The Complete Guide to EC-Council CEH v13 in 2026
Share
The Complete Guide to EC-Council CEH v13 in 2026
Everything you need to understand the world's most recognized ethical hacking certification — the exam, the labs, the eligibility rules, and how to buy the official kit without getting burned.
CEH (Certified Ethical Hacker) is the credential most people picture when they hear "ethical hacking." It's on more job postings than almost any other offensive-security cert, it's approved under the US DoD 8140 framework, and the current release — CEH v13, marketed as "CEH AI" — folds artificial intelligence into both the attack techniques and the defensive countermeasures you're tested on. If you're moving toward a penetration testing, red team, or security analyst role, CEH is very likely on your radar.
It's also a certification with a lot of moving parts, and EC-Council does things differently than CompTIA. There are two exams (knowledge and practical), an eligibility requirement, a bundled training-plus-labs model, and a renewal system built on ECE credits. This guide walks through all of it honestly — what CEH v13 actually tests, what's inside the official kit, what it's good for, and where it falls short — so you can decide whether it's the right move and buy the right materials the first time.
What CEH v13 is — and what changed
CEH v13 is the 2024 refresh of EC-Council's flagship program. The headline change is AI: the curriculum now teaches you to use AI to accelerate hacking workflows (recon, scripting, payload generation) and to recognize AI-driven threats and defenses. EC-Council kept the broad, 20-module structure CEH is known for — recon, scanning, enumeration, system hacking, malware, web and wireless attacks, cloud, IoT/OT, cryptography — and layered the AI material across it rather than bolting on a single module.
The program is organized into four stages: Learn → Certify → Engage → Compete. You learn through the courseware and 220+ labs, certify by passing the exam(s), engage in a four-phase mock ethical-hacking engagement against an emulated company, and compete in year-long capture-the-flag challenges to keep your skills sharp. We break Engage and Compete down in their own article — CEH Engage & CEH Compete: the gamified practice range explained — but the short version is that v13 is built to push you past memorization into doing.
If you want the version-over-version detail, see CEH v13 vs CEH v12: what's new with AI-powered hacking.
Exam Details at a Glance
These figures are for the CEH (Knowledge) exam, exam code 312-50. The CEH Practical is a separate exam — covered further down.
| Attribute | Detail |
|---|---|
| Exam code | 312-50 (CEH v13) |
| Questions | 125 multiple-choice |
| Time | 4 hours (240 minutes) |
| Format | Multiple-choice; knowledge- and scenario-based |
| Passing score | Variable / scaled, 60%–85% depending on the form you receive — there is no single fixed percentage |
| Delivery | Online via EC-Council Remote Proctoring (ECC Exam Portal) or in person at Pearson VUE |
| Recommended experience | 2+ years in information security (or completion of official EC-Council training) |
| Eligibility | Official EC-Council training OR an approved eligibility application (2+ years experience, application fee applies) |
| Language | English (other languages may be available in some regions) |
| Validity | 3 years, renewable via the ECE program |
| Cost | Varies by region and channel — see the CEH exam voucher for current pricing |
A note on that passing score, because it surprises people: EC-Council rotates multiple exam forms and assigns each a cut score based on its difficulty. A harder form can pass at around 60%; an easier one might require up to 85%. You won't know your threshold until you see your result, so you can't "aim for 70% and coast." Practically, that means you can't afford a weak module — aim to score consistently in the 80s on quality practice tests before booking. (More on why realistic practice matters in practice tests & PBQs: why performance-based questions matter.)
The 20 modules, grouped by where the marks are
CEH v13 spans 20 modules. Exact weightings shift slightly between forms, but the center of gravity is consistent. Here's a practical grouping of where your study time pays off most:
| Focus area | Modules included | Why it matters |
|---|---|---|
| Recon & mapping | Footprinting & Reconnaissance, Scanning Networks, Enumeration, Vulnerability Analysis | The largest combined block — every engagement starts here |
| System & malware | System Hacking, Malware Threats, Sniffing | Core offensive execution; heavily tooled (Nmap, Metasploit, Wireshark) |
| Network & evasion | Social Engineering, DoS/DDoS, Session Hijacking, Evading IDS/Firewalls/Honeypots | Tests methodology, not just tool syntax |
| Application attacks | Hacking Web Servers, Hacking Web Applications, SQL Injection | Web is where a lot of real-world findings live |
| Modern surface | Wireless, Mobile, IoT/OT, Cloud | The areas v13 expanded — and where AI content shows up most |
| Foundations | Information Security overview, Cryptography | Lower weight, but easy marks if you don't neglect them |
If you've studied for CompTIA PenTest+, a lot of this methodology will feel familiar — the two certs overlap heavily on recon and exploitation. We compare them head-to-head in CEH vs CompTIA PenTest+: which pentesting cert to choose, and across the wider field in PenTest+ vs CEH vs OSCP vs CPENT.
CEH vs CEH Practical vs CEH Master
This trips up a lot of buyers, so let's be precise. There are two exams and one designation.
- CEH (Knowledge) — the 125-question, 4-hour multiple-choice exam described above. Pass this and you are a Certified Ethical Hacker.
- CEH Practical — a separate, 6-hour, hands-on exam with 20 real-world challenges in a live cyber range (not a simulation — real VMs, networks, and applications). You need 70% (14 of 20 challenges) to pass. It validates that you can actually scan, enumerate, exploit, escalate, and pivot, not just recognize the right answer.
- CEH Master — a designation, not a third exam. You earn it automatically when you've passed both the Knowledge exam and the Practical. Both the Practical and the Master designation are ANAB-accredited and DoD 8140 approved.
We dig into the decision in CEH Practical vs CEH Master: which path should you take, but the rule of thumb: CEH (Knowledge) alone clears most HR filters and DoD work-role requirements; add the Practical when the role is genuinely hands-on or you want to prove execution, not recognition.
You can buy the practical attempt via the CEH Practical exam voucher, and prep for it in the CEH iLabs environment — walkthrough here: CEH iLabs: hands-on hacking lab walkthrough.
Eligibility: the EC-Council-specific hurdle
Unlike CompTIA, you can't just buy a CEH voucher and book a seat. EC-Council requires you to qualify in one of two ways:
- Take official EC-Council training (instructor-led or the official self-paced courseware). This automatically satisfies eligibility — no application needed.
- Apply for eligibility by demonstrating 2+ years of information-security work experience. This route involves an application form, employer verification, and a non-refundable application fee.
This is exactly why most candidates go through the official courseware route — it's cleaner, it satisfies eligibility, and you actually get the labs. (It's also why pirated PDFs are a false economy: they don't make you eligible, they're stale within a version cycle, and they carry no labs or exam access. We lay this out in official EC-Council courseware vs pirated PDFs.)
What's inside the official CEH v13 kit
When you buy genuine CEH materials, here's what each piece does:
Official Courseware — the EC-Council e-courseware (and module videos in the iLearn/iClass options) covering all 20 modules, aligned exactly to the current exam blueprint. 👉 CEH v13 Official Courseware — breakdown in CEH courseware: what's inside the official kit.
iLabs — the cloud-based, browser-accessible lab range (220+ labs, 4,000+ tools) where you actually run the attacks. This is what separates CEH from a book. 👉 CEH v13 iLabs.
Exam Voucher — your seat for the 312-50 knowledge exam (and separately, the Practical voucher). 👉 CEH Exam Voucher · CEH Practical Voucher — voucher mechanics in CEH exam voucher: standard, retake & ECC center options.
Bundle — courseware + iLabs + voucher together, which is how most people actually buy CEH (and usually the best value). 👉 CEH Courseware + iLabs + Voucher Bundle.
Browse everything CEH in one place: the CEH collection, or the full EC-Council collection.
What it covers / Strengths / Limitations / Best for
What it covers: A broad sweep of the offensive-security lifecycle across 20 modules, now with AI-assisted attack and defense techniques, plus optional hands-on validation via the Practical.
Strengths: Enormous brand recognition with hiring managers and HR filters; DoD 8140 approval for relevant work roles; genuinely broad coverage; strong labs; a clear progression to the Master designation.
Limitations: It's broad rather than deep — the Knowledge exam leans toward recognition, so CEH alone won't convince a serious red-team lead you can pop a box (that's what the Practical is for). The eligibility step and the variable cut score add friction. And it's pricier than vendor-neutral entry options.
Best for: Aspiring or early-career pentesters and SOC analysts who want a widely recognized, DoD-aligned credential — and anyone whose target employer or government role explicitly lists CEH.
Renewing CEH: the ECE program
CEH is valid for 3 years. To keep it, you earn 120 EC-Council Continuing Education (ECE) credits within that window — through training, conferences, webinars, publishing research, and related activities — and pay the annual membership fee. Alternatively, you can retake the current exam. Full mechanics in how to renew your CEH with ECE credits.
Where CEH fits in your career path
If you're mapping out a longer route, CEH usually sits in the early-to-mid offensive-security band. A common progression runs from foundational vendor-neutral certs, through CEH, and on to more demanding hands-on credentials like CPENT or OSCP. For the full landscape see the best cybersecurity certifications for pentesters in 2026, the DoD angle in DoD 8140-approved certifications: CompTIA & EC-Council, and — if CEH would be your first security cert — the best certifications for beginners in 2026.
One thing worth remembering: ethical hacking is ultimately about protecting people and organizations, and a huge share of real breaches start with the human layer — phishing, weak passwords, social engineering. If you run a team, pairing your technical upskilling with free security-awareness training for everyone else is one of the highest-leverage moves you can make. Our free platform, Security365 CyberAwareness, is built for exactly that.
Building a lab to practice
CEH's labs are excellent, but it helps to also have your own playground for free-form practice between modules. If you want to extend beyond iLabs, our guide to setting up a home lab for CompTIA & EC-Council walks through a budget VM setup you can break things on safely.
FAQ
Is CEH v13 worth it in 2026? If your target roles or a government/DoD work role list it, yes — recognition is its biggest asset. If you're chasing pure hands-on credibility for a senior red-team role, plan to add the Practical (CEH Master) or pair CEH with a CPENT/OSCP-style cert.
Do I really need official training, or can I self-study? You can self-study if you qualify through the 2+ years experience eligibility application (with its fee). Most people find the official courseware route simpler because it satisfies eligibility automatically and includes the labs you'll need anyway.
What's the difference between CEH and CEH Master again? CEH = passing the 125-question Knowledge exam. CEH Master = passing both the Knowledge exam and the 6-hour hands-on Practical. Master is a designation, not a separate test.
What passing score do I need? There's no fixed number. EC-Council scales the cut score to your specific form, anywhere from 60% to 85%. Treat it as "know everything well" rather than "hit 70%."
Can I take the exam online? Yes — online with EC-Council's remote proctoring, or in person at a Pearson VUE center. Same exam either way.
How long is a voucher valid? Typically 1 year from issue. Don't sit on it — book early.
Does CEH expire? Yes, after 3 years. Keep it with 120 ECE credits over that period, or retake the current exam.
🎯 Get CEH v13 the right way — through IT-MASTER Co.
📘 CEH v13 Official Courseware 🧪 CEH v13 iLabs (hands-on range) 🎫 CEH Knowledge Exam Voucher (312-50) 🎫 CEH Practical Exam Voucher 📦 CEH Courseware + iLabs + Voucher Bundle (best value) 🛡️ Browse the full CEH collection
Everything we sell is 100% genuine, sourced directly from EC-Council's official distribution channels, delivered within 4–8 hours, with full official access durations. As an authorized EC-Council training partner, IT-MASTER Co. gives you legitimate eligibility, current courseware, and real labs — not a dead-end PDF.
Questions? Contact IT-MASTER Co.