Certified Ethical Hacker (CEH) Certification Programme

This programme prepares participants to understand and apply ethical hacking methodologies used by professional penetration testers and security analysts. Covering the full CEH v13 body of knowledge, participants will learn how attackers think, how to identify vulnerabilities before they are exploited, and how to report findings to stakeholders. Aligned with EC-Council CEH v13 exam objectives.

Programme Modules

Introduction to Ethical Hacking
Hacking phases, attack types, threat actors, and the legal and ethical framework governing penetration testing in Malaysia and globally.

Footprinting and Reconnaissance
Passive and active information gathering techniques. Open-source intelligence (OSINT), Google dorking, DNS enumeration, and social engineering basics.

Scanning Networks
Network scanning methodologies, port scanning, OS fingerprinting, and vulnerability identification using tools such as Nmap and Nessus.

Enumeration
Extracting system information including usernames, network shares, services, and security configurations from target systems.

Vulnerability Analysis
Identifying and classifying vulnerabilities using scoring frameworks (CVSS) and vulnerability databases. Hands-on use of scanning tools.

System Hacking
Password cracking, privilege escalation, maintaining access, and covering tracks. Understanding attacker techniques to build better defences.

Malware Threats
Types of malware including viruses, ransomware, trojans, and spyware. How malware spreads, executes, and how to detect and mitigate infections.

Sniffing and Session Hijacking
Network sniffing techniques, ARP poisoning, session token theft, and countermeasures for securing network communications.

Social Engineering
Human manipulation tactics used in attacks. Phishing, vishing, pretexting, and building organisational defences against social engineering.

Web Application Hacking
OWASP Top 10 vulnerabilities, SQL injection, cross-site scripting (XSS), and web application attack and defence techniques.

Wireless Network Hacking
Wi-Fi security weaknesses, WPA2 cracking, rogue access points, and securing corporate wireless networks.

Cryptography
Encryption algorithms, PKI basics, hashing, digital signatures, and common cryptographic attacks.

Final Activity: Capture the Flag (CTF) Exercise
Participants complete a structured ethical hacking challenge on a simulated lab environment, applying skills from all modules to identify, exploit, and document vulnerabilities in a controlled setting.

Key Outcomes:
Understand the full ethical hacking methodology and attack lifecycle
Perform reconnaissance, scanning, and enumeration on target systems
Identify and exploit common vulnerabilities in a lab environment
Analyse malware behaviour and recommend mitigation strategies
Conduct basic web application and wireless network security assessments
Produce a professional penetration testing report

Fee: RM 2,500 per participant (minimum 3 participants)
Duration: 5 Days
Training Hours: 9:00 AM to 5:00 PM
Level: Intermediate (basic networking and IT knowledge required)
Training Mode: Physical, Online, or Hybrid
HRD Corp Claimable
Certificate of Completion included
Note: EC-Council CEH v13 exam voucher is not included. Participants may purchase the exam voucher separately through EC-Council.

Frequently Asked Questions

Basic understanding of networking, operating systems, and IT fundamentals. Participants with CompTIA Security+ or ISC2 CC are well-positioned for this course.

No. The training fee covers instruction, materials, lab access, and Certificate of Completion. The EC-Council CEH exam voucher is purchased separately.

Yes.

Kali Linux, Nmap, Metasploit, Wireshark, Burp Suite, and other standard ethical hacking tools in a controlled lab environment.

Yes, with virtual lab access provided.

Up to 15 participants for hands-on lab sessions.