Before starting to talk about White, Grey and Black Hat Hackers we should learn the real meaning of the
Hacker . Actually hacker is not a bad person or hacking is not a malicious action. Hacking simply means working with a specific electrical or digital device, service or system in an unusual way. Hackers are generally obsessed with what they are doing and mainly interested in computers, networks, digital systems, software, etc. Hacking is not a crime too. For example, we can call Bill Gates as hacker because of the high level of expertise for the Windows operating system with programming. But on the other side, Steve Jobs is not a hacker because he does not have any deep level of technical knowledge about the systems he works.
White Hat Hacking
We have learned what is a hacker in the previous part and now we can define the White Hat Hacker. Hackers can have some good or bad behaviors. White Hat Hackers have good behaviors like protecting the given system, software, service against the Black Hat Hackers. As white hat hackers can provide protection against black hat hackers this can be accomplished in different ways.
Pentestmade by white hat hackers in order to find vulnerabilities in a safe way and provide remediations.
System, Network, Application Hardeningdone by white hat hackers which will fortify the given system, network, application against the black hat hackers.
Consultationis another service provided by white hackers that will provide insights about the hacking methods and prevention actions.
Certificates for White Hat Hackers
White Hat Hackers possess different skills for different purposes which are explained above. White Hat Hackers generally works for companies, governments or individuals as being good hackers. While requiring the White Hat Hackers to show their talent, experience in different ways. But the most feasible, easy and practical way is certifying their talent and experience. Security-related certifications are the best certification type for White Hat Hackers. There are a ton of security certifications to be certified but some of them are more reliable and well-known around the world. CEH, CISSP, CCN Security, OSCP are some of the popular and reliable certifications.
CISSPis one of the most known and sacrificed certifications. CISSP has the broadest context for security certifications but generally do not dive into deep. But CISSP requires a lot of experience to tackle and solve the certification questions during the exam. CISSP generally required by security managers, security team leaders or security consultants.
- CEH is the entry-level security certification that will be used to newcomer White Hat Hackers. CEH is not a deep level like CISSP too and has less context and requires little or no experience to tackle with. Generally, junior, entry-level security professionals require CEH.
- CCNP Security is the security certification for the Cisco products. But as a big certification authority, CCNP Security certification gained a lot popularity.
- OSCP is one of the most technical security certification. OSCP is a completely hands-on certification where real-world examples are solved and reported as a pentest report to gain certification. Pentesters, Vulnerability Researchers generally requires OCSP certification.
Black Hat Hacker
Black Hat Hackers the opposite position of the White Hat Hackers. Black Hat Hackers mainly attack, exploit, demolish their targets for different reasons. Black Hat Hackers generally require more experience and talent than White Hat Hackers. Here we will list some common motivation for Black Hat Hackers.
Personal Financial Gainto make money from the targets or third party supporters.
Cyber Espionageis an attack-type that is sponsored by the states and governments for enemy states.
Fameis another reason a Black Hat Hacker can be famous arround the community, country or world.
Grey Hat Hacker
We have talked about the White Hat Hackers and Gray Hat Hackers but there is also an intermediate type Hacker. We call them
Gray Hat Hacker where they are not so reliable where they provide some services to fight against the Black Hat Hackers. Gray Hat Hackers generally historical Black Hat Hackers where they do not be part of the crime but do not work in a regular or enterprise job. Gray Hat Hackers generally examine different vulnerabilities without an permission about the target. They can find some vulnerabilities where they do not exploit these vulnerabilities.
5 Famous White Hat Hackers
Even Black Hat Hackers are famous in the IT world there are some White Hat Hackers which are famous with their war against the Back Hat Hackers.
Tsutomu Shimomurais one of the most popular hackers who has a very impressive academic background. Shimomura worked in National Security Agency. He is very famous with the capturing of the one of the best Black Hat Hacker Kevin Mitnick.
Charlie Milleris another well known White Hack Hacker which has a Ph.D. in Mathematics and worked for National Security Agency. Miller is mainly worked on Apple systems like Macintosh, iPhone.
Greg Hoglundis not so much well known as Shimomura and Miller. He is experienced with software security and exposed a large vulnerability in World of Warcraft.
HD Mooreis worked in classified projects for the U.S. Department of Defence. He is well known for the Metasploit Framework which is a penetration testing platform.
Dan Kaminskyis mainly worked for DNS security to prevent DNS and SSL based hacks He found critical security vulnerabilities about the DNS and SSL.