TEXT_SIZE

An Independent Plagiarism Review of How to Become the World's No. 1 Hacker

Attention: open in a new window. PDFPrintE-mail

I won't beat the drum regarding Mr. Gregory D Evans and his infamous security company, LIGATT Security. That topic has been covered thoroughly elsewhere, such as on Attrition.org. I was surprised at the issue of plagiarism that came up earlier this month and decided to evaluate the book myself.
 
Ben Rothke did an excellent job at setting up the story with his plagiarism audit on his blog. 
 
What prompted me to do this audit was one major statement. In defense of his book, Mr. Evans spoke that "I wrote 60 percent of my book". (Source video, time marker 11:50). After reviewing Rothke's assessment again, there seems to be some grey area. In Rothke's assessment there was a total number of words copied from various other sources, but they weren't placed into the context of the total amount of content per chapter. 
 
Here, I tried to provide that. I went page by page, paragraph by paragraph, to see where the material originated. The following chart is a complete page breakdown of various items that shows, in sequence, where material came from. I'm alleging that the material was copied from these sources, but chances are they he may have found an identical source with the same text. These are the sources that I came up with in my own research and for some there were multiple results.
 
For those following along at home, the page references on the left refer to the physical page in the book.  To get the actual page number, subtract 30 from the reference shown here.
 
Want to follow along from home?  The Register has a link to the full PDF of the book on their related news article
  

World’s No. 1 Hacker

Source

1-4

Standard book introduction material

5-9

Gregory Evans biography

10-24

References, screenshots, bona fides

25-30

Table of Contents

31-34

Preface (The first page and few paragraphs of the second, and the last few paragraphs are by Evans - 648 words. The "top 10 cyber crimes" was copied from UltimateCentre)

35

Toolkit (Written by Evans – 156 words)

35-36

Metasploit (copied from Wikipedia)

36

Wireshark (copied from Wikipedia)

36

Snort (copied from Wikipedia)

36

Cain & Able (sic) (copied from product page)

37

BackTrack (Copied from product tutorial)

37

VistaStumbler (Copied from Softpedia)

37

Kismet (Copied from Wikipedia)

37

Aircrack-ng (Copied from Wikipedia)

38

Airodump (Copied from product page)

38

NetStumbler (Copied from Wikipedia)

38

Nmap (Copied from Wikipedia)

38-39

2.1 “I have a client…” (Copied from Hacking for Dummies)

39-42


ETHICAL HACKING AGREEMENT (Copied from SecurityFocus mailing list)

43-46


Phase 1 – Reconnaissance (Copied with slight rewording from AthenaWebSecurity PDF) – In every few sentences is a slight rearrangement of words to fool plagiarism checks. For example, PDF reads:
“As an ethical hacker you must be aware of the tools and techniques that are deployed by attackers”
Evan’s book reads:
“As an ethnical (sic) hacker, you must be aware of the tools and techniques that attackers deploy”

46-50


“The first step…” (Copied from www.Tek-Tips.com). However, total text seems to be a copy from AuditMyPC.

50-53


Packet Sniffing (One original sentence from Evans, and rest copied from GRC.com)

53-57


2.7  (Copied from Cromwell-intl.com)

58


Blank Notes page

59-60


Account Basics (Entire chapter copied from NMRC)

61-64


Password Basics 4.1-4.9 (Copied from NMRC)

65-67


Password Basics 4.10 (Copied from Raymond.cc). Found by using Tineye on screenshots in book.

67-68


Password Basics 4.11 (Image and text copied from Raymond.cc)

68-75


“NEW SECTION PASSWORD CRACKING” (Copied from IBM.com) Some images were copied, some weren’t (defaced website, for example)

75-78


Password Basics 4.12 (Original content by Evans for intro regarding Tiger Woods and Kobe Bryant – 61 words. Rest copied from Sectools.org)

78-85


Password Basics 4.13 (Copied from GovernmentSecurity.org) Text was changed slightly to change download links to “www.ligatt.com”.

85


Password Basics 4.14 (Copied from Microsoft TechNet)

85


Original sentence by Evans at very end - 22 words.

86


Blank Notes page

87-89


Denial of Service (Entire chapter copied from NMRC)

90


Blank Notes page

91


Logging Basics (Entire chapter copied from NMRC)

92


Blank Notes page

93


Miscellaneous Basics 7.0 (First two chapters copied from NMRC, with edits made by Evans to reference his book)

93-94


Miscellaneous Basics 7.1 (Copied from TechTarget, written by Brien M. Posey) Use BugMeNot account to view article.

95-106


Miscellaneous Basics 7.2 (Copied from PacketStormSecurity.org)

106-107


Miscellaneous Basics 7.3-7.4 (Copied from NMRC)

107


Miscellaneous Basics 7.5 (Written by Evans to pitch IPSNITH program – 184 words)

107-108


Miscellaneous Basics 7.6 (Copied from Squidoo.com)

109-113


Spyware (Copied from Squidoo.com) Slight changes were made, including:
Original: To purchase Flexispy, go to www.flexispysoftware.com
New: To purchase Flexispy, go to www.SPOOFEM.COM.

113-114


“#3 Pick” – Here things change. The original article above listed “MobiStealth” here, but Evans changed it to Neo Call. This material was copied from HackYourLove.com

114-117


“The one product that I DO NOT…” Here it changes back to the original article two entries up. (Copied from Squidoo.com)

117


Spyware 8.1 (Copied from Squidoo.com) This text actually appears at the beginning of the article that Evans copied for the previous pages.

117


Spyware 8.2 (Found on various websites, but it’s a basic list so I’ll just label it as original by Evans – 17 words)

117


Spyware 8.3 (Found on various websites, one is Rafay Hacking Article). After the “Log Summary” line, and the following sentence, the plagiarism changes source, as shown in the next entry.

117-119


Spyware 8.3 (Rest of material copied from SpyPhoneGuy.com)

119


Spyware 8.4 (Copied, again, from Squidoo.com)

119-120


Spyware 8.5 (Copied from NMRC, and is in the wrong chapter J)

120-126


“Spyware overview” (Copied from Symantec.com)

127-129


Spyware 8.6 (Copied from Keyloggers2010.com)

129


“My Favorite” (One paragraph, appears to be originally written by Evans – 45 words)

129-132


SpectorSoft (Copied from Spectorsoft.com)

133-139


Web Browser As Attack Point 9.1-9.5 (Copied from NMRC)

139


Web Browser 9.6 (Errant, confusing paste from EthicalHacker.net)

139-154


Web Browser 9.7 (Copied from EthicalHacker.net, written by Chris Gates)

154-160


Web Browser 9.8 (Copied from dedoimedo.com)

161-168


Web Browser as Attack Tool (Entire chapter copied from NMRC)

169-174


The Basic Web Server 11.0 (Copied from NMRC)

174-175


“I am still confused about the Web server…” (Found on various sources, including SecurityBasic.blogspot.com)

175-176


“Apache Risks” (Copied from SecurityBasic.blogspot.com)

176-177


“IIS Risks” (Copied from SecurityBasic.blogspot.com)

177-178


“Exploiting IIS” (Copied from SecurityBasic.blogspot.com)

178-180


“About Unicode” (Copied from SecurityBasic.blogspot.com)

Amusingly, on 180, the section ends with “, (…?)”, though the article has more material on another site (FreeHacking.net). Evans should have been more selective in his plagiarism.

181-195


Port Scanning 12.0 (Sections came from Hacking Exposed Sixth Edition, but were re-written to appear original). At least that’s what I found at first, and then I realized that someone else rewrote it and Evans just copied from him. Copied from SQLInjections.blogspot.com)
And, to add salt to a wound, he misspelled http://johnny.ihackstuff.co when copying the material.

196


Port Scanning 12.1 (Copied from NMRC)

196


Port Scanning 12.2 – I know what you’re thinking. It’s just an ad for LIGATT.com so it’s original. Nope. (Copied from NMRC)

197-199


Unix Accounts (Copied from NMRC)

200


Blank Notes page

201-206


Unix Passwords (Copied from NMRC)

207-209


Unix Local Attacks (Copied from NMRC)

210


Blank Notes page

211

Unix Remote Attacks (Copied from NMRC)

212

Blank Notes page

213

Unix Logging (Copied from NMRC)

214

Blank Notes page

215-223

SQL Injection (Copied from Hackers Center)

Amusingly, the last paragraph reads:

“Thank you all for reading and continue to show your support to Hackers Centre”

224

Blank Notes page

225-229

Packet Sniffing 19.0 (First paragraph seemingly copied from CovertSurfer.com, rest copied from Certified Ethical Hacker Exam Prep, as shown here) Updates were made to change “Ethereal” to “Wireshark”. Any web URLs were removed.

UPDATE:21July10 - Noticed on 227 (197) "You might know that my name is Michael Gregg and because I'm the author of this book..." 

230

Blank Notes page

231-239

Spoofing and Hijacking (Copied likely from here, but some ultimately came from the C|EH Official Course Material). Small changes are made, such as adding “As we discussed earlier” to the beginning of 20.1, but it’s all the same copied content.

240

Blank Notes page

241

Social Engineering 21.0 (Copied from TechTarget.com)

242-251

Social Engineering 21.1 (Copied from Certified Ethical Hacker Exam Prep, as shown here. Ultimately I believe Evans copied it from here)

252

Blank Notes page

253-285

Metasploit (I've been unable to find a public site for this material. It is very professional developed and unlike anything else in this book. I believe it’s fair to call it copied from somewhere. Unless Evans would like to come out and show he wrote it.)

286

Blank Notes page

287-303

Cracking a Wireless (sic) (The material here seems identical in structure and nature to the Metasploit material above. A public site can’t be found, but we’re calling it copied for now).

304-309

Eavesdropping on VoIP (Written by Marc-Andre Meloche, and copied from Hakin9).

310

Blank Notes page

311-312

Hacking Cell Phone Voicemails (Originally written by Evans – 634 words) Somewhat evidenced by horrendous grammar and spelling, and a sense of prose that does not flow.

313-321

How to Become a Hacker… (Originally written is hard to say here. Much was copied from LIGATT’s own website, and most is from a usage manual that is included with IPSNITCH and PORTSNITCH. However, for Evans’ sake, we’ll say it is original – 1,489 words).

322

Blank Notes page

323

Making Money as Hacker (sic) (Originally written, as evidenced by Mr. Evans’ insistent loathing of IT Managers – 382 words).

324-325

“Intelligently manage vulnerabilities” (Copied from Core-SDI.com)

326

Blank Notes page

327-333

Glossary (All terms copied from Webopedia and other online dictionary sources. 1, 2, 3, 4, 5, 6, 7, 8, 9, etc…)

334

LIGATT Graphical images

335-341

Blank Notes page

342

Back cover

 
You will find that many of the references are from NMRC.org, a site run by Simple Nomad. Simple Nomad developed the basic structure that Evans used to plan his table of contents, as well as originally developed the material used by Evans in his book. This was excellently written material, but is dated originally from 2000.

When all was said and done, I counted a total of 3,638 words that Evans had wrote in his own sections. This does not include rewriting of copied material.  This adds up to a total of about 15 pages, once you include the numerous images and screenshots. The book has a content-page count of 303 pages. That means that Evans wrote a total of 5% of his book, and that's being generous, with the 22 images in chapter 25 alone . And the vast majority of his content was how to use products that his company sells, which could've been written by anyone on his staff.
The grey areas left are pages 253-285 and 287-303, from which a source has not been identified, but seems out of place with the rest of Evans' work. If Evans announces that he wrote this material, it would take his content up to 21%. But, until he does so, it just does not fall in line with the work he's produced in the past.
 
UPDATE: 29 June 2010 1927 - I had a thought last night. Going by page count alone, Evans "wrote" about 15 pages of content. However, what if we judged him based on words themselves? Original thought and not graphical imagery. I grabbed a sample page that was all text to see how much content is in a single page in his publishing style. Page 36 (6) came up to 425 words. If we work off words alone, then Evans would have written approximately it comes up to approximately 8.5 pages of content. So, almost half of what I claimed above. But, again, we need to look at things in context. The entire book was 95,547 words. That means that Evans' 3,638 words is 3.8% of the book's content.
 
And I may even throw Mr. Evans a very small bone here. Although he said that he wrote 60% of the book and outsourced the last 40% (which we can now see that he outsourced 95%), he may have been under the assumption that the material given to him was unique and not copied. However, if you are going to hit up Craigslist to find hackers to give you original hacking material (Source video, time marker 11:58). Find a person desperate for money and tell them to give you content on XYZ, and they'll copy it from Wikipedia. A TRUE publishing company would know better. By having ghost writers you are willingly taking credit for other people's work, and they give up their rights for a small profit. However, that also means that you take the hit if you did not properly vet and verify the material given to you. You put your name on that content; you cannot pass the buck to a ghost writer.
 
UPDATE: 21 July 2010 1530 - Gregory Evans recently gave a phone interview with Stock Talk 101 Radio. In this interview (time marker 6:45) he stated "I wrote the book - I did not - I put the book together, but yet, all the people who are actually saying that I plagiarized the book never read the book. They don't have copies of the book. The only thing they have is what was said by one person where this whole thing actually started and even in the book we um, we did not even discuss that this book was written by Greg or authored by Greg or any of that. I think it comes that is um a publication of Gregory Evans. It's like you know a movie and you say you have an executive producer who pays for everything. It's more like that. Because everything I paid for, all the stories and chapters except for the stuff that I actually wrote, all is in the book. And it's in there legitimately. And, again, to this day I still have yet anyone to come back and say "Greg, you stole my stuff" and contacted their attorneys and try to file a new claim. "
 
I'll make no response to that. You can read this article, and read his statement above, and make your own determinations. 
 

Comments  

 
#1 Ed Williams 2011-02-05 03:40
Excellent work Brian! I'm glad to say that I have met you.
Quote
 

Add comment


Security code
Refresh

Book Projects