• 708.689.0131
  • Contact us
  • Infosec IQ login
  • Infosec Skills login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Product overview
  • Infosec IQ logo Security awareness & culture
  • Infosec Skills logo On-demand training & cyber ranges
  • Infosec Skills Live Boot Camps logo On-demand training & cyber ranges
  • Infosec IQ overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Integrations & automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Infosec Skills overview
  • Role-guided training
  • Infosec Skills Teams
  • Cyber ranges & labs
  • Certifications & CPEs
  • Skill assessments
  • Browse all training
  • Pricing & features
  • Book a meeting
  • Live boot camps
  • Infosec Institute certifications
  • DoD 8570 certifications
  • Get team boot camp pricing
  • View boot camp schedule
  • Book a meeting
  • Pre-built training plans
  • Compliance, industry & role-based training
  • Custom education
  • Personalized learning
  • Languages
  • Gamified learning
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Dashboard reports
  • Security culture survey
  • Assessments
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • 52 NICE Work Roles
  • SOC Analyst
  • Cloud Security Engineer
  • Security Manager
  • ICS Security Practitioner
  • Security Engineer
  • Penetration Tester
  • Digital Forensics Analyst
  • Information Risk Analyst
  • Security Architect
  • Secure Coder
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play

On-demand training for every cybersecurity role

Download Catalog

Certification training from industry experts

Get Pricing
  • Solutions overview
  • By organization type
  • By need
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 IT & Security Talent Pipeline Study

    Download Now
    • Cyber Work
    • Webcasts
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Cyber Work Podcast

      New cybersecurity career conversations every week

      Listen Now
      • About us
      • Events & webcasts
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • Industry alliances
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join a team dedicated to making a difference.

        Get To Know Us

        Ethical Hacking Dual Certification Boot Camp (CEH and PenTest+)

        Discover vulnerabilities before cybercriminals do! Our most popular information security and hacking training goes in-depth into the techniques used by malicious, black-hat hackers with attention-getting lectures and hands-on labs.

        ★★★★★
        4.7
        (8,755 ratings)
        View Pricing Book a Boot Camp
        ethical-hacking-boot-camp

        Earn your CEH and PenTest+, guaranteed!

        • Five days of live, expert ethical hacking instruction
        • Exam Pass Guarantee
        • Exam voucher
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($599 value!)
        • 1-year access to all boot camp video replays and materials
        • Onsite proctoring of exam
        • Knowledge Transfer Guarantee

        Authorized training partner

        Infosec is an authorized training partner of EC-Council and CompTIA, and we’ve won awards from both organizations for our boot camps. The EC-Council Certified Ethical Hacker (CEH) and CompTIA PenTest+ are two of the most in-demand hacking certifications. Infosec instructors found around 80% of the material overlaps and students get the best value by training for both certifications at the same time.

        View full course schedule

        Training overview

        This boot camp teaches you how to use the tools and techniques used by cybercriminals to perform a white-hat, ethical hack on your organization. You’ll learn ethical hacking methodologies and gain hands-on hacking experience in our cloud-hosted cyber range, including reconnaissance, gaining access to systems, exploiting vulnerabilities and exfiltrating data.

        You’ll leave with the ability to quantitatively assess and measure threats to information assets — and discover where your organization is most vulnerable to hacking. This boot camp also prepares you to earn two in-demand certifications: EC-Council Certified Ethical Hacker (CEH) and CompTIA PenTest+.

        Learn by doing in the cyber range

        Hundreds of exercises in over 20 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing in our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to  compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening Capture the Flag (CTF) exercise.

        CTF exercises are an opportunity for you to practice your hacking skills in a real-world environment. Infosec sets up a mock company that you can freely attack without having to worry about damaging production systems. The purpose of the CTF exercises is to ensure you understand how to apply the skills you learned during the day to a real-world, ethical hacking scenario.

        Who should attend

        • Penetration and vulnerability testers
        • Cybersecurity analysts
        • Cybersecurity consultants
        • Offensive security professionals
        • Anyone with a desire to learn about ethical hacking
          and develop their penetration testing skills

        Prerequsites

        • Firm understanding of the Windows Operating System
        • Exposure to the Linux Operating System or other Unix-based operating system
        • Grasp of the TCP/IP protocols

        Meets 8570.1 requirements

        Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security. The directive specifies Certified Ethical Hacker (CEH) as an approved baseline certification for CCSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder and CSSP Auditor.

        It also lists PenTest+ as approved for three 8570.1  job categories: Cybersecurity service provider (CSSP) analyst, CSSP incident responder and CSSP auditor.

        Everything you need to earn your CEH and PenTest+

        • Five days of live, expert ethical hacking instruction
        • Exam Pass Guarantee
        • Exam voucher
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($599 value!)
        • 1-year access to all boot camp video replays and materials
        • Onsite proctoring of exam
        • Knowledge Transfer Guarantee
        Everything you need to earn your CEH and PenTest+
        View Pricing

        Exam Pass Guarantee

        We guarantee you’ll pass your exam on the first attempt. Learn more.

        Ethical Hacking training schedule

        Infosec’s Ethical Hacking training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth ethical hacking prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Day 1
            The first half of day one focuses on learning the job duties required of a penetration tester. You will learn the ins and outs of the various penetration testing methodologies required in order for an ethical hack to be used in a business or government setting. You will also delve deep into technical material, learning how to perform network reconnaissance against modern infrastructure.

            Lectures include:

            • Security testing methodologies
            • The ethical hacking profession
            • Planning and scoping an engagement
            • Legal and compliance considerations
            • Ethical hacking methodologies
            • Tools of the trade
            • Linux overview
            • Passive intelligence gathering
            • Abusing DNS
            • Abusing SNMP
            • Security testing methodologies

            Some of the instructor-led hands-on lab exercises:

            • Linux fundamentals
            • Passive intelligence gathering
            • Understanding the Domain Naming System
            • Enumerating DNS entries to develop a focused attack strategy
            • Attacking the Domain Naming System
            • Discovering SNMP vulnerabilities and flaws
            • Enumerating SNMP information
            • Brute forcing SNMP community strings
            • Capture the Flag exercises

            Day 2

            Having learned how to gather information about several targets, we begin day two with narrowing our attack by finding potentially vulnerable systems/services. You will master the art of network scanning and service identification, and gain a deeper understanding of how systems
            communicate using the TCP and UDP protocols

            Lectures include:

            • Understanding TCP packets and structuresPassive network discovery and scanning
            • TCP scanning
            • Using differences in RFC implementations to your advantage
            • Scanning through firewalls
            • How to prevent the discovery of your reconnaissance activities
            • Using zombies to mask network scanning
            • Avoiding IDS/IPS detection
            • Proper identification of services
            • Vulnerability identification

            Some of the hands-on lab exercises include:

            • Packet analysis
            • Obtaining authentication credentials via packet capture
            • Network scanning
            • Target scanning of potentially vulnerable targets
            • Remaining undetected while performing a network scan
            • Enumerating services and identifying vulnerabilities
            • Capture the Flag exercises

            Day 3

            After gathering information about your target system, you will put all that hard work to use when you learn how to exploit those vulnerabilities. You will learn the skills to demonstrate a successful exploit of a vulnerability as well as how to gather additional credentials to exploit vulnerabilities in other systems. You will also learn useful social engineering techniques, including phishing, and methods of attacking physical security.

            Lectures include:

            • Vulnerability life cycles
            • Types of vulnerabilities
            • Flaws in encryption
            • Configuration errors
            • Buffer overflows
            • Stack overflows
            • Vulnerability mapping
            • Exploit utilization and delivery methods
            • Client side exploits
            • Server side exploits
            • Password security
            • Social engineering techniques
            • Attacking physical controls
            • Hashing
            • Rainbow tables
            • Attacking Windows password security
            • Weaknesses in Windows authentication protocols
            • Rainbow tables

            Some of the hands-on lab exercises include:

            • Gaining unauthorized access to systems
            • Use of various payloads to increase privileges
            • Keystroke logging
            • DLL injection attack
            • Exploit server side applications
            • Gather password hashes
            • Exploit weaknesses in authentication protocols
            • Capture the Flag exercises

            Day 4

            After compromising a target, you will extend your access to all vulnerable systems at your target organization and learn how to covertly exfiltrate data. The second half of day four covers attacking web-based applications and understanding SQL injection.

            Lectures include:

            • Use of Trojans
            • Redirecting ports to thwart firewall rules
            • Avoiding anti-virus detection
            • Lateral movement and persistence
            • Use of keyloggers
            • IDS operations and avoidance
            • Encrypting your communications
            • Protocol abuse for covert communications
            • Creating custom encryption tunneling applications
            • E-shoplifting
            • XSS attacks
            • Cross site forgery
            • Circumventing authentication
            • SQL injection discovery and exploitation
            • SQL data extraction

            Some of the hands-on lab exercises include:

            • Use of Trojans
            • IDS usage and avoidance
            • Data transmission encryption techniques
            • Creating a custom covert channel
            • Web application parameter tampering
            • Cross site scripting attacks
            • SQL injection
            • Chaining exploits
            • Exploiting extended stored procedures
            • Capture the Flag exercises

            Day 5
            Day five is dedicated toward wireless security, using basic scripts for ethical hacking, covering your tracks and post-engagement activities. You will master the ability to sniff data, clean up all traces of your activities and learn best practices for writing reports and recommending mitigation strategies.

            Lectures include:

            • Sniffing in different environments
            • Attack sniffers
            • Man-in-the-middle attacks
            • Wireless networking
            • Shared key authentication weaknesses
            • WEP/WPA/WPA2 cracking
            • Anti-forensics
            • Log modification/deletion
            • Rootkits
            • Introduction to scripting
            • Common script components
            • Writing effective reports
            • Providing mitigation recommendations
            • CEH exam review
            • PenTest+ exam review

            Some of the hands-on lab exercises include:

            • ARP spoofing and man in the middle
            • Specialized sniffing
            • DNS spoofing
            • Phishing attacks

            The day finishes with the CEH examination given on-site at the training location or online from home. You will receive an exam voucher to take the PenTest+ exam.

        • After your boot camp
          • Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Free Ethical Hacking training resources

        What’s new in ethical hacking: Latest careers, skills and certifications

        Want to be an ethical hacker? Find out everything you need to know in this webinar featuring Infosec instructor Keatron Evans.

        Watch now

        How to become a penetration tester

        It’s been a while since we’ve talked penetration testing and offense-oriented network security on the show, and I know some of you have been asking for it, so today’s your lucky day!

        On the show we have Dr. Wesley McGrew, the director of Cyber Operations for HORNE Cyber. We’re going to talk about going on the offense as a good defense, the current state of pentesting and the raw work of reverse engineering malicious software and vulnerability testing. If you’re looking for the type of job that gets you out on the cybersecurity battlefield and fighting the bad guys, you’re going to want to give this episode your undivided attention!

        Wesley McGrew is the author of penetration testing and forensic tools used by many practitioners. He is a frequent presenter at DEF CON and Black Hat USA. At the National Forensics Training Center, he provided digital forensics training to law enforcement and wounded veterans. As an adjunct professor he designed a course he teaches on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. This effort was undertaken as part of earning National Security Agency CAE Cyber Ops certification for the university. He has presented his work on critical infrastructure security to the DHS joint working group on industrial control systems. Wesley earned his Ph.D. in computer science at Mississippi State University for his research in vulnerability analysis of SCADA HMI systems used in national critical infrastructure. He served as a research professor in MSU’s Department of Computer Science & Engineering and Distributed Analytics and Security Institute.

        Listen Now

        PenTest+: Everything you need to know about CompTIA’s new certification

        CompTIA’s new PenTest+ certification validates your knowledge around identifying, exploiting, reporting and managing vulnerabilities.

        Watch now

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        Sign up

        Enroll in a boot camp

          See additional dates

          Frequently asked questions

          • Why is getting certified an important part of an ethical hacking career?
            • The EC-Council Certified Ethical Hacker (CEH) certification and the CompTIA PenTest+ certification demonstrate to employers you have an in-depth knowledge of ethical hacking and penetration testing. They are foundational certifications that teach you the skills and techniques required to identify system weaknesses and vulnerabilities.

          • What career opportunities are available to Ethical Hacking Boot Camp graduates?
            • An ethical hacking certification is a great way to land your first role as a cyber security professional. The CEH certification is a common a prerequisite for security-related job roles, particularly roles related to social engineering and penetration testing or requiring security clearance. As a certified security professional, you will likely earn a much higher salary than non-certified professionals, and can use credentials like the CEH and PenTest+ to negotiable a higher salary.

          • How much programming experience is typically required?
            • Programming experience isn’t a requirement, but we recommend you have a solid understanding of at least one programming language, a familiarity of networking concepts like TCP/IP Protocol, and experience using Linux and/or Unix.

          • How has the ethical hacking industry grown in recent years? Has the need for ethical hacking skills changed in the last five or 10 years?
            • The ethical hacking industry has seen seen tremendous growth over the past decade and shows no signs of slowing down. As computer technology advances, the need for white-hat hackers to protect corporate data will continue to grow along with it. The growing popularity of cloud computing and IoT devices has introduced a myriad of new vulnerabilities, further increasing the need for ethical hackers and pentesters.

          • What job titles are most common for people who hold the EC-Council CEH and CompTIA PenTest+ certifications?
            • The most common and sought after job roles for ethical hackers include penetration tester, forensic analyst, network security administrator and computer network defense analyst.

          • How difficult is it to find security flaws in companies with significant resources? Do hackers still get paid if they fail to find security flaws?
            • Your experience will vary by company, but security flaws are surprisingly common in the real world. If your penetration test fails to identify any security vulnerabilities, you will still be paid for your time and services.

          • How much room for creativity is there in an ethical hacking job role? Are there many ways to hack a particular kind of network?
            • Ethical hacking is a highly creative job role and requires a specific type of mindset, not skillset. As a white-hat hacker, you will uncover the multiple ways malicious actors can break into and/or harm systems — methods that are constantly changing overtime.

          • What hardware and software are needed to complete the Ethical Hacking Boot Camp?
            • The only items needed to complete the Ethical Hacking Boot Camp include a stable Internet connection and a computer that can perform streaming activities. If you have a computer that you use to watch Netflix, you’re ready to start hacking!

          • Is the online Ethical Hacking Boot Camp as effective and informative as an in-person classroom course?
            • Our live online Ethical Hacking Boot Camp provides you with the exact same learning experience you would receive in a physical classroom, without the hassle and cost of travel. You will interact with the instructor the same way you would in a physical course and receive the same courseware, labs and exam vouchers. Online students also get access to additional features, such as recordings of your daily lessons, access to a collection of curated videos from other top-rated instructors and an Exam Pass Guarantee.

          • Is it possible to receive one-on-one mentoring from an Ethical Hacking Boot Camp instructor? How much feedback will I receive on my coursework?
            • Absolutely! One-to-one chat sessions with instructors is an important part of our live online Ethical Hacking Boot Camp. During the boot camp, instructors focus 100% of their time and attention on students to ensure you are learning the skills needed to pass your CEH and PenTest+ exams.

          • Does the program offer training on ethical hacking specialization skills?
            • Our Ethical Hacking Boot Camp dives deep into a variety of specialized ethical hacking concepts: information gathering, network scanning, footprinting and reconnaissance, exploitation, penetration testing, web application hacking and more.

          • Why is the Ethical Hacking Boot Camp a necessary addition to the other popular certification programs?
            • The CEH and PenTest+ certifications provide you with an in-depth view into ethical hacking and penetration testing, putting you at the top of your field.

          • What does this training offer that other certification prep courses do not?
            • Infosec’s CEH and PenTest+ training has the highest certification pass rate in the industry — 93%! If you choose to take the course via our popular live online option, you will also receive our Exam Pass Guarantee. This means if you fail the exam the first time, we’ll pay for your second attempt FREE.

          Infosec logo

          Products

          Infosec IQ Security awareness, culture & phishing simulator Infosec Skills Hands-on skill development & boot camps

          Resources

          Cyber Work Blog Infosec Inspire Events & webcasts

          Company

          Contact us About Infosec Careers Newsroom Partners
          • ©2022 Infosec Institute, Inc.
            • Trademarks
            • Privacy Policy

          Infosec, part of Cengage Group

          We use cookies to personalize your experience and optimize site functionality. Accept Cookie settings
          Privacy & Cookies Policy

          Infosec cookie notice

          We use cookies to help understand your needs, optimize website functionality and give you the best experience possible. Use this policy to understand how, when and where cookies are stored on your device. 

          Want to know more? Contact [email protected].
          Necessary
          Always Enabled
          This type of cookie helps keep our website functioning. They provide access to account-based features and other secure areas of our site, and do not store information about you that could be used for marketing. This category of cookies cannot be disabled.
          Analytics
          Google Analytics cookies help us understand how visitors use our site. All data collected from Google Analytics is anonymized (including your IP address) and stored by Google on U.S. servers.
          Marketing
          We use this type of cookie to optimize our marketing campaigns. Marketing cookies are delivered by our database when you visit our site, complete a form or open email from us. Information stored in this cookie includes personal information like your name and what pages you view on our site.
          Save & Accept