Ninja Hacking
eBook - ePub

Ninja Hacking

Unconventional Penetration Testing Tactics and Techniques

  1. 336 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Ninja Hacking

Unconventional Penetration Testing Tactics and Techniques

About this book

Ninja Hacking offers insight on how to conduct unorthodox attacks on computing networks, using disguise, espionage, stealth, and concealment. This book blends the ancient practices of Japanese ninjas, in particular the historical Ninjutsu techniques, with the present hacking methodologies. It looks at the methods used by malicious attackers in real-world situations and details unorthodox penetration testing techniques by getting inside the mind of a ninja. It also expands upon current penetration testing methodologies including new tactics for hardware and physical attacks.This book is organized into 17 chapters. The first two chapters incorporate the historical ninja into the modern hackers. The white-hat hackers are differentiated from the black-hat hackers. The function gaps between them are identified. The next chapters explore strategies and tactics using knowledge acquired from Sun Tzu's The Art of War applied to a ninja hacking project. The use of disguise, impersonation, and infiltration in hacking is then discussed. Other chapters cover stealth, entering methods, espionage using concealment devices, covert listening devices, intelligence gathering and interrogation, surveillance, and sabotage. The book concludes by presenting ways to hide the attack locations and activities.This book will be of great value not only to penetration testers and security professionals, but also to network and system administrators as well as hackers.- Discusses techniques used by malicious attackers in real-world situations- Details unorthodox penetration testing techniques by getting inside the mind of a ninja- Expands upon current penetration testing methodologies including new tactics for hardware and physical attacks

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Ninja Hacking by Thomas Wilhelm,Jason Andress in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.

Chapter 1 The Historical Ninja

In the news, we are constantly hearing about malicious hackers who were able to achieve incredible success against large corporations, stealing millions of dollars worth of data. Yet, we wonder why these large corporations succumb to the malicious attacks in the first place, considering the resources available. Government systems, with threats coming from across the globe, are successfully compromised; yet, the governments cannot put together an effective shield to prevent the attacks in the first place. These events should make us wonder how the extremely proficient malicious hackers could ever succeed – the answer is twofold:
  1. They do not have to play by anyone's rules.
  2. They think differently.
By not having to play by anyone's rules, they can try different types of attack vectors, without having to worry about scope statements and get-out-of-jail-free letters – they are free to try anything they want. The advantages of thinking differently mean that they can try unconventional attacks against targets; there are no limitations to their creativity and freedom to try new things, even if the attacks result in shutting down systems or destroying data. The truly talented malicious hackers are unique and quite a challenge to stop.
Because malicious hackers are real, it is critical for security engineers tasked with defending systems to understand how the “enemy” thinks … and that is part of what this book is about. We will be taking a look at how to think unconventionally, learn how to conduct attacks against our own systems, and understand what can be done by malicious hackers against both corporate and government systems.
SHINOBI-IRI (Stealth and Entering Methods)
Many of the techniques discussed in this book will be outside the realm of traditional penetration-testing environments; however, understand that all these techniques can and have been used in today's cyber world. To learn how to think unconventionally, we will delve back into history and examine some extraordinary hackers from ancient Japan – the ninja.
We will attempt to emulate the mind and follow the teachings of the ancient ninja, so that we can create and execute unorthodox attacks against computer networks, systems, and facilities. We will also attempt to understand how to better be prepared for such attacks, should they target our organization. While this seems like an odd task to attempt, we will find that there are numerous parallels between the philosophy of the ninja and the philosophy of some of the more successful hackers – both malicious and friendly.
To understand the ninja, we have to understand the samurai and the feudal system of ancient Japan, for the ninja were defined by their times and foes. Both the ninja and samurai stand out in history primarily because their culture was not significantly influenced by western society until the 1800s. As a result, their culture and philosophy was developed independent of foreign moralities and viewpoints (Chinese influence is the primary exception). Because of the lack of influence by western society, it is difficult for most Westerners to understand the mindset of the times when the ninja were influential in Japan. While this book is by no means meant to be an historical tome on the ninja, we will be looking at the history of both the samurai, feudal Japan, and how the ninja profession was shaped.
The samurai were the militaristic upper-class of ancient Japan and had far reaching authority to shape both history and the countryside of the nation. The samurai were considered the elite and would (theoretically) dole out justice within their community or across the countryside during their travels. Samurai could be hired on as mercenaries as needed or retained as part of a standing army by a warlord. Without a doubt, the samurai defined how war was conducted in ancient Japan and were considered a standard of chivalry. However, chivalry has its shortfalls – specifically the need to follow ethical standards. The ninja eschewed such shortcomings, which is why they became such an important force in Japanese politics and war.
Born out of necessity because of constraints in their ethical code, called Bushido, the samurai were unable to do some of the more nefarious types of attacks or clandestine political operations. The ninja were able to fill that vacancy; however, it should be understood that the job of a ninja was not something anyone ever aspired to become – ninja existed because there was no other choice, either because of the pressures of war, the Japanese culture, or their inability to compete with samurai directly. The life of the ninja was not considered glorious or honorable – in fact, the ninja were often despised by Japanese culture; yet, they were sometimes tolerated because of their usefulness by the ruling class. This tolerance was sometimes cast aside – there were more than one occasion when ninja strongholds were attacked solely on the desire to eradicate the threat the ninja posed to those in power.
The line between samurai and ninja weren't always well-defined, either. In some cases, samurai would also perform the duties of a ninja, as dictated by the needs of the ruling warlord. Because of the disgraceful nature of the ninja, all ninja would disguise their true nature with that of a different profession, whether it was as a farmer, an entertainer, a priest, a fisherman, a merchant – or even a samurai. There have been many famous samurai who were thought to have also performed duties as a ninja; the need for clandestine operations in times of conflict was simply unavoidable. Because of the militaristic training, the samurai were quite capable of performing this dual role.
In this chapter, we will look at the history of the ninja. But because of the interrelationships between the samurai and the ninja, we must also understand the samurai as well. Once we understand the histories of both cultures, we can then begin to understand how we might integrate the philosophy of the ninja into the modern world of information security.
The Historical Samurai
Hollywood has portrayed the samurai in various lights – sometimes good and sometimes evil. As with everything in history, the samurai cannot be easily defined in such simplistic descriptions. There were certainly samurai who abused their power, just as there were samurai who upheld the “greater good.” To understand the historical influence of the samurai, we have to examine the philosophy and writings of the time.
The dominant philosophy of the samurai was that of Bushido (Bu-shi-do), which literally translated means Military-Knight-Ways.1 In general, the samurai attempted to uphold the traditions of Bushido, even though there was no written version of this code of honor. However, there were some writings over the centuries that did have some influence on the samurai – both in terms of military conduct and philosophy.
Bushido
The samurai, and Bushido, were discussed in detail by Dr. Inazo Nitobé in his work titled Bushido, the Soul of Japan, originally written in 1900, intended for western audiences. Dr. Nitobé described Bushido as an ethical system that influenced all of Japan.1 For the samurai, Bushido was the “noblesse oblige of the warrior class”1 and provided the samurai with a moral compass in which to conduct their affairs.
Warning
Bushido should not be confused with the western philosophy of chivalry, however. Because Japanese cultures developed in such a significantly different manner than western cultures, there are very distinct differences between the two; the use of seppuku, or the act of intentionally disemboweling oneself, is not seen in the histories and stories of knights from Europe. These differences between cultures must be understood so that parallels are not unintentionally drawn between these two militaristic classes.
Although Bushido was never formalized in written form, there were many scholars and warriors from Japan who wrote about their opinion and insight as to what it meant to be samurai. These writings, along with oral traditions, were used to teach newer generations of samurai what was required of them in service of their warlord. These teachings were restricted only to those things considered critical for a warrior, however. According to Nitobé, there were three areas that the samurai focused all their effort on: wisdom, benevolence, and courage.1 The samurai were “essentially a man of action. Science was without the pale of his activity. He took advantage of it in so far as it concerned his profession of arms. Religion and theology were relegated to the priests; he concerned himself with them in so far as they helped to nourish courage […] literature was pursued mainly as a pastime, and philosophy as a practical aid in the formation of character, if not for the exposition of some military or political problem.”1
The Book of Five Rings
Similar to Sun Tzu's The Art of War, the Book of Five Rings is a treatise on military strategy. The Book of Five Rings, written by Miyamoto in the 1600s, broke the samurai strategy down into five elements or rings: Ground (strategy), Water (the warrior's spirit), Fire (fighting), see Figure 1.1, Wind (military traditions), and Void (balance of all things).2 As a way of thinking in order to properly follow “the Way” of Bushido, Musashi outlined the following nine tenets2:
  1. Do not think dishonestly.
  2. The Way is in training.
  3. Become acquainted with every art.
  4. Know the Ways of all professions.
  5. Distinguish between gain and loss in worldly matters.
  6. Develop intuitive judgment [sic] and understanding for everything.
  7. Perceive those things which cannot be seen.
  8. Pay attention even to trifles.
  9. Do nothing which is of no use.
Image
Figure 1.1 Illustration of Samurai Blocking an Arrow Attack.3
Miscellaneous Items in High Demand, Prints & Photographs Division, Library of Congress, LC-USZC4-8655 (color film copy transparency)
These t...

Table of contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Table of Contents
  5. About the Authors
  6. About the Ninjutsu Consultant
  7. About the Technical Editor
  8. Introduction
  9. Chapter 1: The Historical Ninja
  10. Chapter 2: The Modern Ninja
  11. Chapter 3: Strategies and Tactics
  12. Chapter 4: Exploitation of Current Events
  13. Chapter 5: Disguise
  14. Chapter 6: Impersonation
  15. Chapter 7: Infiltration
  16. Chapter 8: Use of Timing to Enter an Area
  17. Chapter 9: Discovering Weak Points in Area Defenses
  18. Chapter 10: Psychological Weaknesses
  19. Chapter 11: Distraction
  20. Chapter 12: Concealment Devices
  21. Chapter 13: Covert Listening Devices
  22. Chapter 14: Intelligence
  23. Chapter 15: Surveillance
  24. Chapter 16: Sabotage
  25. Chapter 17: Hiding and Silent Movement
  26. Index