Ethical hacking is term that describes a range of activites undertaken to evaluate the security of an information system by attempting to gain surreptitious access to that system using the same techniques and resources that a criminal hacker might employ.
Can you hack my spouse's Gmail account?
No, that would be a crime. Ethical hacking differs from criminal hacking in two respects. The obvious difference is that ethical hacking is legal whereas any other form of hacking is not. What makes ethical hacking legal is not that legal techniques and tactics are employed. An ethical hacker will attack the target information system with the same toolset a criminal would. It is legal because it has been authorized. Ethical hacking is only done at the request of the owner of the information system in question (or by an authorized representative of the owner) and it is conducted in terms of a contractual agreement that sets out the scope, boundaries, limitations and other specifics of the assignment. The other difference between ethical and criminal hacking relates to the hacker's intentions. In the case of ethical hacking, the objective is to improve security by identifying vulnerabilities and exploiting the systems susceptability to specific attack vectors. An ethical hacker will take extraordinary precautions to ensure that any system breaches do not leave the target system vulnerable to attack by criminal hackers, that confidential data is protected from accidental or unauthorized disclosure, and that the hacking assignment is undertaken with the minimal disruption or damage to the target infrastructure as possible.