Ninja Hacking Unconventional Penetration Testing Tactics and Techniques

A penetration tester or security consultant perform security tests both externally and internally for clients that include both physical and technical tests. See how Thomas Wilhelm throws traditional pen testing methods out the window for now and how thinking and acting like a ninja can actually grant quicker and more complete access to a company?s assets. Get in before the hacker does by thinking outside of the box with these unorthodox techniques. Use all of the tools that the ninja has at his side such as disguise, espionage, stealth, and concealment. Learn how to benefit from these by laying plans, impersonating employees, infiltrating via alarm system evasion, discovering weak points and timing, spyware and keylogging software, and log manipulation and logic bombs.

Ever thought of using the time-tested tactics and techniques of the ancient ninja to understand the mind of today's ninja, the hacker? As a penetration tester or security consultant you no doubt perform tests both externally and internally for your clients that include both physical and technical tests. Throw traditional pen testing methods out the window for now and see how thinking and acting like a ninja can actually grant you quicker and more complete access to a company's assets. Get in before the hacker does with these unorthodox techniques. Use all of the tools that the ninja has: disguise, espionage, stealth, and concealment. Learn how to benefit from these tools by laying your plans, impersonating employees, infiltrating via alarm system evasion, discovering weak points and timing, spyware and keylogging software, and log manipulation and logic bombs. And, really, don't you want to be a ninja for a day just because they're cool? Let this book be your excuse!

• Discusses techniques used by malicious attackers in real-world situations
• Details unorthodox penetration testing techniques by getting inside the mind of a ninja
• Expands upon current penetration testing methodologies including new tactics for hardware and physical attacks

Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst, Russian Linguist, and a Cryptanalyst. His expertise in the field of Information Security has led him to speak at prominent security conferences across the United States, including DefCon, HOPE, and CSI.

Thomas has contributed significantly to the field of professional penetration testing and information security. In his capacity as both a practice director and a managing director, he has played a pivotal role in executing offensive and defensive security initiatives for Fortune 100 companies and leading research and tool development that has influenced the security industry. Presently, he serves as a managing director at Redstone Securities and possesses master's degrees in both Computer Science and Management.

His influence also extends to education where he formerly held the position of Associate Professor at Colorado Technical University. Thomas has also written various publications, including magazines and books. Through Pentest.TV, he continues to provide advanced security training and has obtained numerous certifications over the years, including the ISSMP, CISSP, CCNP Security, AWS Cloud Solutions Architect, AWS Cloud Security Specialist, and multiple Solaris certifications as well.

Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.