Start with 7 free days of training.

Gain instant access to our entire IT training library, free for your first week.
Train anytime on your desktop, tablet, or mobile devices.

This Certified Ethical Hacker (CEH) v9.0 video training course teaches you the ethical hacking tools and techniques needed to improve your network's security posture. CBT Nuggets trainer Keith Barker walks you through building your own practice lab, including using evaluation software, and encourages you to not only watch and enjoy the videos, but practice everything hands-on in your own lab environment....
This Certified Ethical Hacker (CEH) v9.0 video training course teaches you the ethical hacking tools and techniques needed to improve your network's security posture. CBT Nuggets trainer Keith Barker walks you through building your own practice lab, including using evaluation software, and encourages you to not only watch and enjoy the videos, but practice everything hands-on in your own lab environment.

For individuals interested in certification, watching and practicing the techniques taught in this course prepares you for EC-Council Certified Ethical Hacker (CEH) exam. Please visit the EC-Council website for their requirements and procedures for taking the exam.

Recommended Experience
  • Networking fundamentals (CompTIA Network+ level of knowledge or better)
  • Familiarity with multiple versions of Windows
  • Familiarity with Linux is not necessary but recommended
  • Familiarity with VMware Workstation
  • Knowledge of Networking and Security at the CompTIA Network+ and Security+ levels, or better
Recommended Equipment
  • Host running VMware Workstation, that can support 64bit VMs.
Related Certifications
  • Certified Ethical Hacker v9 (#312-50)
Related Job Functions
  • Network/System Administrators/Engineers
  • Security officers
  • Auditors
  • Security professionals
  • Site administrators
  • Those concerned about the security of the network infrastructure
This exam also meets the requirements for DoD baseline certifications for CSSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder, and CSSP Auditor.

Keith Barker has been a CBT Nuggets trainer since 2012 and working with networking and security since 1985. Keith holds several security-related certifications including Cisco CCIE Security, Palo Alto CNSE, Check Point CCSA, CISSP and more.

EC-COUNCIL® and CEH® are registered trademarks International Council of E-Commerce Consultants.
 show less
1. Welcome (4 min)
2. Building a LAB: Concepts (6 min)
3. Building a LAB: Networking (9 min)
4. Deploy a Kali Linux VM (14 min)
5. Adding Metasploitable to Your Lab (11 min)
6. Adding Windows to Your Lab (14 min)
7. Configure a Static IP on Kali (5 min)
8. Windows Evaluations (7 min)
9. Deploy Windows 8.1 (15 min)
10. Deploy Windows 2012 (11 min)
11. Deploy Windows 10 (7 min)
12. Deploy Windows 2016 (7 min)
13. Ethics and Hacking (10 min)
14. Hacking Vocabulary (6 min)
15. InfoSec Concepts (5 min)
16. Attack Categories, Types, and Vectors (5 min)
17. Five Phases of Hacking (5 min)
18. Footprinting and Reconnaissance Concepts (11 min)
19. Search Engine Tools (8 min)
20. Hacking using Google (12 min)
21. Website Recon Tools (13 min)
22. Metagoofil Metadata Tool (3 min)
23. Email Headers for Footprinting (5 min)
24. Using WHOIS for Recon (4 min)
25. DNS Tools (12 min)
26. Network Scanning Overview (3 min)
27. Network Scanning Methodology (9 min)
28. Port Discovery (11 min)
29. Network Scanning Tools (3 min)
30. Stealth Idle Scanning (10 min)
31. OS and Application Fingerprinting (10 min)
32. Vulnerability Scanning (8 min)
33. Network Mapping Tools (5 min)
34. Proxy Servers (8 min)
35. Using Public Proxy Services (6 min)
36. Enumeration Concepts (5 min)
37. NetBIOS Enumeration (11 min)
38. SNMP Enumeration Concepts (10 min)
39. SNMP Enumeration Tools (10 min)
40. LDAP Enumeration Concepts (5 min)
41. LDAP Enumeration Example (7 min)
42. NTP Enumeration (7 min)
43. SMTP Enumeration (8 min)
44. System Hacking Overview (9 min)
45. Password Cracking Concepts (10 min)
46. Password Attack Example: MITM and Sniffing (13 min)
47. Rainbow Crack Lab Setup (8 min)
48. Rainbow Crack Demonstration (8 min)
49. Password Reset Hacking (8 min)
50. DHCP Starvation (10 min)
51. Remote Access (15 min)
52. Spyware (9 min)
53. NTFS Alternate Data Streams Exploit (9 min)
54. Steganography with OpenPuff (7 min)
55. Steganography with SNOW (5 min)
56. Covering Tracks (7 min)
57. Malware Overview (10 min)
58. Trojan Overview (10 min)
59. Creating a Trojan (11 min)
60. Virus Overview (13 min)
61. Virus Creation (8 min)
62. Detecting Malware (17 min)
63. Malware Analysis (10 min)
64. Hash File Verification (8 min)
65. Sniffing Overview (12 min)
66. CAM Table Attack and Port Security (10 min)
67. DHCP Snooping (14 min)
68. Dynamic ARP Inspection (DAI) (14 min)
69. Social Engineering (15 min)
70. Denial of Service (DoS) Attacks (19 min)
71. Session Hijacking (18 min)
72. Hacking Web Servers (10 min)
73. Buffer Overflow (13 min)
74. OWASP Broken Web Application Project (13 min)
75. Shellshock (6 min)
76. SQL Introduction (9 min)
77. SQL Injection (16 min)
78. Web App Vulnerabilities: WordPress (10 min)
79. Wireless Hacking (18 min)
80. Using an Android VM (4 min)
81. Malware for Mobile (11 min)
82. Mobile Device Risks and Best Practices (13 min)
83. Firewall Evasion (19 min)
84. Firewall ACL Example (15 min)
85. NAT and PAT fundamentals (11 min)
86. IDS/IPS Evasion (17 min)
87. Honeypots (12 min)
88. Cloud Computing (23 min)
89. CIA: Confidentiality, Integrity, and Availability (3 min)
90. Policies (9 min)
91. Quantifying Risk (6 min)
92. Separation of Duties (13 min)
93. Symmetrical Encryption Concepts (14 min)
94. Asymmetrical Encryption Concepts (16 min)
95. Control Types (11 min)
96. Multifactor Authentication (12 min)
97. Centralized Identity Management (13 min)
98. Kerberos and Single Sign On (SSO) (17 min)
99. Backups and Media Management (9 min)
100. Operations Security Controls (14 min)
101. Physical Security Controls (11 min)
102. Incident Response (12 min)
103. VPNs (21 min)
104. Disaster Recovery Planning (13 min)
105. Pen Testing Tips (10 min)
106. Useful Tools (11 min)
107. Case Study (21 min)
108. Additional Resources and Exam Prep (8 min)



I'd like to talk with you about a gentleman named Bob who is in IT. And he dabbled in virtualization, but he didn't really have the skills to be good at it. So Bob tried lots of things. He tried books. He watched some YouTube videos. He tried figuring it out on his own.


But nothing seemed to really click for Bob. Now that reminds me of another gal in IT. Her name was Lois. And she wanted to be promoted within the company, but she also needed more skills. And she tried several things. She tried attending classes, using vendor documentation, reading blog posts-- and she had a hard time sticking with it long enough to make a difference.


So what Lois did is she scheduled small chunks of time daily. She committed to her friends and family about that study, and used the right combination of video and hands-on so she was able to gain the skills she needed. And after a few months, she was feeling confident with her skills.


And that rubbed off on everything else she did professionally and personally. And she enjoyed providing increased value and getting the promotions and pay increases that she deserved. And that brings me back to Bob. Bob was able to find a training solution that provided concise, fun and accurate training-- using CBT Nuggets-- that also included details on how to build his own hands-on lab to get that practice.


The combination of fun, effective videos along with the hands on practice did the trick and it clicked. So he now knows the concepts and is mastering the skills. And thinking back on it, Bob realized that it was totally worth it to commit the time daily towards his goals.


And that getting those skills was one of the best investments in himself that he had ever made. Someone once told me that a journey of 1,000 miles begins with a single step. And the challenge is if we don't take that single step, we're not on the journey.


So I would start off by recommending that you and I schedule time to go through these Nuggets. So regarding scheduling your time, take a look at what would be reasonable. Perhaps 15 or 20 minutes a day at a certain time. And then block that off. And the great news is that most of the Nuggets in this course are less than that, time-wise.


So you could easily enjoy about one and maybe even two Nuggets a day just by carving out a little bit of time. And then during that time, let your friends and family know that you are studying. I've also noticed that when people publicly commit to studying, for example 10 or 15 minutes a day, there's a little bit of added pressure because they've committed to that publicly.


So if you would like to commit to me publicly either on Twitter or on Facebook and just post "I commit to 10 minutes a day or 15 minutes a day," I will be right there rooting for you along with your friends and family who also want to see you succeed.


Another big aspect is practicing hands on now as part of that the good news is I walked you through how to build your own virtual lab so you can practice many of the techniques that we'll be learning. And as you practice hands-on, I would encourage you to be aware that you would never want to do anything illegal or unethical against any systems that you're not authorized to perform that type of activity on.


So when you're practicing hands-on, especially with hacking tools, do it in a safe and legal environment. And again, I walk through how to build the labs in this class. But if you also want to go out and purchase labs separately, that's also an option as well.


Eccouncil.org, if you go to their website and purchase their labs. They call them iLabs for Certified Ethical Hacker. So for a person who doesn't want to build their own virtualized environment, the iLabs are one solution to the problem of getting hands-on practice in a safe environment where you're not going to damage production systems.


And the third secret of getting the most out of our time together is to enjoy the journey. Have fun! In every single Nugget, I had fun creating it with the intent that you and I would be going through it together enjoying the content and having a boatload of fun learning it.


So that's the basic three elements. Schedule time, practice what you learn and enjoy your time. So I'm keeping this intro really, really short so we can get right to the content which starts in the next Nugget, so I'll see you there. Meanwhile, I hope this has been informative for you.


And I'd like to thank you for viewing.

Building a LAB: Concepts

Building a LAB: Networking

Deploy a Kali Linux VM

Adding Metasploitable to Your Lab

Adding Windows to Your Lab

Configure a Static IP on Kali

Windows Evaluations

Deploy Windows 8.1

Deploy Windows 2012

Deploy Windows 10

Deploy Windows 2016

Ethics and Hacking

Hacking Vocabulary

InfoSec Concepts

Attack Categories, Types, and Vectors

Five Phases of Hacking

Footprinting and Reconnaissance Concepts

Search Engine Tools

Hacking using Google

Website Recon Tools

Metagoofil Metadata Tool

Email Headers for Footprinting

Using WHOIS for Recon

DNS Tools

Network Scanning Overview

Network Scanning Methodology

Port Discovery

Network Scanning Tools

Stealth Idle Scanning

OS and Application Fingerprinting

Vulnerability Scanning

Network Mapping Tools

Proxy Servers

Using Public Proxy Services

Enumeration Concepts

NetBIOS Enumeration

SNMP Enumeration Concepts

SNMP Enumeration Tools

LDAP Enumeration Concepts

LDAP Enumeration Example

NTP Enumeration

SMTP Enumeration

System Hacking Overview

Password Cracking Concepts

Password Attack Example: MITM and Sniffing

Rainbow Crack Lab Setup

Rainbow Crack Demonstration

Password Reset Hacking

DHCP Starvation

Remote Access


NTFS Alternate Data Streams Exploit

Steganography with OpenPuff

Steganography with SNOW

Covering Tracks

Malware Overview

Trojan Overview

Creating a Trojan

Virus Overview

Virus Creation

Detecting Malware

Malware Analysis

Hash File Verification

Sniffing Overview

CAM Table Attack and Port Security

DHCP Snooping

Dynamic ARP Inspection (DAI)

Social Engineering

Denial of Service (DoS) Attacks

Session Hijacking

Hacking Web Servers

Buffer Overflow

OWASP Broken Web Application Project


SQL Introduction

SQL Injection

Web App Vulnerabilities: WordPress

Wireless Hacking

Using an Android VM

Malware for Mobile

Mobile Device Risks and Best Practices

Firewall Evasion

Firewall ACL Example

NAT and PAT fundamentals

IDS/IPS Evasion


Cloud Computing

CIA: Confidentiality, Integrity, and Availability


Quantifying Risk

Separation of Duties

Symmetrical Encryption Concepts

Asymmetrical Encryption Concepts

Control Types

Multifactor Authentication

Centralized Identity Management

Kerberos and Single Sign On (SSO)

Backups and Media Management

Operations Security Controls

Physical Security Controls

Incident Response


Disaster Recovery Planning

Pen Testing Tips

Useful Tools

Case Study

Additional Resources and Exam Prep

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 20 hrs 108 videos


Training Features

Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Our iOS and Android mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Develop and maintain a study plan with one-to-one assistance from coaches.

Supplemental Files
Files/materials that supplement the video training.

Speed Control
Play videos at a faster or slower pace.

Included in this course
Pick up where you left off watching a video.

Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Follow what the trainers are saying with ease.
Keith Barker
Nugget trainer since 2012