Find Prep Courses

CEH (Certified Ethical Hacker)

EC-Council's flagship certification for penetration testing and ethical hacking. CEH teaches you to think like an attacker—covering reconnaissance, scanning, exploitation, and more—to better defend systems.

Best for: Security professionals wanting to move into penetration testing, red team work, or vulnerability assessment; those needing a DoD-approved ethical hacking credential

Who Is CEH For?

✓ This certification is a good fit if you…

  • Want to understand offensive security techniques to better defend networks
  • Are pursuing penetration tester, red team, or vulnerability analyst roles
  • Need a DoD 8570/8140 approved credential (CEH meets IAT Level III requirements)
  • Work in compliance-heavy environments that specifically require CEH
  • Have foundational security knowledge (Security+ level) and want to go deeper on offensive techniques
  • Your employer will pay for training (CEH is expensive out-of-pocket)

✗ You might consider alternatives if you…

  • Want truly hands-on hacking skills—OSCP is more respected for practical pen testing ability
  • Are paying out of pocket—CEH's mandatory training makes it expensive; consider self-study alternatives
  • Have zero security experience—start with Security+ or foundational networking knowledge
  • Need immediate practical skills—CEH is more theoretical than OSCP, PenTest+, or eJPT
  • Are targeting pure red team roles at top firms—they often prefer OSCP over CEH

Prerequisites & Training Requirements

Official requirement (you need ONE of these):

  • Option 1: Attend official EC-Council training (expensive, ~$2,000–$3,500)
  • Option 2: Have 2 years of information security experience and pay a $100 eligibility application fee

The catch: If you self-study, you must prove 2 years of infosec experience and have your application approved before you can register for the exam. Many candidates take the training path because it's simpler (though costlier).

Realistic knowledge expectations:

  • Networking fundamentals: TCP/IP, ports, protocols, firewalls, packet analysis
  • Operating systems: Windows and Linux administration, command line proficiency
  • Security basics: Security+ level knowledge or equivalent experience
  • Some scripting: Basic Python or Bash helps but isn't strictly required

If terms like "three-way handshake," "NMAP," or "Metasploit" are unfamiliar, spend time on fundamentals first.

What You'll Learn

CEH v12 covers 20 modules spanning the ethical hacking methodology:

  1. Introduction to Ethical Hacking — Hacking concepts, attack vectors, ethical hacking phases
  2. Footprinting and Reconnaissance — OSINT, Google hacking, social media recon
  3. Scanning Networks — Network scanning, port scanning, vulnerability scanning
  4. Enumeration — Extracting usernames, shares, services from target systems
  5. Vulnerability Analysis — Identifying and categorizing vulnerabilities
  6. System Hacking — Password cracking, privilege escalation, maintaining access
  7. Malware Threats — Virus, worm, trojan analysis and detection
  8. Sniffing — Packet capture, MITM attacks, sniffing countermeasures
  9. Social Engineering — Phishing, pretexting, physical security
  10. Denial-of-Service — DoS/DDoS attack techniques and mitigation
  11. Session Hijacking — Application and network-level session attacks
  12. Evading IDS, Firewalls, Honeypots — Evasion techniques and countermeasures
  13. Hacking Web Servers — Web server vulnerabilities and attacks
  14. Hacking Web Applications — OWASP Top 10, SQL injection, XSS
  15. SQL Injection — SQL injection techniques in depth
  16. Hacking Wireless Networks — WiFi encryption attacks, WPA cracking
  17. Hacking Mobile Platforms — iOS and Android vulnerabilities
  18. IoT and OT Hacking — Internet of Things and operational technology attacks
  19. Cloud Computing — Cloud-specific threats and attack vectors
  20. Cryptography — Encryption algorithms, PKI, cryptographic attacks

Important note: CEH teaches concepts and tools but is more theoretical than practical. The exam is knowledge-based, not a hands-on hacking test.

Exam Format & Scoring

Exam code: 312-50 (current version: v12)

Question format: 125 multiple choice questions. No hands-on labs or practical components in the standard CEH exam.

Time limit: 4 hours. Most candidates finish in 2–3 hours.

Passing score: 60–85% depending on the exam form (EC-Council uses scaled scoring based on question difficulty).

Testing: Pearson VUE or ECC Exam Center. Online proctoring available.

CEH Practical (optional add-on): EC-Council offers a separate CEH Practical exam—a 6-hour hands-on test in a lab environment. Passing both CEH and CEH Practical earns the "CEH Master" designation. The practical exam is highly regarded but costs extra (~$550).

Cost breakdown:

  • Exam voucher only: $1,199
  • Official training + exam: $2,000–$3,500 depending on format
  • CEH Practical (optional): ~$550
  • Eligibility application (self-study path): $100

Recommended Study Plan

Official Training Path

2–3 months

For those using EC-Council authorized training:

  1. Weeks 1–2: Complete the official training (typically 5 days for bootcamp or self-paced over 2–4 weeks). Focus on understanding, not memorization.
  2. Weeks 3–6: Review all modules. Create notes on tools, attack types, and countermeasures. The exam tests specific tool names and techniques.
  3. Weeks 7–8: Practice exams. Use the official practice tests and supplement with third-party questions. Memorize key port numbers, tool purposes, and attack steps.
  4. Weeks 9–12: Deep dive on weak areas. Take timed practice exams. Score 80%+ before booking.

Self-Study Path

3–4 months

For experienced security professionals (requires eligibility application):

  1. Week 1: Submit eligibility application to EC-Council with experience documentation. Apply early—approval can take time.
  2. Weeks 2–6: Study using CEH All-in-One Guide, video courses (Udemy, Cybrary), and hands-on labs (TryHackMe, HackTheBox).
  3. Weeks 7–10: Focus on memorization: tool names, port numbers, attack sequences, countermeasures. CEH tests recall heavily.
  4. Weeks 11–16: Practice exams. Matt Walker's practice questions are well-regarded. Score 85%+ before booking.

Prep Resources

Disclosure: Some links below are affiliate links. We may earn a commission at no extra cost to you. Learn more

Best Book

CEH Certified Ethical Hacker All-in-One Exam Guide (Matt Walker)

Comprehensive study guide covering all exam objectives. Includes practice questions. Well-organized and readable. The standard CEH study book.

~$40–50

View on Amazon (affiliate)
Best Hands-On

TryHackMe

Interactive hacking labs and learning paths. "Jr Penetration Tester" and "Offensive Pentesting" paths align well with CEH topics. Builds practical skills the exam won't.

Free tier + $10/month premium

Start Learning

EC-Council Official Training

Authorized training satisfies eligibility automatically. Multiple formats: in-person bootcamp, live online, self-paced iLearn. Expensive but simplest path.

$2,000–$3,500

View Options

Udemy CEH Courses

Various instructors offer CEH prep courses. Good supplement to books but won't satisfy EC-Council's training requirement alone.

~$15–20 on sale

View on Udemy (affiliate)

Free Practice Resources

  • HackTheBox: Free lab machines to practice real hacking techniques
  • DVWA (Damn Vulnerable Web Application): Practice web app attacks locally
  • Metasploitable: Intentionally vulnerable VM for safe practice

Official Information

Verify current pricing, eligibility requirements, and exam details with EC-Council:

Visit EC-Council Official Page →

External link to eccouncil.org.

Alternative Certifications to Consider

💀

OSCP (Offensive Security Certified Professional)

The gold standard for practical pen testing. 24-hour hands-on exam. Harder but more respected by technical teams.
🔓

CompTIA PenTest+

Vendor-neutral pen testing cert. More affordable than CEH. DoD approved. Good middle ground between Security+ and OSCP.
🛡️

CompTIA Security+

If you need foundational security knowledge first. More defensive focus but important baseline for ethical hacking career.
🎯

eJPT (eLearnSecurity Junior Penetration Tester)

Entry-level practical pen testing cert. Affordable, hands-on exam. Good stepping stone before CEH or OSCP.

Frequently Asked Questions

Is CEH worth it in 2025?

Depends on your goals. For DoD/government work or compliance-heavy environments, CEH is often required and worth it. For proving practical hacking skills to technical hiring managers, OSCP is more respected. CEH's value is strongest when employers specifically request it or you need the DoD approval.

Why is CEH so expensive?

EC-Council's business model bundles training with certification. The mandatory training requirement (or eligibility fee for self-study) keeps costs high. Critics argue this is primarily revenue-driven. If cost is a concern, consider PenTest+ or eJPT as more affordable alternatives.

CEH vs OSCP—which is better?

Different purposes. CEH is knowledge-based and broadly recognized, especially in government/compliance. OSCP is hands-on and highly respected for demonstrating actual hacking ability. Many pen testers get both: CEH for the checkbox, OSCP for credibility. If you can only get one, choose based on your target employers' requirements.

Can I get a pen testing job with just CEH?

Possibly for junior roles, especially in environments requiring DoD compliance. However, most pen testing teams want to see practical skills. CEH plus CTF experience, TryHackMe/HackTheBox profiles, or personal projects will strengthen your candidacy. CEH alone may not be enough for competitive pen testing positions.

How hard is the CEH exam?

Moderately difficult—easier than OSCP but requires significant memorization. The challenge is breadth: 20 modules covering tools, ports, techniques, and countermeasures. Experienced security professionals who study properly usually pass. Complete beginners will struggle.

Should I get CEH Practical too?

If you want to demonstrate actual skills, yes. CEH Practical is a 6-hour hands-on lab exam that earns you the "CEH Master" designation. It's well-regarded and differentiates you from people who only passed the multiple-choice exam. It adds ~$550 to total cost.

How do I renew CEH?

Earn 120 EC-Council Continuing Education (ECE) credits over 3 years and pay annual membership fees ($80/year). Credits come from training, conferences, writing, teaching, and similar activities. Alternatively, retake the current exam version.