"The hacking community is fraught with Eastern military comparisons. Like the ninja, we are continuing to come out of the shadows of our communal origins and grow into respected members of a larger society. As our industry matures, it demands more formal education, strict regulations and an adherence to a code of ethics. Therefore it becomes increasingly difficult to incorporate the culture of the unconventional warrior into our new world. Enter Wilhelm and Andress, who make it safe to show off your fu again. By the end of this book, the security professional is given the philosophical foundation along with a practical framework from which to leverage the way of the ninja. What could be cooler?"--Overall, Ninja Hacking has excellent relevant material and a significant amount of Ninja lore and history. While this book is not a technical reference, it is an excellent choice for someone who has an interest in Ninjas or someone who is looking for inspiration to think differently about penetration testing and security concepts. The mappings for traditional Ninja skills to the skills of today are mostly well-coupled and are always relevant to how the leaders in the field are addressing security today."----Donald C. Donzal, Editor-in-Chief, The Ethical Hacker Network "When they put "unconventional" in the title, the authors weren't exaggerating. Perhaps the most unusual book written on computer security, this volume centers around detailed descriptions of the ethics, mindset, and tactics used in the Japanese martial arts commonly called ninja. The history of ninja fighting arts and the samurai warriors who practiced them are described in the first chapter. Each subsequent chapter presents specific ninja tactics, including intelligence, use of weapons, surveillance, and sabotage, then applies them to effective computer security management. Both authors are computer security specialists. The book also benefits from a Ninjutsu consultant, Bryan R. Garner, and a technical editor, Joshua Abraham."--SciTechBookNews "With the good blend of historical techniques and its modern day application there is something in here for everyone."--Hakin9 "Be in no doubt, credibility is high for this book..All in all, while the writing style is light, the content is, for lack of a better term, meaty. This is definitely not recommended as an entry level book, but it is an excellent resource for penetration testers and those thinking of commissioning pen tests on their systems."--Paul Baccas, NakedSecurity.com, Oct. 25, 2011,
About the Author
has been in involved in Information Security since 1990, when he served in the Army for eight years as a Signals Intelligence Analyst, Russian Linguist, and Cryptanalyst. A speaker at security conferences across the U.S., he is employed by a Fortune 500 company to conduct Risk Assessments, participate and lead in external and internal Penetration Testing efforts, and manage Information Systems Security projects. Wilhelm is also a doctoral student, holding a Masters degree in both Computer Science and Management, and has obtained the following certifications: ISSMP CISSP SCSECA SCNA SCSA IAM. Wilhelm dedicates some of his time as an Adjunct Professor at Colorado Technical University and contributes to multiple publications in his spare time, including Hakin9 magazine. His latest contributions include multiple chapters in the Syngress title Netcat Power Tools, his third book contribution to Syngress.
Jason Andress( ISSAP, CISSP, GISP, GSEC, CEH, Security+) is a seasoned security professional with a depth of experience in both the academic and business worlds. He is presently employed by a major software company, providing global information security oversight, performing penetration testing, risk assessment, and compliance functions to ensure that the company's assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a Doctorate in Computer Science. His research is in the area of data protection, and he has contributed to several publications, writing on topics including data security, network security, and digital forensics.