Skip to main content

What is ethical hacking?

Two ethical hackers perform a security assessment.

Hacking involves malicious actors launching various types of cyberattacks to steal sensitive data and information, usually for financial gain. These attacks can be incredibly damaging for individuals, and even more so for organizations.

To counter these attacks, many organizations are turning to certified ethical hackers to test their systems and help them strengthen their systems against malicious hackers. But what is ethical hacking and how does it work?

What is an ethical hacker?

An ethical hacker—sometimes known as a white hat hacker—is someone who, with the permission of the individual or organization involved, attempts to breach a computer system, network, or application, or instigate a data breach. The purpose of ethical hacking is to mimic the strategies of a malicious attack in order to identify security vulnerabilities, with the goal of addressing these before they can be exploited by cybercriminals. As such, most ethical hacking definitions focus on the proactive element of these security assessments.

Some of the responsibilities of ethical hacking and cybersecurity include:

  • Identifying operating system and network vulnerabilities
  • Using penetration testing to identify attack vectors
  • Simulating cyberattacks to prove how they can be carried out
  • Reporting all vulnerabilities and breaches to the network or system owner
  • Making suggestions for improving security and eliminating system vulnerabilities
  • Maintaining a high level of confidentiality

To carry out their work—and stay on the right side of the law—certified ethical hackers are expected to follow very specific guidelines. The most important of these is to gain approval for their security assessments from the system owner.

Ethical hackers vs malicious hackers

There is a fine line between certified ethical hackers and malicious—or black hat—hackers. Simply put, the difference is that the first has permission to run attacks as part of their security assessment and aims to improve the system owner’s cybersecurity while the latter launches attacks maliciously, often for financial gain. Here is a deeper look between ethical hacking and malicious hacking:

  • An ethical hacker tests a system’s vulnerabilities and weaknesses but does not steal any data or take any malicious actions.
  • Ethical hacking involves a strict ethical code that does not apply to black hat hackers.
  • Reporting is a key aspect of ethical hacking, as is patching security flaws.
  • Ethical hacking involves simulating cyberattacks to prove how they can be carried out.
  • Ethical hacking is legal, while malicious hacking is not.
  • White hat hackers are not motivated by malicious intent, but black hat hackers are.

It is important to note, though, that to carry out their assessments, a certified ethical hacker will use many of the same techniques that a black hat hacker does. This is because they must be able to replicate malicious actions and attacks in order to find as many security flaws as possible and figure out how to resolve these.

How does ethical hacking work?

In most cases, an assessment by an ethical hacker is a complex yet comprehensive five-step process. By assiduously going through each step, the assessor can expose as many vulnerabilities as possible and make more thorough recommendations for remedial actions.

Here are the different steps within an ethical hacking assessment:

  1. Planning and reconnaissance: The preliminary stage is where the ethical hacker will gather information about the system, outline the scope of the assessment, and set goals. They might gather information such as passwords, employee information, IP addresses, and services.
  2. Scanning: To begin the assessment, a number of automatic tools—such as dialers, sweepers, and port scanners—may be used to begin objective tests that could expose some weaknesses within the system and give attackers the information they need.
  3. Gaining access: Moving into the next phase of the assessment, the ethical hacker begins to understand the system’s access vectors and map out potential attacks. This is essentially the hacking phase, where the hacker exploits the system with a variety of attacks, such as phishing emails and malware.
  4. Maintaining access: The assessor tests the access vectors to see how far he can push them and whether they can be maintained for attacks. Here, they might launch DDoS attacks, steal databases, or otherwise further exploit their system access.
  5. Erasing evidence: In the last stage of their assessment, the certified ethical hacker clears any traces of their attacks, restoring the system to its original setup and—crucially—ensuring that no real attacker can exploit the vulnerabilities exposed. This might include deleting their cache and history and reversing their HTTP shells.

After completing their assessment, the ethical hacker would deliver a report to the individual or organization that hired them. Whether written or verbal, the report would be an overview of the work done and tools used, the vulnerabilities found, the potential implications of any exposed weaknesses, and recommendations for patching these vulnerabilities and strengthening the system’s security.

The pros and cons of ethical hacking

For the most part, ethical hacking and its cybersecurity implications are viewed positively. After all, this particular endeavour can convey a wealth of benefits to the owners and administrators of the networks and systems being assessed. For example, a security assessment by a certified ethical hacker can:

  • Expose vulnerabilities, which can then be addressed.
  • Help develop a secure network that is less vulnerable to breaches.
  • Provide assurances that enhance trust in the organization’s systems and networks.
  • Help fight cyberterrorism and enhance national security.
  • Ensures an organization’s compliance with data and cybersecurity regulations.
  • Provide guidance for future decision-making and development.

However, there are some disadvantages and limitations to ethical hacking—there is only so much an ethical hacker can do with their assessment because, no matter how thorough they are, a bad actor could always find a different way to carry out their attack. Here are a few things to keep in mind:

  1. Ethical hackers have a limited scope of work—they cannot go beyond certain scenarios during their assessment.
  2. There may be certain resource constraints that limit how far an ethical hacker’s assessment can go—this could be time, budget, or even computing power, methods, and tools.
  3. Assessments could be limited if the white hat hacker does not have the necessary knowledge and expertise.
  4. Assessments could cause data corruption or system breakdowns.
  5. It can be expensive to hire an ethical hacker.

How do ethical hackers work?

Legality is the key difference between a malicious attacker and an ethical hacker. Because of this, the white hat hacker must always remain aware of their responsibilities and adhere to an unofficial code of ethics. To ensure they remain within the bounds of ethical hacking, it is important that these security experts:

  • Remain within legal bounds by obtaining the proper approvals before beginning work.
  • Create and agree on a defined scope of work for their security assessment to agree on with the individual or organization they are working with
  • Report all vulnerabilities exposed during their assessment and provide advice about how to patch or mitigate these.
  • Handle all information, data, and discoveries with privacy and sensitivity, signing non-disclosure agreements where required.
  • Eradicate all evidence of their ethical hacking activity—these can be exploited by potential black hat hackers as attack vectors.

What issues does an ethical hacker identify?

A certified ethical hacker has one very specific job: to test and identify vulnerabilities in a wide assortment of applications, networks, systems, and devices. The aim, essentially, is to perform a reconnaissance mission about what security flaws exist and prove how a determined attacker could exploit these. While performing their assessments, white hat hackers essentially mimic malicious actors, using automated testing tools and manual techniques. There is usually a checklist of security issues that ethical hackers look for, such as:

  1. Injection attacks
  2. Misconfigurations
  3. Data exposure
  4. Vulnerable components that could be exploited as access points
  5. Broken or breached authentication
  6. Unexpected changes in security settings

How to become a certified ethical hacker

To gain the knowledge and experience they need to perform their tasks appropriately, many would-be white hat hackers choose to undergo ethical hacking training. This is a wide-ranging undertaking that incorporates a variety of computer skills in the pursuit of one goal: to learn ethical hacking. At a very basic level, ethical hacking training should include:

  • Gaining expertise with different scripting languages such as JavaScript, HTML, and Python.
  • Becoming familiar with the nuances of different operating systems, including Windows, MacOS, and Linux.
  • Building a comprehensive knowledge of networking formats, including LANs, WANs, and WLANs, as well as perimeter hacking techniques
  • Establishing foundational knowledge about the principles of information and cybersecurity.
  • Acquiring an extensive knowledge of servers and search engines.
  • Developing a thorough understanding of databases and database management systems, such as SQL.
  • Learning a variety of popular hacking tools.
  • Understanding reconnaissance and attack techniques
  • Learning different methods of cryptography
  • Becoming familiar with the operations of cloud computing.

To develop the expertise white hat hackers need, there are numerous ethical hacking classes, courses, and certifications available. As such, it can be useful for those interested in pursuing this to look into some of the courses offered by Kaspersky Expert Training Portal

For those who learn ethical hacking through formal courses, regular re-certification and continued education are necessary to stay up to date with the latest developments in the industry. In addition, most ethical hackers—if they want to work professionally—would be expected to have a Bachelor’s degree in computer science or information technology.

The different types of ethical hacking

The focus of an ethical hacker is to test various systems, processes, websites, and devices to discover their vulnerabilities and allow owners and developers to patch these to make them more secure. Because there are different ways a certified ethical hacker can work, it follows that there are several different ways to test ethical hacking and cybersecurity. Here are some of the key formats:

  • Web application hacking: The white hat hacker focuses on exposing vulnerabilities within websites and web-based applications by exploiting HTTP software through browsers or interfering with the URI.
  • System hacking: Hacking into a system and gaining access to devices through a network/
  • Web server hacking: Using techniques such as social engineering, gluing, and sniffing to steal information through real-time information available through web application servers.
  • Wireless network hacking: Gaining access to systems and devices by identifying and infiltrating local wireless networks.
  • Social engineering: Manipulating potential targets into sharing sensitive information.

5 tips to avoid hacking


Even with the best intentions of an ethical hacker, attacks can occur. Here are five tips to stay safe :

  1. Always use a virtual private network (VPN)
  2. Generate strong, complex passwords and store them for easy access on a password manager
  3. Use antivirus and email-scanning software
  4. Treat unsolicited emails with suspicion—avoid clicking unknown links or downloaded unknown attachments
  5. Use multifactor or biometric authentication where possible

The need for ethical hacking


An ethical hacker can be very useful for organizations that want to be sure that their networks and systems are as secure as possible. The work of these security experts can identify any weaknesses in these systems and try to patch them to make them less vulnerable to malicious actors. For this reason, organizations should look at ethical hacking and cybersecurity as two parts of a greater whole.

Frequently Asked Questions

What is ethical hacking?

This particular aspect of cybersecurity involves an ethical hacker receiving authorization—usually from an organization—to attempt to breach their systems or launch particular cyberattacks. The goal of ethical hacking is to identify as many weaknesses in the system in order to figure out how to fix them and enhance the system’s security so that malicious actors have less chance of launching successful cyberattacks.

What are the types of ethical hacking?

While the ethical hacking definition is clear, an ethical hacker can use different techniques to carry out their security assessments and identify system vulnerabilities. There are five main types of ethical hacking: web application hacking, system hacking, web server hacking, wireless network hacking, and social engineering. Each of these involves targeting different aspects of a system to expose as many potential attack vectors and vulnerabilities as possible.

Kaspersky received nine AV-TEST awards in home and business category for best advanced protection, best performance, usability, and Mac OS Security.

Related Articles and Links:

What malware needs to thrive
My email has been hacked! What should I do next?
What is endpoint security and how does it work?

What is ethical hacking?

Ethical hackers can be useful for organizations trying to enhance their cybersecurity. Learn about ethical hacking and how it works.
Kaspersky logo

Featured posts