// Comparison
Cyberjutsu vs Kingpin: Which Should You Read?
Two cybersecurity books on Narrative, compared honestly: who each is for, what each does best, and which to read first.
Ben McCarty maps declassified medieval ninja scrolls onto modern adversary tradecraft. More analogy-driven than technical, useful for security-program framing.
How One Hacker Took Over the Billion-Dollar Cybercrime Underground
Kevin Poulsen
Kevin Poulsen's reconstruction of Max Butler's career — from white-hat consultant to running CardersMarket, the carding forum that consolidated the early-2000s underground — and the FBI investigation that finally took him down.
Read this if
Skip this if
Key takeaways
- The ninja-vs-modern-adversary analogies hold up surprisingly well, particularly around deception, patience, and information operations.
- The framing is most useful when explaining adversary thinking to non-technical executives; the chapters on deception and counter-intelligence are the strongest.
- Treat the book as strategy-and-vocabulary scaffolding, not as technical training; its value is in framing decisions, not making them.
- Cybercrime markets are markets — they have liquidity, reputation, dispute resolution, and trust topology, and they fail in market-like ways.
- Most underground takedowns are won by HUMINT and OSINT inside the forums, not by exploitation; Butler's downfall was social.
- The book's pacing makes the carding economy legible without flattening the moral complexity of its inhabitants.
How they compare
We rate Kingpin higher (5/5 against 3/5 for Cyberjutsu). For most readers, that means Kingpin is the primary pick and Cyberjutsu is a useful follow-up.
Both books target beginner-level readers, so the choice is about topic, not difficulty.
Cyberjutsu and Kingpin both cover Narrative, so reading them in sequence reinforces the same material from different angles.