The purpose of this section is to understand the various senses of the term 'ethical hacking.' There are several associated terms here, such as white hats, black hats, grey hats, hacktivists, pen testers and script kiddies.
These names come from various combinations of these features of a hacker: 1) a hacker’s expertise, 2) a hacker’s tools, 3) a hacker’s values, and 4) a hacker’s modus operandi
The term 'black hat' is easiest to understand, as all of our stereotypes and fears of hacking: malicious, harmful, unethical, illegal, etc.
'White hats' are ethical hackers. The high standard for ethical hacking (from p. 192-193 of The Ethics of Cybersecurity.pdf) that describes a white hat hacker is someone who:
will get written permission prior to stressing and assessing his or her client’s IT-security
will act honestly and stay within the scope of his or her client’s expectations
will respect his or her client’s as well as its employees’ privacy
will use scientific, state-of-the-art and documented processes
will transparently communicate to his or her client all the findings as well as a transcript of all his or her actions
will remove his or her traces and will not introduce or keep any backdoor in the system
will inform software and hardware vendors about found vulnerabilities in their products