Information Security Handbook
上QQ阅读APP看书,第一时间看更新

Grey hat hacker

A grey hat hacker is someone who sits in between the two types of hackers. The grey hat hacker will often hack into a system with the intention of notifying the information system owner of the weakness. The grey hat does not have permission to attack the information system in this case, and is often performing this service with an expectation of being paid to disclose the vulnerability to the information system owner. Other grey hat hackers will publish their findings to the internet. In some cases, they are doing this to showcase their capabilities. In other cases, they do this to disclose a flaw in order to force a vendor to fix the software package. It is important to note that hacking without an information system owner's permission is illegal.