The challenge for Day Thirty is – Discover the difference between White, Grey, and Black Hat Hacking.
The names White Hat and Black Hat are derived from the old Western Movies where the “good guys” wore white hats, and the “bad guys” wore black hats
White Hat Hackers are also known as “Ethical Hackers”
These guys are typically employed within a company, or are invited by an organisation to run penetration tests or otherwise try to hack an organisation/application with the author/owner’s explicit permission.
Black Hat Hackers on the other hand are the renegade trouble-makers out to cause havoc without the permission of the application owner/organisation.
Usually out to make a quick buck or gain notoriety, could also be part of a organised cybercrime syndicate, or a hacktivist organisation fighting a cause.
Grey Hat Hackers – Kind of a weird middle of the road hacker, they don’t have the explicit permission of the owner but when they find vulnerabilities they inform the owner.
Bit of a blurry area because if they demand a reward for their effort then blackmail the owner by threatening to release the vulnerability to the wild, I’d argue that makes them Black Hat.
If they’re doing it all for the love of fixing all the internets then they’re more White leaning.
Thanks for reading my post and following my progress through the 30 Days of Security Testing.
Feel like joining in? Sign into the WeTest Slack group and get involved!