Cyber Security and Penetration Testing
Ethical Hacking Course in Sri Lanka
Master penetration testing, network security, and ethical hacking techniques with hands-on lab training at Ceylon Open Campus, Kattankudy. Our CEH-aligned curriculum prepares you for a career as a cyber security professional in Sri Lanka and internationally, with starting salaries of LKR 80,000 and above.
The Growing Demand for Ethical Hackers in Sri Lanka
Sri Lanka's digital economy is expanding rapidly. Government e-services, fintech platforms, e-commerce companies, and corporate IT infrastructure are all prime targets for cyber attacks. The Sri Lanka Computer Emergency Readiness Team (SLCERT) regularly issues advisories about ransomware, phishing, and data-breach incidents targeting Sri Lankan organisations. The demand for skilled cyber security professionals who can proactively identify and fix vulnerabilities — before malicious hackers exploit them — has never been higher.
Ethical hacking (also called penetration testing or offensive security) is the practice of legally probing systems, networks, and applications to find weaknesses. Organisations hire certified ethical hackers to simulate real attacks, produce detailed vulnerability reports, and recommend remediation strategies. It is one of the highest-value skills in the IT industry globally.
Beyond Sri Lanka, ethical hackers are in acute shortage in Singapore, Malaysia, the UAE, Qatar, Saudi Arabia, and the UK — all countries where Sri Lankan IT professionals are already working in large numbers. Completing a recognised CEH-aligned course significantly improves your chances of securing international placements in the cyber security sector.
What You Will Learn — Course Curriculum
| Module | Key Topics | Weeks |
|---|---|---|
| Foundations | Ethical hacking phases, legal frameworks, Computer Crimes Act, footprinting | 1–2 |
| Reconnaissance and Scanning | Nmap, OSINT, DNS enumeration, vulnerability scanning with Nessus | 3–4 |
| Exploitation | Metasploit Framework, buffer overflows, web app attacks (OWASP Top 10), SQL injection | 5–7 |
| Network and Wireless Security | Wireshark packet analysis, Wi-Fi security testing with Aircrack-ng, MITM attacks | 8–9 |
| Social Engineering and Malware | Phishing techniques, malware analysis, ransomware defence strategies | 10–11 |
| Capstone Lab and Reporting | Full penetration test on a simulated corporate network, professional pentest report writing | 12 |
Duration and Entry Requirements
Duration: 12 weeks (approximately 36 contact hours) with two sessions per week. An optional extended mentorship programme is available for graduates who wish to build a portfolio of penetration test reports for job applications.
Entry requirements: Applicants should have a foundational understanding of networking (OSI model, TCP/IP, IP addressing) and basic Linux command-line familiarity. A certificate in networking (CompTIA Network+, CCNA, or equivalent) is an advantage. Students without networking experience should first complete our Network Fundamentals short course. No formal academic qualifications are required — a practical aptitude test at enrolment confirms readiness.
Indicative Course Fees (LKR)
| Programme | Duration | Fee (LKR) |
|---|---|---|
| Ethical Hacking (Group) | 12 weeks | LKR 35,000 – 50,000 |
| Ethical Hacking + CEH Exam Prep | 14 weeks | LKR 45,000 – 60,000 |
The CEH exam fee (approximately USD 500–950) is paid separately to EC-Council. Call 075 922 0083 to confirm current course pricing and intake dates.
Career Outcomes and LKR Salary Ranges
| Role | Experience Level | Monthly Salary (LKR) |
|---|---|---|
| Junior Security Analyst | 0–2 years | LKR 80,000 – 130,000 |
| Penetration Tester | 2–4 years | LKR 150,000 – 250,000 |
| Senior Security Consultant | 5+ years | LKR 300,000 – 500,000+ |
| Cyber Security Manager | 7+ years | LKR 400,000 – 700,000+ |
Why Study at Ceylon Open Campus?
Ceylon Open Campus offers practical, lab-intensive IT training in the Eastern Province of Sri Lanka — an area where quality cyber security education was previously inaccessible. All lab work is conducted in isolated virtual network environments using industry tools identical to those used by professional penetration testers. Our instructors have practical industry experience and will help you build a professional portfolio of pentest reports that you can present to employers. Graduates are also directed toward our degree pathway programmes for those who want a UGC-recognised academic credential alongside their professional certification.
Advance Your Cyber Security Career
Frequently Asked Questions
Is ethical hacking legal in Sri Lanka?
Ethical hacking — also called penetration testing or white-hat hacking — is entirely legal when performed with explicit written authorisation from the owner of the systems being tested. In Sri Lanka, the Computer Crimes Act No. 24 of 2007 governs unauthorised access to computer systems. Certified ethical hackers work under formal contracts and scope documents that authorise their activities. Our course covers the legal and ethical framework in depth so that graduates understand the boundaries of their professional role.
What is the CEH certification and is it required for a career in ethical hacking?
The Certified Ethical Hacker (CEH) is a globally recognised credential issued by EC-Council. It validates that a professional understands attack techniques, defensive strategies, and the five phases of ethical hacking: Reconnaissance, Scanning, Gaining Access, Maintaining Access, and Covering Tracks. While not mandatory for all security roles, the CEH is widely requested by employers in Sri Lanka, the Gulf states, Singapore, and Australia. Our course curriculum is aligned to the CEH v12 syllabus, preparing you to sit the certification exam independently.
What prior knowledge do I need to enrol in the ethical hacking course?
You should have a basic understanding of how computer networks work — ideally having completed a Networking Fundamentals or CCNA-level course, or having at least one year of IT work experience. Familiarity with Linux command-line basics and the TCP/IP model is very helpful. Students who lack this background can first complete our IT Foundation module (available as a prerequisite short course) before joining the ethical hacking programme.
How long is the ethical hacking course and what tools will I learn?
The course runs for 12 weeks (approximately 36 contact hours). You will gain hands-on experience with industry-standard tools including Kali Linux, Nmap, Metasploit Framework, Wireshark, Burp Suite, Nessus, John the Ripper, and Aircrack-ng. Practical labs are conducted in isolated virtual environments so that you can safely explore real-world attack and defence scenarios without legal risk.
What salary can I expect as an ethical hacker or cyber security professional in Sri Lanka?
Cyber security is one of the fastest-growing and best-paid IT sub-fields in Sri Lanka. Entry-level security analysts and junior penetration testers typically earn LKR 80,000–130,000 per month. Mid-level roles (2–4 years experience) command LKR 150,000–250,000. Senior penetration testers and security consultants working for multinational firms or on international contracts can earn LKR 300,000–500,000 or more. Overseas placements — particularly in Singapore, UAE, and Saudi Arabia — offer significantly higher remuneration.
Does this course prepare me for other cyber security certifications beyond CEH?
Yes. The foundational knowledge covered in our ethical hacking course overlaps substantially with the CompTIA Security+, CompTIA PenTest+, and OSCP (Offensive Security Certified Professional) curricula. Students who complete our programme are well-positioned to pursue these additional certifications independently. Our instructors will guide you on the most logical certification pathway based on your career goals — whether that is corporate IT security, government sector work, or freelance penetration testing.
Launch Your Cyber Security Career Today
Enrolment in our ethical hacking course is limited to small groups to maximise hands-on lab time. Call or email us to confirm your spot in the next intake.
Ceylon Open Campus, Kattankudy, Sri Lanka