In Security Last updated:
Share on:
Cloudways offers managed cloud hosting for any size business to host a website or complex web applications.

The dawn of the 21st century saw the rapid growth of technology and the internet. With this came a new set of heroes and villains in the name of hackers.

Hackers are individuals who are exceptionally good with computers and use their skills to find and exploit vulnerabilities in software and computer systems.

Hackers can generally be classified as ethical or unethical. Ethical hackers use their skills for good such as in testing and identifying system vulnerabilities for correction before they can be exploited.

Unethical hackers, on the other hand, use their skills for malicious intent, such as taking down websites and systems, stealing sensitive information, or even conducting cyber espionage.

From ethical and unethical hackers, we get other types of hackers based on the intention and motive behind their hacking activities. These types of hacker groups are more commonly used to identify hackers in order to clearly communicate the activities they engage in.

Let us look at the nine types of hackers you need to be familiar with.

White Hat Hackers

In the hacking world, white hat hackers are the good guys. White hat hackers, also referred to as ethical hackers, use their hacking skills to identify and report vulnerabilities in systems so that they can be addressed before malicious hackers can find and exploit the vulnerabilities.

As is often said, offense is the best defense when it comes to cybersecurity. You’re better off finding vulnerabilities in your systems before malicious actors do. In this regard, white hat hackers are often employed by companies to continually test the security of their systems and rectify any discovered vulnerabilities.

Since white hats are ethical hackers, they operate within the confines of the law. Therefore, they hack with permission of the owners of the systems they are trying to hack, and in case they find any vulnerability, they report it to the system owners and don’t exploit the vulnerabilities themselves.

One of the most famous white hat hackers is the late Kevin Mitnick, who started off on the wrong side of the law and spent 5 years in prison for hacking for malicious reasons. However, after his jail time, Kevin Mitnick went on to become one of the most sought-after white hat hackers.

Kevin Mitnick helped lots of companies and government organizations improve their security posture by conducting penetration testing to test the security of their systems. Mitnick also spoke at numerous conferences and trained people on security, social engineering, and how to be safe online.

Black Hat Hackers

Black hat hackers are the complete opposite of white hackers. When a black hat hacker finds a vulnerability in your system, your goose is cooked. Black hat hackers are malicious hackers who use their skills to find and exploit vulnerabilities in systems.

Their intention for hacking can be to steal sensitive information, destroy systems, settle personal vendettas, leverage a system to hack other systems, show off their skills, or even for financial gain, among other malicious things.

One of the most famous black hat hackers is Albert Gonzalez, who, at the age of 14, was already on the FBI’s radar for hacking into NASA. Albert’s hacking skills were impeccable, and he was at one time working as a paid informant for the Secret Service to avoid jail time after he was seen withdrawing money from multiple credit cards.

As reported by Wired, Albert’s famous exploit as a black hat hacker and his greatest undoing was leading a gang of cyberthieves to hack into TJX, a department store, and steal more than 90 million credit and debit card numbers.

This was the largest credit and debit card breach that had ever been done. Albert’s hacking led companies, banks, and insurers to lose close to $200 million. Albert was later arrested in 2010 and sentenced to 20 years in prison for his crimes.

Gray Hat Hackers

The world of hacking cannot entirely be separated into good and bad guys or white hackers and black hackers. There’s a middle ground between white and black hat hackers, and it is occupied by gray hat hackers.

Remember, white hat hackers have permission and authorization to hack into a system, and they don’t do it with malicious intentions. Black hat hackers, on the other hand, have no authorization to hack and exploit vulnerabilities, and they do it with malicious intentions.

Gray hat hackers sit between the two; whereas they don’t have the authorization and permission that white hat hackers have to hack into systems, they also don’t have the criminal or malicious intentions of black hat hackers when hacking. 

Therefore, gray hat hackers hack into systems without authorization, but when they uncover vulnerabilities, they report them to the owners of the systems rather than exploit and cause damage to the system.

The actions of gray hat hackers may be legally questionable because they hack into systems without permission, and they are also not legally bound by ethical hacking principles to reveal the full extent of the vulnerability. However, they are not malicious hacker.

An example of a gray hat hacker is Khalil Shreateh. According to Reuters, Khalil discovered and reported a software security flaw that allowed members to post on the private walls of other Facebook users.

However, Khalil was dismissed by Facebook’s security experts. To prove the existence of the bug, Khalil posted directly on Facebook’s CEO Mark Zuckerberg’s private Facebook page.

Red Hat Hackers

In the cybersecurity space, red hat hackers are seen to be vigilantes of some sort. Red hat hackers are hackers who can be likened to fictional heroes such as Robinhood and Batman because of what they do.

Unlike white hat hackers who try to secure vulnerabilities in systems to avoid being exploited by black hat hackers, red hat hackers take matters into their own hands. Red hat hackers go after cybercriminals such as black hat hackers and use whatever means possible to stop them, even if it may be against the law.

Some of the methods employed by red hat hackers include hacking cyber criminals to steal, corrupt, and permanently destroy their data, computer systems, and servers in an effort to neutralize the cyber criminals.

Red hat hackers do whatever, including actions outside the law, to disarm and stop blackhats and other cyber criminals. Sometimes red hat hackers are hired by governments to counter and neutralize blackhats.

Blue Hat Hackers

Whenever a company is about to release new software or a new system, one of the important things they do is try to find out whether their system has vulnerabilities that can be exploited.

The best way to get an unbiased opinion on whether your system has security vulnerabilities is to invite external cybersecurity experts to try to identify vulnerabilities in the system. Such experts are known as blue hat hackers.

Blue hat hackers are similar to white hat hackers, with the difference being that they are external cybersecurity experts.

Blue hat hackers are hackers hired by companies and organizations to try to hack and identify vulnerabilities and loopholes in a new software, system, or network before it is released. This is done so that the vulnerabilities and loopholes identified can be addressed before launch.

For instance, Microsoft has a Blue Hat security conference where Microsoft Engineers engage with external security researchers such as Roberto Rodriquez to uncover and address vulnerabilities in the Microsoft software before it is released.

Green Hat Hackers

Green hat hackers are newbie hackers who are still new to hacking and are learning the trade. Usually, the intention of green hat hackers is to learn as much as possible to become full-fledged hackers and be accepted by communities of hackers. The motivation of green hat hackers is usually to learn as much as possible.

As much as green hat hackers don’t have the expertise of experienced and skilled hackers such as white, black, and red hat hackers, they can still cause damage to systems unintentionally.

Green hat hackers usually develop their skills to become white, black, blue, or even red hat hackers. All experienced hackers, regardless of their intention, were once green hat hackers.

Script Kiddies

Script Kiddies are amateur hackers who don’t have the required technical skills to develop their own hacking methods and tools and instead rely on scripts and software from other hackers.

Unlike green hat hackers who are keen on learning how to hack and develop hacking tools, script kiddies rely on already-developed software to carry out attacks.

They are not very keen on learning how to become a full-fledged hacker like green hat hackers. Script kiddies are often juveniles who conduct attacks simply for the thrill of hacking or to gain notoriety.

An example of a script kiddie is Daniel Kelly who, at 15 years of age, launched a denial of service and SQL injection attack on TalkTal, resulting in financial losses of about £77 million. Daniel Kelly ended up serving four years in prison for his computer crimes.


Hacktivism is derived from combining the words ‘hack’ and ‘activism’. A hacktivist is an individual or a group of hackers who use computer hacking as a form of activism and as a way to advance social or political causes.

Hacktivists may hack to protest certain policies or actions by governments and organizations or to even raise awareness on certain issues, such as human rights violations.

Whereas other malicious hackers may be motivated by financial gain or a desire to cause havoc, hacktivists are motivated by social and political causes and perform hacking to advance the causes they believe in.

One of the most famous hacktivist groups is Anonymous which is often identified by Guy Fawkes mask. According to CNBC, Anonymous claimed responsibility for hacking attacks that targeted the republican party in Texas as a form of protest against the state’s abortion law.

Additionally, Anonymous to credited for various cyberattacks against Russian government agencies and state-run news outlets and corporations after Russia attacked Ukraine.


In regards to hacking, whistleblowers are computer experts who hack and expose sensitive information to the general public. Such information can include government abuse of human rights, cases of corruption, and illegal activities by governments and corporations.

When it comes to whistleblowing, one name stands out. Edward Snowden. As noted by Right Livelihood, Snowden was an American technologist and a National Security Agency(NSA) Contractor who discovered and leaked evidence of how the United States government was operating a global system of mass surveillance. This was in violation of human rights and international law.

Whether his actions were for the greater good has been up for debate. However, Reuters reports that years later, a court of appeal ruled that the surveillance program that was being conducted by the NSA was illegal.

The public also got better informed on the activities of the NSA, and the US government became more transparent with its surveillance activities.


Hacking is an activity that can be done for both good and bad reasons. Whereas hacking often has negative connotations, there are ethical hackers who hack for good, and their efforts help to keep computer systems more secure.

If you are considering becoming a hacker, consider being an ethical hacker to avoid breaking the law and also make a meaningful contribution to computer security. Remember, hacking computer systems without permission is illegal.

You may also explore some best books for ethical hacking.

Share on:
  • Collins Kariuki
    Collins Kariuki is a software developer and technical writer for Geekflare. He has over four years experience in software development, a background in Computer Science and has also written for Argot, Daily Nation and the Business Daily Newspaper.
  • Narendra Mohan Mittal

    Narendra Mohan Mittal is a versatile and experienced digital branding strategist and content editor with over 12 years of experience. He is a Gold Medalist in M-Tech and B-Tech in Computer Science & Engineering.


Thanks to our Sponsors

More great readings on Security

Power Your Business

Some of the tools and services to help your business grow.
  • The text-to-speech tool that uses AI to generate realistic human-like voices.

    Try Murf AI
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.

    Try Brightdata
  • is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.

    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.

    Try Intruder