute
  • Email harvesting and social-media reconnaissance
  • Google dorking and advanced search operators
Scanning Networks & Enumeration4 hours
  • TCP/IP and ICMP fundamentals for scanners
  • Nmap host discovery, port scanning, OS and version detection
  • Enumeration of NetBIOS, SNMP, LDAP, NFS, and SMB
  • Vulnerability scanning with Nessus and OpenVAS
System Hacking & Privilege Escalation5 hours
  • Password cracking: dictionary, brute-force, rainbow tables (John, Hashcat)
  • Metasploit Framework: modules, payloads, handlers
  • Privilege escalation on Windows and Linux
  • Maintaining access: backdoors, rootkits, and persistence techniques
Web Application Hacking5 hours
  • OWASP Top 10 in the CEH context
  • SQL injection (in-band, blind, out-of-band) against live lab databases
  • Cross-site scripting (reflected, stored, DOM-based)
  • Session hijacking, CSRF, and file inclusion vulnerabilities
  • Burp Suite Community for web app assessment
Network Attacks & Sniffing4 hours
  • ARP poisoning and MitM with Ettercap
  • Wireshark packet capture and analysis
  • DHCP starvation and rogue DHCP attacks
  • DNS poisoning and BGP hijacking concepts
Social Engineering, DoS & Malware Analysis4 hours
  • Phishing campaign construction and detection
  • DoS and DDoS attack types and mitigation
  • Malware taxonomy: viruses, worms, ransomware, RATs
  • Static and dynamic malware analysis fundamentals
Cloud Hacking, IoT & AI Threat Vectors (CEH v13)5 hours
  • Cloud shared-responsibility model and attack surfaces
  • Attacking misconfigured S3 buckets and IAM roles in AWS lab tenant
  • Container and Kubernetes security weaknesses
  • IoT attack vectors and firmware analysis overview
  • AI-assisted attack techniques introduced in CEH v13
Cryptography Attacks & Steganography3 hours
  • Symmetric/asymmetric encryption weaknesses
  • PKI, certificate spoofing, and SSL stripping
  • Cryptographic attack types: meet-in-the-middle, birthday, padding oracle
  • Detecting and defeating steganography
Exam Readiness & Practice Assessment4 hours
  • Full 125-question timed practice exam
  • Domain-by-domain gap analysis
  • Exam-strategy session with Certified Partner instructor
  • EC-Council exam booking process and exam-day tips

About the Certification Exam

Exam code
312-50
Length
4 hours
Questions
125 multiple-choice questions
Passing score
70% (score varies by form; EC-Council uses scaled scoring)
Exam cost
~$950 USD
Where
Pearson VUE test centres or EC-Council remote proctoring (ECC Exam)

The certification exam fee is paid separately to the testing provider and is not included in the course price unless stated otherwise.

Live Labs Included

Hands-on practice on real environments

This course includes Live Labs — direct access to real hardware and cloud environments so you build the skills the exam actually tests.

  • Array
  • Array
  • Array
  • Array
  • Array
  • Array

Pass Guarantee Included

Complete this course and if you don't pass the certification exam on your first attempt, we'll refund your course fee or give you a free retake — your choice.

Read the guarantee →

Frequently Asked Questions

EC-Council recommends at least two years of information security work experience before attempting the 312-50 exam, or completion of an official CEH training course (which satisfies the training pathway and waives the experience requirement). Boost's course satisfies the training pathway.
If you complete all course modules, pass all in-course assessments, and do not pass the 312-50 exam on your first attempt, Boost will refund your course fee in full. Full terms are provided at enrolment.
CEH v13 adds a dedicated AI Attacks domain, expands cloud hacking coverage to include container and Kubernetes scenarios, and updates IoT and OT attack content. All Boost course materials reflect the v13 blueprint.
Yes. Boost delivers CEH as an instructor-led on-site engagement. Your team works through the same Live Labs curriculum on Boost's cloud lab infrastructure — no on-premises hardware is required from the client.
Lab access is included for 90 days post-course completion, giving you time to revisit scenarios, practice for the exam, and explore related techniques at your own pace.
Yes. CEH (312-50) is an approved baseline certification for the DoD 8140 Cyber IT/Cybersecurity Workforce Framework under the IAT Level II and CSSP Analyst roles, among others.
CEH is a knowledge-based multiple-choice exam covering a broad attack-domain taxonomy — it is well-suited for compliance requirements and security-analyst career tracks. OSCP (PEN-200) is a 24-hour hands-on practical exam with no multiple-choice component; it is considered a stronger proof of active exploitation skill. Many practitioners pursue CEH first, then OSCP.
CEH training is available as self-paced online, live-virtual (scheduled cohorts with a live instructor), and on-site at your location. All three modalities include the same Live Labs and Pass Guarantee.

Related Certifications

OffSec
OffSec Certified Professional (OSCP) Online Training & Certification Prep
90 hours
CompTIA
CompTIA PenTest+ (PT0-003) Online Training & Certification Prep
32 hours

Related Reading