Hey everyone,

I’ve got a bit of a situation and wanted some honest opinions.

I have an opportunity to get the CEH (Certified Ethical Hacker) certification done for free through someone I know. So cost isn’t a factor at all here.

My question is — is it actually worth doing in 2026?

I’ve seen mixed opinions online. Some people say CEH is outdated and mostly theory-based, while others say it still helps for HR filtering and getting interviews. I’m mainly interested in cybersecurity (still building skills/projects), and I’m trying to figure out if this will genuinely help or if it’s just a “checkbox” cert.

So I’d love to hear from people in the field:

• Does CEH still have value in terms of job opportunities or internships?

• Is it respected by recruiters or just something nice to have on a resume?

• If it’s free, is there any downside to doing it?

• Would you prioritize something else instead (like OSCP, eJPT, or hands-on labs)?

Basically: If you could get CEH for free, would you do it? Why or why not?

Appreciate any insights 🙏

Hey everyone,

I’ve got a bit of a situation and wanted some honest opinions.

I have an opportunity to get the CEH (Certified Ethical Hacker) certification done for free through someone I know. So cost isn’t a factor at all here.

My question is — is it actually worth doing in 2026?

I’ve seen mixed opinions online. Some people say CEH is outdated and mostly theory-based, while others say it still helps for HR filtering and getting interviews. I’m mainly interested in cybersecurity (still building skills/projects), and I’m trying to figure out if this will genuinely help or if it’s just a “checkbox” cert.

So I’d love to hear from people in the field:

• Does CEH still have value in terms of job opportunities or internships?

• Is it respected by recruiters or just something nice to have on a resume?

• If it’s free, is there any downside to doing it?

• Would you prioritize something else instead (like OSCP, eJPT, or hands-on labs)?

Basically: If you could get CEH for free, would you do it? Why or why not?

Appreciate any insights 🙏

So I just got offered a chance to take the CEH (Certified Ethical Hacker) exam for free, and I’m wondering what to expect.

For context, I currently hold Security+ and eJPT, I’ve gone through Network+ materials, and I have a Computer Science degree. I’m mostly familiar with basic networking, pentesting fundamentals, and general cybersecurity concepts.

I’ve seen mixed reviews about CEH, some people say it’s super easy and outdated, others say it was surprisingly tough. I’m only planning to take the MCQ (multiple-choice) version, not the practical one.

So, for anyone who’s taken it recently:

• How hard is it compared to Sec+ or eJPT?

• Are the questions more about tools and theory, or actual technical understanding?

• Any recommended prep resources (if I don’t want to overstudy)?

Appreciate any insights from folks who’ve taken it lately. Just trying to gauge whether it’s worth putting serious time into, or if I can just brush up on key topics and go for it.

Pretty much explained in the title. I need to get CEH by October of this year. Could it be done? Are there any learning resources you would recommend?

I’m a SOC analyst/incident responder with 2 years experience, and passed Security+. I’m mainly looking to improve my skills so I can move into a more senior incident responder role, where I’ll also be helping with some internal pentesting and engineering.

Is CEH a useful certification? And is it something a non-pentester could realistically pass or do you really need to have some real life offensive security experience before taking it?

The title basically says it all. Is there any good free ethical hacking course?

Hey guys,

I’ve been looking for a cybersecurity/ethical hacking course, I’m currently doing Fortinet NSE but want to do ethical hacking.

What’s the best course? There’s so many so I’m not sure, I saw E-Council could be best but idk? Can anyone give me some information on witch course and certificate/institute could land me an actual job??

Hello, I am 16 and I'm writing here because I want to start learning hacking. I have a little experience with IT, but I will do my best to improve and learn new things. My question is: if I get the right skills to become an hacker, then which exams I have to take to improve my curriculum as a worker? I know certificates don't determine if you are good or bad, but i think they are essential to get hired. If you don't have certifications, what do you write on your curriculum?

Sorry for the bad grammar, I'm not that good at english. Thanks to anyone who will answer :)

Hey everyone, I’ve recently become really interested in ethical hacking and want to make good use of my free time to dive into it. I’m currently a student and don’t have a lot of experience in cybersecurity, but the idea of learning how to ethically hack and secure systems fascinates me. I’m looking for a roadmap to get started — which free online courses (with or without certificates) should I begin with? Also, what programming languages would be the most useful to learn for this field?

I don’t have a lot of guidance, so any advice on where to start or free resources would be super helpful. I’d love to hear from those of you who’ve been through this journey or know the best way to break into this world.

Im currently following a degree in cybersecurity. We have a subject called ethical hacking. When i searched about the CEH in my university it is a 5 day training program but its costly. The exam contains 125 mcqs. Will it really help me become a hacker?

I’m trying to steer my career towards a security role, and I wonder if the CEH is worth getting. I see mixed reviews. Does anyone have any insight? I currently have the CompTIA trifecta the project + and ITIL foundations.

Hello everyone, I recently posted a large rant about higher education, cyber security degrees, and expectations. On that post a lot of people have asked me about certifications, career paths, etc. One topic I want to address really badly is EC-Council and the C|EH certification. I see a lot of people talk about it on here and it is seemingly recommended a lot and that makes me really sad and here is why.

EC-Council is a security training and certification organization that has been around since 2001, their C|EH (Certified Ethical Hacker) certification has been around since 2003. This is probably their most notable certification and I think a lot of people seem to believe it is a golden ticket into Infosec. The problem is that it's not and it's actually a terrible certification written by a very shady company. If I can save one more student or cyber security enthusiast from wasting time and money on a certification that will not advance their career - this post will be worth it.

• Per EC-Counils own site the C|EH is a 'core' certification yet they charge $1200 for a single voucher. To put this in perspective the CISSP (which is an expensive certification) costs $730. The CCNP is $400 and neither of these are considered 'core' certifications. I've read and taught a few versions (no longer do) of the C|EH and it's depth is about on par with the Security+ (which is a good cert) and a fraction of the price at like $200. The C|EH price is really not in the same universe as most other certifications.

• It is a certification that claims to give students hands-on experience in the wonderful world of ethical hacking but the exam itself is a 125 question multiple choice test. For $1200 I would expect a live lab environment and hands-on scenarios but alas bust out your note cards and get to memorizing tool names in Kali linux because in reality that's what most of the questions are based on - tools and methodologies.

• EC-Council got caught, and admitted to plagiarism. Their heart felt apology is on their own website. As you can imagine - they're very very sorry.

  • https://www.eccouncil.org/plagiarism-investigation/

• EC-Council got hacked on multiple occasions, in-fact so badly so that their website was used to spread malware to its users for several days. Along with this lots of user PII was leaked including passports, and other forms of ID for verifying people sitting for certification exams. For a company based around cybersecurity and training our DoD it kind of rubs me the wrong way that they were compromised this badly. However, I will kind of give them a partial pass because being a cybersecurity organization can make you a bigger target in many cases.

  • https://securityaffairs.co/wordpress/45637/breaking-news/ec-council-website-hacked.html

  • https://www.ehackingnews.com/2013/05/ec-council-hacked-by-godzilla-for.html

  • https://www.theverge.com/2014/2/24/5441386/ethical-hacking-organization-website-defaced-with-snowden-passport

• Their sales tactics are some of the worst I've ever seen. They nonstop call educators, corporations, or anyone who they think may want to peddle their products. It's the equivalent of used car salesman but for a really bad certification. If this certification is so good, why do you need to call my cell phone multiple times a week to try and lock me into deals. Good educations and certifications kind of sell themselves.

• Lastly, the name and it's marketing. In my humble opinion the only reason the C|EH is still relevant is because of the marketing behind it's name. It's a cool name, it has a good ring and the certification has been around for a long time. Most of the jobs and people I see asking for it are HR or non-technical managers. I personally know three engineers that have it and one of them doesn't even put it on his resume. The other two told me it was a waste and they only got it because their company had a group training session for it.

• Now lastly the salaries, this one is really dumb because people often times Google salaries of certifications and those can be wildly inaccurate. For example my Network+ is still active because I'm an educator and I get CEUs like crazy. I also have a Bachelors degree, 10 years of experience, and a CISSP. This is a similar story for the C|EH. Most of the people I know who have the C|EH also have the CISSP, CCNA, Bachelors, some Masters, and lots of years of Infosec experience.

So please lets all avoid EC-Council, save ourselves a ton of money, and let horrible companies like them disappear or re-invent themselves. There are so many better alternatives so hear me out and check out what's below. Also keep in mind I don't work for any of these companies and I even have had some criticism of a few of them in the past. Overall, I still think these are all solid and quality offerings.

• eLearnSecurity: eJPT, eCPPT

• OffensiveSecurity: OSCP

• Cisco: CCNA CyberOps

• CompTIA: Security+, PenTest+, CySA+, CASP

• (ISC)2: SSCP, CISSP

I am 16 years old and am looking into going to college and majoring in Computer Science and minoring in cybersecurity. Do you think learning and getting my certification now would be a good option? If so where should I learn? Online, in person? etc.

Hi guys, I'm 24 and I am a software engineering student. unfortunately I'm in the sixth year of a course that would have to end in three years. I'm locked up and can not get up, I'm getting Cisco CCNA certification but what I really am passionate about is Ethical Hacking. so I thought maybe following a course and getting a good certification in this field that could even allow me to work could give a shock to my life. so I ask you, what is the best course with consequent certification? I'm looking for a course that gives me training starting from the basics but then deepens the arguments. I look for a recognized certification (especially in Europe). I hope you can give me a hand, for me it's not just a course, it should be a turning point. Also, it should not be too overpriced! I hope you can help me, not just sponsoring your product. I know I'll get mixed responses and I'll be even more confused :(

I’ve been going deeper into ethical hacking over the past year, mostly in my own lab environments and through CTFs, and while the hands-on part is exciting, I keep seeing debates around certifications in the infosec world.

CEH (Certified Ethical Hacker) from EC-Council seems to get mixed reviews. Some people say it’s outdated and overpriced, while others claim it’s still useful for getting past HR filters or landing an initial role. I’m not aiming to become a clipboard-certified "pen tester" only, I actually want to build real skills that translate to practical work.

So I’m curious to hear from others here:

• If you've taken CEH, OSCP, or any other cert, did you find it practically useful?

• Do you think CEH still holds weight in hiring, or are there better ways to demonstrate competence?

• Is there value in studying CEH material just for foundational theory, even if not going for the cert?

Not trying to start a cert war, just genuinely wondering how others in the hacking/security space see these certifications in 2025. For context, I’ve looked through EC-Council’s website, and while the marketing is strong, I’m not sure how much of it translates to real-world capability.