At the very tail end of 2024, i was able to take the Certified Ethical Hacker course. It’s been on my bucket list for a while now. I’m still working through some of the labs before i take the second test (the practical exam), but i believe there might be value in talking about what i’ve seen so far.

The Course

I have no complaints about the course. There was a lot of information to be disseminated in a short period of time, around 250 slides per day plus a few practical exercises.

The New Content

I took version 13 of the CEH, which includes AI and additional cloud content.

AI

The AI content mostly concerned sgpt (shell gpt). It was definitely interesting to learn about the tool, though i don’t think it adds much. It might speed up tooling a bit, and you don’t have to remember the syntax of commands, but that’s about it. Instead of typing “nmap -A 192.168.1.0/24” you’d tell it to “make an aggressive scan on the 192.168.1.10/24 subnet”. I don’t entirely see the use case.

Cloud

There was a lot of good content, including concepts, attacks and tools. Though for my liking it went too deeply into specific cloud providers, whose services are known to change appearance and function over night, making a lot of it pretty much useless by the time you get to see it in the CEH.

My Thoughts On The Material

All in all, there is a lot of good material, though dry at times. I would recommend to EC council to reduce the level of detail on specific cloud vendors while keeping and expanding on cloud concepts and attacks.

The Exam

The exam process, including online proctoring, was straightforward and professional. I encountered a minor issue with my voucher, but it was easily resolved. Overall, the experience was smooth.