Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques Paperback – September 23, 2010
|New from||Used from|
Top 20 lists in Books
View the top 20 best sellers of all time, the most reviewed books of all time and some of our editors' favorite picks. Learn more
Customers Who Bought This Item Also Bought
"The hacking community is fraught with Eastern military comparisons. Like the ninja, we are continuing to come out of the shadows of our communal origins and grow into respected members of a larger society. As our industry matures, it demands more formal education, strict regulations and an adherence to a code of ethics. Therefore it becomes increasingly difficult to incorporate the culture of the unconventional warrior into our new world. Enter Wilhelm and Andress, who make it safe to show off your fu again. By the end of this book, the security professional is given the philosophical foundation along with a practical framework from which to leverage the way of the ninja. What could be cooler?"--Overall, Ninja Hacking has excellent relevant material and a significant amount of Ninja lore and history. While this book is not a technical reference, it is an excellent choice for someone who has an interest in Ninjas or someone who is looking for inspiration to think differently about penetration testing and security concepts. The mappings for traditional Ninja skills to the skills of today are mostly well-coupled and are always relevant to how the leaders in the field are addressing security today."----Donald C. Donzal, Editor-in-Chief, The Ethical Hacker Network
"When they put "unconventional" in the title, the authors weren't exaggerating. Perhaps the most unusual book written on computer security, this volume centers around detailed descriptions of the ethics, mindset, and tactics used in the Japanese martial arts commonly called ninja. The history of ninja fighting arts and the samurai warriors who practiced them are described in the first chapter. Each subsequent chapter presents specific ninja tactics, including intelligence, use of weapons, surveillance, and sabotage, then applies them to effective computer security management. Both authors are computer security specialists. The book also benefits from a Ninjutsu consultant, Bryan R. Garner, and a technical editor, Joshua Abraham."--SciTechBookNews
"With the good blend of historical techniques and its modern day application there is something in here for everyone."--Hakin9
"Be in no doubt, credibility is high for this book..All in all, while the writing style is light, the content is, for lack of a better term, meaty. This is definitely not recommended as an entry level book, but it is an excellent resource for penetration testers and those thinking of commissioning pen tests on their systems."--Paul Baccas, NakedSecurity.com, Oct. 25, 2011,
From the Back Cover
Ever thought of using the time-tested tactics and techniques of the ancient ninja to understand the mind of today’s ninja, the hacker? Penetration testers and security consultants perform tests both externally and internally for clients that include both physical and technical tests. Throw traditional pen testing methods out the window for now, and see how thinking and acting like a ninja could actually grant you quicker and more complete access to a company’s assets. Get in before the hacker does with these unorthodox techniques -- using all of the tools that the ninja has: disguise, espionage, stealth, and concealment. Learn how to benefit from these tools by laying your plans, impersonating employees, infiltrating via alarm system evasion, discovering weak points and timing, spyware and keylogging software, and log manipulation and logic bombs. And, really, don’t you want to be a ninja for a day just because they’re cool? Let this book be your excuse!
More About the AuthorsDiscover books, learn about writers, read author blogs, and more.
Top Customer Reviews
The book is peppered with historical parables designed to shed light on modern security scenarios and stoke interest in the material. These scenarios may make explanation of aspects of penetration testing easier to understand for non-pentesters, and they should make experienced security experts think. The book covers a broad range of concepts, from contrasting the philosophies of the Ninja and Samurai classes using stories about specific feudal lords and clan leaders to examining the rules of engagement according to Sun Tzu's Art of War. Throughout, these researched components are not only used to examine concepts of penetration and defense but also to question the cookie-cutter methodologies found in many penetration tests. However, those who aren't interested in Ninjas can skip the first 2 chapters and go directly into the chapters about stealth and misdirection and will still be able to understand the references in most of the book.Read more ›
I mainly liked it because
- it is different than the 'usual' security books
- it never gets boring
- the historical parts were very interesting and educational
- it is extremely well structured
- it gives you a good sense of what is possible in hacking today
- it transports the methods and concepts of the ninjas into today's security (and hacking) world.
All in all I think it is a very good book to read and worth the time spend.
The combination of both parts (the technical and the historical) encourages the out-of-the-box thinking.
Reviewer: Mario Camilien, CISSP
Authors: Thomas Wilhelm and Jason Andress
Ninja hacking will continue to be a very good reference book. The process of using Social Engineering as a tool to exploit human weaknesses will continue to be enhanced. There are many ways Social Engineering attacks can be crafted. Attacks are often successful because attackers exploit our human frailties. Social Engineers are often playing on peoples' fear, vanity, and curiosity. The authors have pinpointed those areas in many good examples such the ones outlined below:
- loss of job
- loss of insurance
- current events
- academic achievements
After reading the Ninja hacking book, one will come to the conclusion that human's ability to use techniques to accomplish a stated objective is limitless. One must never assume and rely on pre-conceived notions about individuals, locations, and organizations. The methods are not new. Social Engineering is the process of using technology as vehicle to revive and enhancing old tactics.
Mario Camilien, CISSP
Ninja Hacking is well-written and coherent, with real effort made to thoroughly apply Ninja tenets to digital problems. Unusual for a book of this sort, Ninja Hacking is well-sourced (using endnotes) and surprisingly well integrated into other Syngress titles. Rather than rehash or summarize material published elsewhere, the Ninja Hacking authors are comfortable directing readers to previous works for more information on topics like managing a penetration test. This approach kept Ninja Hacking focused and relevant.
My primary critique of the book is that some of the comparison between Ninja and modern digital intruders seems forced. For example, p 20 says "black hats simply do not have the financial backing that white hats have." The authors state this to maintain their perceived similarity between Ninjas and black hats. However, that financial outlook is not true for many black hats. Multiple teams of black hats are exceptionally well-funded compared to the 1-person or no-person security operations at the hundreds of thousands of small-to-medium businesses exploited each year. Some well-resourced black hats work for organized crime groups, while others are state-sponsored. Thankfully, this one aspect of the authors' philosophy doesn't really impact the book's core message.Read more ›
Most Recent Customer Reviews
The book provides a very different yet clear approach to penetration testing techniques. Looking at today's information security landscape ad issues from the point of view of... Read morePublished 17 months ago by Alper Basaran
If you're trying to drag your way through the OSSTMM, trying to memorise the never ending topics in CEH or CISSP exams, or spending your days hoping to find just one open port and... Read morePublished on May 21, 2013 by ITPro
Boy, the titles get sexier, and the anecdotes sometimes get more interesting, but the search for a decent book on the internals of "cyber warfare" as the term is employed by the... Read morePublished on August 13, 2012 by Bruce D. Wilner
When one of my colleagues dumped this book on my desk with a smirk, I already guessed what was coming. Read morePublished on March 19, 2012 by Tweetie
Ninja Hacking claims to be a book about "unconventional penetration testing tactics and techniques" but in reality it is all too often about conventional tactics, with references... Read morePublished on September 1, 2011 by Jason
Security 101 repackaged with a Zen flavor. If you are looking for a somewhat entertaining philosophical read that covers basic security principles and tries to dress them up in an... Read morePublished on February 27, 2011 by Amazon Customer