EC-Council CEH v13
Think like an attacker — legally. This ethical hacking and penetration testing course follows the EC-Council CEH v13 methodology from reconnaissance through exploitation to professional report writing. Run real attacks in a controlled lab using Kali Linux, Metasploit, Burp Suite, Nmap, Hydra and Aircrack-ng — the same toolkit used by professional pen testers across South Africa. Available in Johannesburg and online.
Passive OSINT: Maltego, Shodan, theHarvester, WHOIS, Google dorks. Active scanning: Nmap host discovery, port scanning, OS fingerprinting, service enumeration. Lab: full recon against a target lab environment.
Metasploit framework architecture, modules and payloads. Exploiting known CVEs against Metasploitable2. Password attacks: Hydra brute-force, John the Ripper, pass-the-hash. Privilege escalation on Linux (SUID, sudo misconfig) and Windows (token impersonation, unquoted service paths).
OWASP Top 10 hands-on: SQL injection (manual + sqlmap), XSS (reflected/stored/DOM), CSRF, IDOR, file inclusion (LFI/RFI), broken authentication. Burp Suite: proxy, repeater, intruder, scanner. Lab: attack DVWA and WebGoat in your local lab.
WPA2-PSK cracking with Aircrack-ng, evil twin AP setup, deauthentication attacks, Bluetooth vulnerabilities. Social engineering methodology: phishing, pretexting, vishing. Alfa AWUS036ACH adapter required for wireless labs.
Post-exploitation: covering tracks, persistence, pivoting basics. Professional pen test report writing: executive summary, findings, CVSS scoring, remediation recommendations. CEH v13 full exam domain review, mock exam, and module capstone assessment.
Taught by Arnold — Code College founder, lead trainer and practitioner with 20+ years of developer and security training experience. Live sessions, not recordings.
Every topic has a corresponding lab exercise in your local VM environment. You build, break and defend real systems — building a portfolio of lab evidence from day one.
Attend in-person at Code College's Woodmead campus or join 100% live online from anywhere in South Africa. Both options deliver the same experience.
Earn the “Ethical Hacker” Code College Digital Badge on passing the module assessment — immediately shareable to LinkedIn. Stack badges toward the full bootcamp certificate.
Yes — all practical work is performed in isolated, intentionally vulnerable lab environments that you own and control (VirtualBox VMs on your own machine) or in legal platforms like TryHackMe. The module includes a professional ethics session covering computer crimes legislation in South Africa (ECTA, Cybercrimes Act 2020) and the boundaries of lawful security testing.
Yes. The Alfa AWUS036ACH USB adapter (~R600 from local tech stores) is required for the wireless hacking labs in Week 4 because standard laptop Wi-Fi cards do not support packet injection mode. This is the only hardware purchase required specifically for Module 3. A list of South African stockists is provided on enrolment.
The EC-Council Certified Ethical Hacker v13 is a globally recognised offensive security certification. The exam is 125 multiple-choice questions over 4 hours. Pass rate for candidates who complete structured training is approximately 70%. This module maps to all 20 CEH v13 domains. The exam voucher is purchased separately from EC-Council (~R6,500–R8,500 depending on bundle).
Absolutely. Understanding offensive techniques makes you a significantly better defender. SOC analysts and incident responders with Module 3 knowledge understand attacker behaviour at a level that improves detection quality and investigation speed. Many blue team professionals hold both CEH and CySA+.
The CEH v13 exam (312-50) costs approximately USD 550 — around R10,000–R11,000 at current exchange rates — via Pearson VUE. It can be written at a Johannesburg test centre or online. A separate CEH Practical exam (also USD 550) is available; many employers value candidates who hold both. Module 3 prepares you for the theory exam and the practical lab hours count toward the Practical eligibility requirement.
Entry-level pen testers with a CEH earn R400,000–R650,000 per year. Mid-level professionals with 2–4 years’ experience earn R700,000–R1.1M. Senior pen testers and red team leads earn R1.2M–R1.8M+. Demand is growing rapidly as POPIA compliance requires South African companies to conduct regular penetration tests on their systems.
Enrol in this ethical hacking course as a standalone module or as part of the full Cybersecurity Bootcamp. Live online and in-person in Johannesburg, South Africa.