Description

Ninja Hacking offers insight on how to conduct unorthodox attacks on computing networks, using disguise, espionage, stealth, and concealment. This book blends the ancient practices of Japanese ninjas, the historical Ninjutsu techniques in particular, with the present hacking methodologies. The first two chapters incorporate the historical ninja into the modern hackers. The white-hat hackers are differentiated from the black-hat hackers. The function gaps between them are identified. The next chapters explore strategies and tactics using knowledge acquired from Sun Tzus The Art of War applied to a ninja hacking project. The use of disguise, impersonation, and infiltration in hacking is then discussed. Other chapters cover stealth, entering methods, espionage using concealment devices, covert listening devices, intelligence gathering and interrogation, surveillance, and sabotage. The book concludes by presenting ways to hide the attack locations and activities. This book will be of great value not only to penetration testers and security professionals, but also to network and system administrators.

Key Features

  • Discusses techniques used by malicious attackers in real-world situations
  • Details unorthodox penetration testing techniques by getting inside the mind of a ninja
  • Expands upon current penetration testing methodologies including new tactics for hardware and physical attacks

Readership

Penetration testers; Security consultants; IT security professionals including system / network administrators; hackers

Table of Contents

About the Authors About the Ninjutsu Consultant About the Technical Editor Introduction Chapter 1 The Historical Ninja     The Historical Samurai          Bushido          Samurai Weapons     The Historical Ninja          Origins of the Ninja          Stories of Ninja          Ninja Code of Ethics          Ninja Weapons     Samurai Versus Ninja          Ethical Differences          Battlefield Use          Weapons     Summary     Endnotes Chapter 2 The Modern Ninja     Modern-Day Ninjutsu     White Hats versus Black Hats          Black Hat Hackers          White Hat Hackers          Ninja Hackers – or Zukin     Ethics of a Modern-Day Ninja          Modern Ninja Ethics – Family          Modern Ninja Ethics – Community          Modern Ninja Ethics – Homeland          Modern Ninja Ethics – Appropriateness     Summary     Endnotes Chapter 3 Strategies and Tactics     The Art of War – Breaking the Rules     Laying Plans          Five Constant Factors          Warfare Is Based on Deception     Waging War          No Cleverness in Long Delays          Rousing Anger          Victory – Not Lengthy Campaigns     Maneuvering          Practice Dissimulation          Strike Fast – Strike Wisely          Studying Moods     The Use of Spies          Five Classes of Spies          Rewards for Spying     Preconceived Notions          Psychological Warfare          Manipulating the Enemy’s Perception     Summary     Endnotes     Acknowledgment Chapter 4 Exploitation of Current Events     Playing on People’s Fears and Curiosity          E-mail Attacks          Search Engines     Exploiting Patch Windows and Processes          Patch Windows          Patch Processes     Summary     Endnotes Chapter 5 Disguise     Hensōjutsu (Disguise)          Impersonating People     The Modern “Seven Ways of Going”           mployees          Badges and Uniforms          Vendors     Virtual Disguises          Anonymous Relays     

Details

No. of pages:
336
Language:
English
Copyright:
© 2010
Published:
Imprint:
Syngress
eBook ISBN:
9781597495899
Print ISBN:
9781597495882

About the authors

Thomas Wilhelm

Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst / Russian Linguist / Cryptanalyst. A speaker at security conferences across the United States, including DefCon, HOPE, and CSI, he has been employed by Fortune 100 companies to conduct risk assessments, participate and lead in external and internal penetration testing efforts, and manage Information Systems Security projects.Thomas is also an Information Technology Doctoral student who holds Masters degrees in both Computer Science and Management. Additionally, he dedicates some of his time as an Associate Professor at Colorado Technical University and has contributed to multiple publications, including both magazines and books. Thomas currently performs security training courses for both civilian and government personnel through Heorot.net, and maintains the following security certifications: ISSMP, CISSP, SCSECA, and SCNA.

Affiliations and Expertise

ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University

Jason Andress

Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.

Affiliations and Expertise

CISSP, ISSAP, CISM, GPEN

Reviews

"The hacking community is fraught with Eastern military comparisons. Like the ninja, we are continuing to come out of the shadows of our communal origins and grow into respected members of a larger society. As our industry matures, it demands more formal education, strict regulations and an adherence to a code of ethics. Therefore it becomes increasingly difficult to incorporate the culture of the unconventional warrior into our new world. Enter Wilhelm and Andress, who make it safe to show off your fu again. By the end of this book, the security professional is given the philosophical foundation along with a practical framework from which to leverage the way of the ninja. What could be cooler?"--Overall, Ninja Hacking has excellent relevant material and a significant amount of Ninja lore and history. While this book is not a technical reference, it is an excellent choice for someone who has an interest in Ninjas or someone who is looking for inspiration to think differently about penetration testing and security concepts. The mappings for traditional Ninja skills to the skills of today are mostly well-coupled and are always relevant to how the leaders in the field are addressing security today."----Donald C. Donzal, Editor-in-Chief, The Ethical Hacker Network

"When they put "unconventional" in the title, the authors weren't exaggerating. Perhaps the most unusual book written on computer security, this volume centers around detailed descriptions of the ethics, mindset, and tactics used in the Japanese martial arts commonly called ninja. The history of ninja fighting arts and the samurai warriors who practiced them are described in the first chapter. Each subsequent chapter presents specific ninja tactics, including intelligence, use of weapons, surveillance, and sabotage, then applies them to effective computer security management. Both authors are computer security specialists. The book also benefits from a Ninjutsu consultant, Bryan R. Garner, and a tec