Ethical Hacking Practitioner (S-EHP)

Ethical Hacking Practitioner Course Modules

Module 1: Pre-Engagement and Reconnaissance

• In this module you will learn what a pen test exactly is. You will learn what types of pen tests exist, how they are used, and how to assess which type of test is the most suitable for your purpose. You will also understand what is involved in a warranty and how you determine the scope, time and costs of a pen test. Furthermore, you will learn how to gather information on a target person or organisation. As you probably already know, the internet is full of information you can use during the exploration phase of your pen test. Understanding how to find, organise and use such information, is a core part of this module.Learning objectives:
  • Understand what pen testing is and what types of pen tests you can use for what purposes
  • Gather and weigh up relevant legal and administrative considerations to be taken into account before starting a pen test
  • Use open sources (OSINT) to find information on a target and identify relevant information for the pen test
  • Apply advanced scanning techniques to find (more) information on the target
  • Combine the information found into a profile that can be used as a basis for attack planning
  • Identify vulnerabilities while researching the information and combine relevant vulnerability information into a (preliminary) report

Module 2: Linux & Scripting

• This module takes you into the world of Linux and in particular Kali Linux, the most widely used distro (distribution) for ethical hacking. We will look at the structure of Linux (file locations), the basic functionalities to execute commands, the tooling used, and how you maintain your own environment as a pen tester. Subsequently, we are also going to look at Bash. How does it work? What functionalities can a pen tester use? How do you work with scripts? Finally, we will take you along the path of Python scripting. Although this is not a programmer course, it is good to know how Python works and which basic scripts and commands you can run to make your life as a pen tester a lot easier.Learning objectives:
  • Understand how Linux works and navigate Kali Linux
  • Know the basic structure of Linux and how to maintain the system
  • Work with the graphical user interface as well as with the terminal
  • Write basic scripts using Bash and Python for (test) automation

Module 3: Testing Network Services

• Module 3 dives deep into finding and exploiting vulnerabilities in common network services.Learning objectives:
  • Understand network protocols and how they work together
  • Find information on specific protocols in order to find vulnerabilities
  • Perform a low-level spoofing attack
  • Perform a man-in-the-middle attack using lower level protocols
  • Attack devices using vulnerabilities in the Bluetooth protocols
  • Utilise different aspects of HTTP protocols
  • Use Burp Suite and ZAP as a man-in-the-middle proxy
  • Find FTP vulnerabilities and ways to exploit them
  • Find SSH vulnerabilities and ways to exploit them
  • Find SMB vulnerabilities and ways to exploit them
  • Find NetBIOS vulnerabilities and ways to exploit them
  • Use the ‘Responder’ tool to gather information and exploit weaknesses on the network/application level

Module 4: Testing Devices

• In Module 4 you learn to find and exploit vulnerabilities in mobile devices, IoT devices, and other types of hardware

Learning objectives:

• • Understand the basics of mobile device architecture
  • Understand the security architecture of Android and iOS
  • Use Android developer tools to exploit vulnerabilities in devices
  • Know what tools to use in order to reverse-engineer an application and understand how these tools work;
  • Perform basic reverse engineering on a mobile app in order to find and exploit vulnerabilities in the app (or the backend services/system)

Module 5: Testing Acces Control

• In this module, you will find out how to find and exploit weaknesses in identification, authentication, authorisation and session management.

Learning objectives:

• • Understand the Identity & Access Management (IAM) process (enrolment, identification, authentication, authorisation, permitting access, accounting)
  • Explain how multi-factor and multi-step authentication work
  • Attack directory services using common tools
  • Explain how Kerberos, SAML, OAuth2 and tokens (sliding tokens) are used to secure access;
  • Familiar with Protocols: Kerberos, SAML, OAuth2, tokens (sliding tokens), certificate pinning (HSTS) and know how these protective measures are used
  • Find broken authentication controls in desktop applications / mobile applications / OS calls / Single Sign-On algorithm + implementations, and exploit the vulnerabilities
  • Find broken session controls in desktop applications / DLL (calls) / API calls / mobile applications / web applications / REST services and SOAP services/ thin client-based services like RDP, Citrix, SSH, VNC, and exploit the vulnerabilities

Module 6: Testing Software and Databases

• Module 6 focuses on finding and exploiting vulnerabilities in databases and software in general. This will cover how software actually works and how to find weaknesses in code or binaries by using techniques like fuzzing, static/dynamic analysis, or reverse engineering/decompiling.

Learning objectives:

• • Understand software architecture and structure
  • Find weaknesses in code or binaries by using techniques as fuzzing, static code analysis and reverse engineering and decompiling
  • Reproduce attack vectors on software
  • Apply fuzzing techniques and use them to find overflow and other vulnerabilities
  • Understand how database servers work and use this knowledge to attack databases and software
  • Use Metasploit exploit modules

Module 7: Conclusion – Reporting

• In this module, you will learn how to rate vulnerabilities using CVSS and how to inform you customer of vulnerabilities and risk levels in a clear, concise manner.

Learning objectives:

• Provide reasonable (overall) risk rating
• Explain risks to stakeholders, most importantly management
• Advise on possible mitigations

Module 8: Capture The Flag

The Capture The Flag challenge combines all steps of the penetration test. In this exercise, you will demonstrate your understanding of the principles of penetration testing, your ability to apply the principles to a concrete project, and your competence to effectively analyse unknown situations to find potential weaknesses. After completing the challenge, you will write a report that would be sent to an actual customer.

Ethical Hacking Practitioner Certification Exam

Ethical Hacking Practitioner is an advanced-level certification that validates your knowledge and hands-on skills as a professional ethical hacker. The exam tests your understanding of the penetration testing process from intake to reporting, and your ability to test networks, devices, access control, software and databases for security.

The Ethical Hacking Practitioner certification exam is conducted by the SECO-Institute, Europe’s leading security and continuity certification body. The exam voucher is included in the course fee, but you need to schedule your exam with the SECO-Institute. Upon successful completion of the exam, you will receive an exam certificate and an invitation to register your official SECO-Ethical Hacking Practitioner (S-EHP) certification title. By activating your certification title, you will become a certified professional in your field and you will receive a shareable digital badge to verify your competence to clients, employers and fellow professionals.

Exam information

Part 1: Capture the Flag (50% of exam score)

• The CTF tests your hands-on penetration testing skills and accounts for 50% of your exam score.
• Time allowed: 180 minutes
• Closed-book exam (you are not allowed to use books, training materials or websites during your exam).

Part 2: Computer-based written exam (50% of exam score)

• 10 multiple-choice questions and 5 open-ended questions
• Time allowed: 60 minutes
• Closed-book exam (you are not allowed to use books, training materials or websites during your exam).

What are the benefits of a SECO-Ethical Hacking Practitioner (S-EHP) certificate?

Passing a SECO-Ethical Hacking Practitioner certification exam means that you have been assessed on your ability to understand and perform all the steps of a professional penetration test and you have met the standards expert ethical hackers set for junior or mid-level penetration testers. Your SECO-EHP certificate and digital badge are proof of your competence to design and carry out a penetration test in a legal, ethical and highly effective manner. Use your SECO-EHP credentials to verify your pen testing skills to clients, employers and peers. Establish yourself as an ethical hacking professional and open yourself to new career opportunities in penetration testing, security analysis or security consultancy.