Ask the Expert

What is red- and white-hat hacking?

I would like to know in simple terminology, what is red-hat hacking and white-hat hacking and their difference.

    Requires Free Membership to View

I'm not sure what you mean by "red-hat" hacking, unless it refers to some kind of Linux hacking. The "hat" colors in hacking have evolved as hackers try to differentiate themselves and separate the good hacker from the bad.

"White Hat" usually refers to hackers who don't break the law, commit any offense or engage in any malicious activity as part of their hacking. The term is now commonly used by security consultants who offer hacking/penetration testing as part of their services.

"Black Hat" is the term that white-hat hackers and commentators often use to define malicious hackers who cause harm or break laws as part of their hacking exploits. The term "cracker" is also used to describe black-hat hackers. But, most black-hat hackers don't usually care what you call them, just as long as it's not "script kiddies."

"Grey Hat" is the term often given to hackers whose actions are not malicious but whose hacking methods may cross legal or ethical lines. It's also used to categorize hackers who may at one stage have broken the law in their hacking activities, but who have since come across to the more ethical white side.

As the security industry grows and new categories of hackers emerge, perhaps Red Hats will denote aggressive hackers, and Green Hats will only be worn by Irish hackers!

For more information on this topic, visit these other resources:
Best Web Links: Common vulnerabilities, hacking
Best Web Links: Glossaries and definitions
Quiz: Security basics


This was first published in June 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: