![featured image](/content/images/2020/05/hacking-definitions-1.jpg)
![different hacker
types](/content/images/2020/05/hacking-definitions.jpg){.kg-image}
\
In this post I\'m going to try to explain some different hacker terms
and the mindset surrounding them. As I\'m looking into the security
field there are some common terms that float around and might as well
define\* them in one place. We will talk black hats, white hats, and
grey hats. After defining things I\'ll tell you what I\'m focused on
learning and my plan to get there.
### Black Hat Hacking {#blackhathacking}
`Black Hat Hacker: a person finds security flaws and exploits them for their own gain`.
Black hatters don\'t really care rather the target is a person or an
organization. I guess if you wanted a non-technical definition then you
can say the black hatters are the \"bad guys\"
### White Hat Hacking {#whitehathacking}
`White Hat Hacker: a person who finds security vulnerabilities for others to fix`.
White hatters tend to have permission to be in someone\'s system to
break things. White hatters are also called \"ethical hackers\" or in
non-tech terms we can call them the \"good guys\".
### Grey Hat Hacking {#greyhathacking}
`Grey Hat Hacker: a person that finds vulnerabilities but without the personal gain`.
Grey hatters are said to be like white hatters except they publically
announce vulnerabilities. I like to think of grey hatters as the limit
pushers, because they could easily fall into the category of black or
white hatter depend on how they use their knowledge of a discovered
exploit.
Which do I want to be? {#whichdoiwanttobe}
----------------------
Ah so we are back to me and my choices. I have been studying black hat
tools and given my background I think I want to be in the grey hat
bucket. In undergrad I was doing cybersecurity research for mobile
devices and I kept thinking \"why isn\'t this public?!?\". The
project/app I first worked on (Droidsheep) was public (it is Andreas
Koch\'s master thesis) but some of the other stuff we casually talked
about seemed so hush hush unless you were actively studying it.
I don\'t really see me ever being malicious when it comes to security,
and I also know how important it is to alert companies of weak points
(plus you can get paid for it). I want to make sure that security topic
and exploits are easily understood by anyone at any level and thus gray
hats seems like a lovely group to be a part of.
I plan on obtaining the knowledge needed by reading and practicing from
different well recommended security books, security courses, and
competing in CTFs (Capture the Flags) as my budget allows. I currently
work in IT and I\'m study on [Rangeforce](https://rangeforce.com/home)
as well as [Cybrary](https://www.cybrary.it/) in order to obtain a
Network+ cert and eventually my CISSP cert.
##### Let me also take the time out to thank the people at RangeForce for giving me access to their matierial free of charge. {#letmealsotakethetimeouttothankthepeopleatrangeforceforgivingmeaccesstotheirmatierialfreeofcharge}
I\'ve been meaning to write more about them and the skills I learn so
let this be a start. Now as I end this I recognise that you don\'t get
to just put yourself in these groups but hopefully as time goes on I can
justify my place among the greats.
- Definitions come from technopedia.com