Learning Security+ Issue 4

2 min readMay 10, 2022


Key Takeaways

  • White Hat means hired, non-malicious, ethical and has consent.
  • Black Hat means malicious, unethical, and doesn’t have consent.
  • Gray Hat means neutral, but doesn’t have consent.
  • Blue Hat means non-malicious, bounty participant, and has consent.
  • Elite means best, 1 in 10k, creates tools, and finds exploits first.

The Five Hacker Types

Hackers aren’t all the same. Some are malicious, some are non-malicous, and others are neither. Below are the types of hackers every security professional needs to know.

White Hat

Non-malicious hackers–also known as ethical hackers or penetration testers–who are hired by companies and given permission to legally hack their systems. Security pros fall under this category.

Black Hat

Malicious hackers–also known as unethical hackers or security crackers–who illegally infiltrate systems without consent in order to benefit themselves or cause damage. Criminal hackers fall under this category.

Gray Hat

These hackers can can be malicious or non-malicous, ethical or unethical. They illegally hack systems without consent, but typically don’t steal, modify, or damage them.

The hackers listed above represent the most commonly used classifications, but there are a couple others some folks have differentiated.

Blue Hat

Like white hat hackers, these hackers attempt to penetrate systems at the request of companies. The difference is they aren’t hired by the companies. Instead, they typically take part in “bounty” programs the companies offer.


This is very best group of hackers. They create their own hacking tools and are able to find and exploit vulnerabilities before anyone else. It is theorized that 1 in 10,000 hackers are elite. I like to imagine myself among those ranks one day. 😁


Hackers are like an allegory of good vs evil. Security pros act on the side of good and have to be able to quickly identify and defeat the forces of evil in the cyber world. This brings us to the next topic of discussion: Security Threats. Catch you in the next article.