Problem solve Get help with specific problems with your technologies, process and projects.

What is red- and white-hat hacking?

I would like to know in simple terminology, what is red-hat hacking and white-hat hackingand their difference.

I'm not sure what you mean by "red-hat" hacking, unless it refers to some kind of Linux hacking. The "hat" colors in hacking have evolved as hackers try to differentiate themselves and separate the good hacker from the bad.

"White Hat" usually refers to hackers who don't break the law, commit any offense or engage in any malicious activity as part of their hacking. The term is now commonly used by security consultants who offer hacking/penetration testing as part of their services.

"Black Hat" is the term that white-hat hackers and commentators often use to define malicious hackers who cause harm or break laws as part of their hacking exploits. The term "cracker" is also used to describe black-hat hackers. But, most black-hat hackers don't usually care what you call them, just as long as it's not "script kiddies."

"Grey Hat" is the term often given to hackers whose actions are not malicious but whose hacking methods may cross legal or ethical lines. It's also used to categorize hackers who may at one stage have broken the law in their hacking activities, but who have since come across to the more ethical white side.

As the security industry grows and new categories of hackers emerge, perhaps Red Hats will denote aggressive hackers, and Green Hats will only be worn by Irish hackers!

More on this topic

This was last published in June 2002

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Red Hat – These are the vigilantes of the hacker world. They’re like White Hats in that they halt Black Hats, but these folks are downright SCARY to those who have ever tried so much as PenTest. Instead of reporting the malicious hacker, they shut him/her down by uploading viruses, DoSing and accessing his/her computer to destroy it from the inside out. They leverage multiple aggressive methods that might force a cracker to need a new computer.