Question

Penetration testing is also known as ethical hacking. Distinguish white, grey and black hat hackers, from the professional, ethical hacker. In your answer state the extent to which ethical hackers might be the same as or different to white hat hackers.

Answer 1

Bellow given as the distinction of grey and black hat hackers, from the professional, ethical hacker.

Black Hat Hacker
A black hat hacker is a person or group of people who attempts to find computer security
vulnerabilities and exploit them for personal financial gain or other malicious reasons.
Black hat hackers can cause major damage on both individual computer users and large
organizations by stealing personal or financial information, compromising the security of major
systems or altering the computer system configuration such as implanting malwares.
The major difference is that they are the criminal hackers from white hat and grey hat hackers.

White Hat Hacker
A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities
in hardware, software or networks.
They also called as the ethical hackers who only seek vulnerabilities or exploits when they are
legally permitted to do so as white hat hackers are security specialists employed to use hacking
methods to find security flaws that black hat hackers may exploit.

Grey Hat Hacker
Gray hat hackers fall between white and black hats on the moral spectrum. They generally consider
themselves good guys who are more flexible about the rules under which they operate.
They may be described as cracker who exploits a security weakness in a computer system or product
in order to bring the weakness to the attention of the owners.
Unlike a black hat, a gray hat acts without malicious intent.
The goal of a gray hat is to improve system and network security.

Professional and ethical hacker
An ethical hacker or professional hacker is sometimes called a legal or white hat hacker and
its counterpart a black hat.
They uses the same methods and techniques to test and bypass a system's defenses, but rather
than taking advantage of any vulnerabilities found, they document them and provide actionable
advice on how to fix them so the organization can improve its overall security.

Ethical hackers might be the same as white hat hackers they disclose all the vulnerabilities they find to the
company or owner who is responsible for fixing the flaws so the issues can be fixed before they
are exploited by malicious actors.
They only seek vulnerabilities or exploits when they are legally permitted to do so.
They may do their research on open source software, as well as on software or systems that they
own or that they have been authorized to investigate, including products and services that
operate bug bounty programs.