Book review: Ninja Hacking - unconventional penetration testing tactics and techniques

Filed Under: SophosLabs, Vulnerability

Ninja Hacking - book coverBe in no doubt, credibility is high for this book.

Authors of "Ninja Hacking", Thomas Wilhelm and Jason Andress, certainly have expertise in the field of computer security, with particular focus on penetration testing. They also have experience in both the academic and corporate environments.

The subtitle "Unconventional penetration testing tactics and techniques" is however a little misleading. Do not expect a standard 'tool box' for penetration testers.

Rather than being a show-and-tell collection, Ninja Hacking is best explained as an expansion of Schneiers' "The Security Mindset."

The book attempts to tie the skills of the Ninja to that of a penetration tester. This kind of comparison is indeed a popular theme in computer security publications, with many loosely referencing Eastern cultures: 'Ninja this' or 'Tao of that'.

Ninja Hacking however does indeed provide a rich vein of Japanese (and Chinese) history and culture, which is weaved through the book successfully.

The authors also manage to avoid romanticising the unequal societies that allowed for the formation of Ninja and Samurai cultures. These inequalities seem to me at least to be referenced appropriately.

The authors divide the book (of 17 chapters) in to six sections:

  • Ninjas and hacking
    Why the ninja paradigm works for penetration testers, and shows how these testers sit in the grey area between the white and black hat hackers
  • Tactics
    How the strategies espoused by Sun Tzu and ninja writing can be made relevant when designing a project to pen test a system.
  • Disguise and impersonation
    How to elicit trust from the ´victim´ of a pen test (research and preparation are emphasised here).
  • Stealth and entering methods
    The areas covered here are numerous: bypassing physical and logical gateways; choosing the right time of day to perform a pen test; looking for weak points in the infrastructure; and using physical distractions to bypass detection. Some of the distraction mentioned are more likely to be used at government or military levels, e.g. torching the CSO's car to distract them prior to launching a penetration hack.
  • Espionage
    How to get into devices and extract data without being detected; eavesdropping tools; intelligence gathering; surveillance; and sabotage (queue Beastie Boys' track, 1994)
  • Escape and concealment
    Shows the similarities between Ninjas, who pride themselves on not getting caught, and commercial pen testers who only want to reveal their findings after they complete the test. Knowing how people hide is often a way to catch them.

All in all, while the writing style is light, the content is, for lack of a better term, meaty. This is definitely not recommended as an entry level book, but it is an excellent resource for penetration testers and those thinking of commissioning pen tests on their systems.

signed copy of Ninja Hacking
Review: 4/5 stars
Buy or Expense: Expense :)

Disclaimer: When this book was released in October 2010, there was a hacking competition (involving deciphering some puzzles). The prize was a copy of the book.

I was one of the 6 successful competitors and was awarded this prize.

NOTE: If you would like your book to be considered for review by the Naked Security team, email us at

, ,

You might like

2 Responses to Book review: Ninja Hacking - unconventional penetration testing tactics and techniques

  1. You state that this is not an entry level book, so what would you recommend as pre-requisites?

    • Schneiers' "The Security Mindset.", most likely :)

      I think he also means that the book is meant for people already in the IT security field, and not as a training or recipe book for those who want to learn how to become/defeat professional pen testers.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul O Baccas (aka pob) joined Sophos in 1997 after studying Engineering Science at Oxford University. After nearly 16 years, he has left Sophos to pastures new and will be writing as an independent malware researcher. Paul has: published several papers, presented at several Virus Bulletins and was a technical editor for "AVIEN Malware Defense Guide". He has contributed to Virus Bulletin and is a frequent contributor to the NakedSecurity blog.