I do like to start this article by defining the term hacker and I do like to that in simple English a security hacker can be defined as a person or group of individual whose sole aim or task is to identify and at same time take advantage of the weakness of a computer system, gadget or system.
There are very many reasons why hackers chose to hack into a system which ranges from financial benefit to a form of protest or blackmail. But on the bright side, the services of a hacker can be employed so as to identify the weakness of a system and proffer solutions to such identified weakness.
The main focus of a hacker is on the security system of a computer system, how he or she can gain access he or she is into the desired network so as not go through the approved process.
So many classification of hackers abound but I do like us to focus our attention on the ones explained below as they are the major known forms classification, and this classifications is dependent on the modus operandi of this, that is to say that the classification is arise from how each hacker carries out his/her hacking activity.
This hacker does not hack a system for financial benefits but usually does so for reasons which range from either to test their own security system, perform penetration tests or vulnerability assessments for a client or while working for a security company which makes security software. The term is generally synonymous with ethical hacker, and the EC-Council, among others, have developed certifications, courseware, classes, and online training covering the diverse arena of ethical hacking.
A “black hat” hacker is a hacker who “violates computer security for little reason beyond maliciousness or for personal gain”. The term was coined by Richard Stallman, to contrast the maliciousness of a criminal hacker versus the spirit of playfulness and exploration in hacker culture, or the ethos of the white hat hacker who performs hacking duties to identify places to repair or as a means of legitimate employment. Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are “the epitome of all that the public fears in a computer criminal”.
A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.
A grey hat hacker lies between a black hat and a white hat hacker. A grey hat hacker may surf the Internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example. They may then offer to correct the defect for a fee. Grey hat hackers sometimes find the defect of a system and publish the facts to the world instead of a group of people. Even though grey hat hackers may not necessarily perform hacking for their personal gain, unauthorized access to a system can be considered illegal and unethical.
A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.
A security exploit is a prepared application that takes advantage of a known weakness. Common examples of security exploits are
- SQL injection,
- cross-site scripting
- Cross-site request forgery (which abuse security holes that may result from substandard programming practice). These are very common in Web site and Web domain hacking.