Ninja Hacking

Unconventional Penetration Testing Tactics and Techniques


  • Thomas Wilhelm, ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University
  • Jason Andress, (ISSAP, CISSP, GPEN, CEH) is a seasoned security professional with a depth of experience in both the academic and business worlds.

Ninja Hacking offers insight on how to conduct unorthodox attacks on computing networks, using disguise, espionage, stealth, and concealment. This book blends the ancient practices of Japanese ninjas, the historical Ninjutsu techniques in particular, with the present hacking methodologies. The first two chapters incorporate the historical ninja into the modern hackers. The white-hat hackers are differentiated from the black-hat hackers. The function gaps between them are identified. The next chapters explore strategies and tactics using knowledge acquired from Sun Tzus The Art of War applied to a ninja hacking project. The use of disguise, impersonation, and infiltration in hacking is then discussed. Other chapters cover stealth, entering methods, espionage using concealment devices, covert listening devices, intelligence gathering and interrogation, surveillance, and sabotage. The book concludes by presenting ways to hide the attack locations and activities. This book will be of great value not only to penetration testers and security professionals, but also to network and system administrators.
View full description


Penetration testers; Security consultants; IT security professionals including system / network administrators; hackers


Book information

  • Published: September 2010
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-588-2


"The hacking community is fraught with Eastern military comparisons. Like the ninja, we are continuing to come out of the shadows of our communal origins and grow into respected members of a larger society. As our industry matures, it demands more formal education, strict regulations and an adherence to a code of ethics. Therefore it becomes increasingly difficult to incorporate the culture of the unconventional warrior into our new world. Enter Wilhelm and Andress, who make it safe to show off your fu again. By the end of this book, the security professional is given the philosophical foundation along with a practical framework from which to leverage the way of the ninja. What could be cooler?"--Overall, Ninja Hacking has excellent relevant material and a significant amount of Ninja lore and history. While this book is not a technical reference, it is an excellent choice for someone who has an interest in Ninjas or someone who is looking for inspiration to think differently about penetration testing and security concepts. The mappings for traditional Ninja skills to the skills of today are mostly well-coupled and are always relevant to how the leaders in the field are addressing security today."----Donald C. Donzal, Editor-in-Chief, The Ethical Hacker Network

"When they put "unconventional" in the title, the authors weren't exaggerating. Perhaps the most unusual book written on computer security, this volume centers around detailed descriptions of the ethics, mindset, and tactics used in the Japanese martial arts commonly called ninja. The history of ninja fighting arts and the samurai warriors who practiced them are described in the first chapter. Each subsequent chapter presents specific ninja tactics, including intelligence, use of weapons, surveillance, and sabotage, then applies them to effective computer security management. Both authors are computer security specialists. The book also benefits from a Ninjutsu consultant, Bryan R. Garner, and a technical editor, Joshua Abraham."--SciTechBookNews

"With the good blend of historical techniques and its modern day application there is something in here for everyone."--Hakin9

"Be in no doubt, credibility is high for this book..All in all, while the writing style is light, the content is, for lack of a better term, meaty. This is definitely not recommended as an entry level book, but it is an excellent resource for penetration testers and those thinking of commissioning pen tests on their systems."--Paul Baccas,, Oct. 25, 2011,

Table of Contents

About the Authors

About the Ninjutsu Consultant

About the Technical Editor


Chapter 1 The Historical Ninja

    The Historical Samurai


         Samurai Weapons

    The Historical Ninja

         Origins of the Ninja

         Stories of Ninja

         Ninja Code of Ethics

         Ninja Weapons

    Samurai Versus Ninja

         Ethical Differences

         Battlefield Use




Chapter 2 The Modern Ninja

    Modern-Day Ninjutsu

    White Hats versus Black Hats

         Black Hat Hackers

         White Hat Hackers

         Ninja Hackers - or Zukin

    Ethics of a Modern-Day Ninja

         Modern Ninja Ethics - Family

         Modern Ninja Ethics - Community

         Modern Ninja Ethics - Homeland

         Modern Ninja Ethics - Appropriateness



Chapter 3 Strategies and Tactics

    The Art of War - Breaking the Rules

    Laying Plans

         Five Constant Factors

         Warfare Is Based on Deception

    Waging War

         No Cleverness in Long Delays

         Rousing Anger

         Victory - Not Lengthy Campaigns


         Practice Dissimulation

         Strike Fast - Strike Wisely

         Studying Moods

    The Use of Spies

         Five Classes of Spies

         Rewards for Spying

    Preconceived Notions

         Psychological Warfare

         Manipulating the Enemy’s Perception




Chapter 4 Exploitation of Current Events

    Playing on People’s Fears and Curiosity

         E-mail Attacks

         Search Engines

    Exploiting Patch Windows and Processes

         Patch Windows

         Patch Processes



Chapter 5 Disguise

¬†¬†¬†¬†HensŇćjutsu (Disguise)

         Impersonating People

¬†¬†¬†¬†The Modern ‚ÄúSeven Ways of Going‚ÄĚ


         Badges and Uniforms


    Virtual Disguises

         Anonymous Relays



Chapter 6 Impersonation






         Public Figures




         The Sender

         The E-mail

         The Web Site

         Fraudulent Certificates



Chapter 7 Infiltration

    Lock Picking and Safe Cracking

         Avoiding the Lock

         Subverting Locks without Leaving Evidence

         Opening Safes

         Compromising Proximity Card Systems

         Defeating Biometric Systems

    Alarm System Evasion

         Creating False Positives

         Alarm Sensors

    Trusted Networks

         Employee or Contractor Home Networks

         Vendor or Partner Networks

         Nonstandard Internal Networks

         Legacy Networks



Chapter 8 Use of Timing to Enter an Area


         Physical Tailgating

         Network and System Tailgating

    Intrusion Detection System Avoidance

         Physical Intrusion Detection Systems

         Logical Intrusion Detection Systems

         Administrative IDS

         Out-of-Band Attacks




Chapter 9 Discovering Weak Points in Area Defenses

    Traffic Patterns

         Physical Traffic

         Logical Traffic

    Gates, Guns, and Guards




    Information Diving

         Physical Information Diving

         Logical Information Diving



Chapter 10 Psychological Weaknesses


         The Modern Trojan Horse

         The Con

    Social Engineering

         The Five Elements

         The Five Weaknesses

         The Five Needs

         Social Engineering and the Kunoichi



Chapter 11 Distraction

    Use of Big Events


         Sporting Events

         Company Events

         Environmental Events

    Shill Web Sites

         Spurious Company Data

         Social Networking

         False Search Engine Results

    Multipronged Attacks


         Attacking on Multiple Fronts

         Attack Timing



Chapter 12 Concealment Devices

    Mobile Devices

         Detection Methods

         Mobile Device Trends

    Data Smuggling





Chapter 13 Covert Listening Devices

    Radio Frequency Scanners



    Key Logging

         Software Key Loggers

         Hardware Key Loggers

         Placing Key Loggers

         Retrieving the Data

         Not Getting Caught


         Stealing Personal Information

         Stealing Credentials

         Modifying Configurations

         Installing Spyware

         Using Spyware Quietly

    Clandestinely Placed Sensors



         Other Electromagnetic Radiation



Chapter 14 Intelligence

    Human Intelligence

         Sources of Human Intelligence

         Relationship Analysis

         Debriefing and Interrogation

    Interrogation Techniques


         Good Cop/Bad Cop




    Clandestine Human Intelligence

         Penetrating Organizations

         Clandestine Reporting




Chapter 15 Surveillance

    Gathering Intelligence

         Resumes and Job Postings

         Blogs and Social Networks

         Credit Reports

         Public Records

    Location Tracking

         GPS Tracking Devices

         Other Devices that Provide Location Information

    Detecting Surveillance

         Technical Surveillance Countermeasures

         RF Devices and Wiretapping

         Detecting Laser-Listening Devices

         Detecting Hidden Cameras

         Physical Surveillance

    Antisurveillance Devices

         RF Jammers

         Defeating Laser-Listening Devices

         Blinding Cameras




Chapter 16 Sabotage

    Logical Sabotage


         Data Manipulation

    Physical Sabotage

         Network and Communications Infrastructure

         Counterfeit Hardware

         Access Controls

    Sources of Sabotage





Chapter 17 Hiding and Silent Movement

    Attack Location Obfuscation

         Protocol-Specific Anonymizers

         Filtered Protocol Tunneling

    Compromised Hardware

         Memory Sticks

         Hard Drives

         Cell Phones

         Network Devices

    Log Manipulation

         User Log Files

         Application Log Files