E-Book, Englisch, 336 Seiten
Wilhelm MSc / Wilhelm / Andress Ninja Hacking
1. Auflage 2010
ISBN: 978-1-59749-589-9
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Unconventional Penetration Testing Tactics and Techniques
E-Book, Englisch, 336 Seiten
ISBN: 978-1-59749-589-9
Verlag: Elsevier Science & Techn.
Format: EPUB
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Ninja Hacking offers insight on how to conduct unorthodox attacks on computing networks, using disguise, espionage, stealth, and concealment. This book blends the ancient practices of Japanese ninjas, in particular the historical Ninjutsu techniques, with the present hacking methodologies. It looks at the methods used by malicious attackers in real-world situations and details unorthodox penetration testing techniques by getting inside the mind of a ninja. It also expands upon current penetration testing methodologies including new tactics for hardware and physical attacks. This book is organized into 17 chapters. The first two chapters incorporate the historical ninja into the modern hackers. The white-hat hackers are differentiated from the black-hat hackers. The function gaps between them are identified. The next chapters explore strategies and tactics using knowledge acquired from Sun Tzu's The Art of War applied to a ninja hacking project. The use of disguise, impersonation, and infiltration in hacking is then discussed. Other chapters cover stealth, entering methods, espionage using concealment devices, covert listening devices, intelligence gathering and interrogation, surveillance, and sabotage. The book concludes by presenting ways to hide the attack locations and activities. This book will be of great value not only to penetration testers and security professionals, but also to network and system administrators as well as hackers. - Discusses techniques used by malicious attackers in real-world situations - Details unorthodox penetration testing techniques by getting inside the mind of a ninja - Expands upon current penetration testing methodologies including new tactics for hardware and physical attacks
Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst, Russian Linguist, and a Cryptanalyst. His expertise in the field of Information Security has led him to speak at prominent security conferences across the United States, including DefCon, HOPE, and CSI. Thomas has contributed significantly to the field of professional penetration testing and information security. In his capacity as both a practice director and a managing director, he has played a pivotal role in executing offensive and defensive security initiatives for Fortune 100 companies and leading research and tool development that has influenced the security industry. Presently, he serves as a managing director at Redstone Securities and possesses master's degrees in both Computer Science and Management. His influence also extends to education where he formerly held the position of Associate Professor at Colorado Technical University. Thomas has also written various publications, including magazines and books. Through Pentest.TV, he continues to provide advanced security training and has obtained numerous certifications over the years, including the ISSMP, CISSP, CCNP Security, AWS Cloud Solutions Architect, AWS Cloud Security Specialist, and multiple Solaris certifications as well.
Autoren/Hrsg.
Weitere Infos & Material
1;Front Cover;1
2;Ninja Hacking;4
3;Copyright;5
4;Table of Contents;6
5;About the Authors;14
6;About the Ninjutsu Consultant;16
7;About the Technical Editor;16
8;Introduction;18
9;Chapter 1. The Historical Ninja;24
9.1;The Historical Samurai;26
9.2;The Historical Ninja;31
9.3;Samurai versus Ninja;41
9.4;Summary;44
9.5;Endnotes;45
10;Chapter 2. The Modern Ninja;46
10.1;Modern-Day Ninjutsu;47
10.2;White Hats versus Black Hats;49
10.3;Ethics of a Modern-Day Ninja;54
10.4;Summary;59
10.5;Endnotes;59
11;Chapter 3. Strategies and Tactics;60
11.1;The Art of War – Breaking the Rules;61
11.2;Laying Plans;63
11.3;Waging War;69
11.4;Maneuvering;71
11.5;The Use of Spies;74
11.6;Preconceived Notions;78
11.7;Summary;84
11.8;Endnotes;85
11.9;Acknowledgment;85
12;Chapter 4. Exploitation of Current Events;86
12.1;Playing on People’s Fears and Curiosity;86
12.2;Exploiting Patch Windows and Processes;92
12.3;Summary;95
12.4;Endnotes;96
13;Chapter 5. Disguise;98
13.1;Hens?jutsu (Disguise);99
13.2;The Modern “Seven Ways of Going”;102
13.3;Virtual Disguises;107
13.4;Summary;109
13.5;Endnotes;110
14;Chapter 6. Impersonation;112
14.1;Pretexting;113
14.2;Phishing;118
14.3;Summary;123
14.4;Endnotes;123
15;Chapter 7. Infiltration;126
15.1;Lock Picking and Safe Cracking;126
15.2;Alarm System Evasion;134
15.3;Trusted Networks;136
15.4;Summary;140
15.5;Endnotes;141
16;Chapter 8. Use of Timing to Enter an Area;142
16.1;Tailgating;142
16.2;Intrusion Detection System Avoidance;148
16.3;Summary;156
16.4;Endnotes;156
17;Chapter 9. Discovering Weak Points in Area Defenses;158
17.1;Traffic Patterns;158
17.2;Gates, Guns, and Guards;163
17.3;Information Diving;167
17.4;Summary;171
17.5;Endnotes;172
18;Chapter 10. Psychological Weaknesses;174
18.1;Baiting;174
18.2;Social Engineering;180
18.3;Summary;187
18.4;Endnotes;188
19;Chapter 11. Distraction;190
19.1;Use of Big Events;190
19.2;Shill Web Sites;195
19.3;Multipronged Attacks;199
19.4;Summary;203
19.5;Endnotes;204
20;Chapter 12. Concealment Devices;206
20.1;Mobile Devices;207
20.2;Data Smuggling;221
20.3;Summary;227
20.4;Endnotes;228
21;Chapter 13. Covert Listening Devices;230
21.1;Radio Frequency Scanners;230
21.2;Key Logging;233
21.3;Spyware;237
21.4;Clandestinely Placed Sensors;243
21.5;Summary;248
21.6;Endnotes;248
22;Chapter 14. Intelligence;250
22.1;Human Intelligence;250
22.2;Interrogation Techniques;254
22.3;Clandestine Human Intelligence;260
22.4;Summary;267
22.5;Endnotes;267
23;Chapter 15. Surveillance;270
23.1;Gathering Intelligence;271
23.2;Location Tracking;277
23.3;Detecting Surveillance;281
23.4;Antisurveillance Devices;283
23.5;Summary;288
23.6;Endnotes;288
24;Chapter 16. Sabotage;290
24.1;Logical Sabotage;291
24.2;Physical Sabotage;295
24.3;Sources of Sabotage;301
24.4;Summary;306
24.5;Endnotes;306
25;Chapter 17. Hiding and Silent Movement;308
25.1;Attack Location Obfuscation;309
25.2;Compromised Hardware;317
25.3;Log Manipulation;319
25.4;Summary;323
25.5;Endnotes;324
26;Index;326
