An ethical hacker, also known as a white hat hacker or a security consultant, is a person who hacks for the benefit instead of detriment of a security system for a computer or a network.
To be more precise, an ethical hacker in also the name given to penetration testers specifically hired to test the penetrability or impenetrability of a given computer system.
Ethical hackers provide the acid test of sorts that prove the worth of a given cipher, protocol, firewall, password algorithm, and other programmable security measures of a given site.
They try out every last possibility in hacking terms and round off all the vulnerabilities and glitches found in a given computer or computer network.
Ethical hackers are typically hired by a company who entrusts them to try to hack networks or systems utilizing the same methods as cracker or black hat hacker would.
The idea behind this deliberate penetration of systems and hacking exercise is to find and fix computer bugs, susceptibilities, glitches, code errors, and whatnot before corporate spies or malicious hackers can exploit them.
Companies from all around the globe can stay one step ahead of the criminal elements lurking within and beyond the worldwide web by hiring and authorizing ethical hackers to hack through an untested security system before an "unethical" hacker does.
These authorized or "legal" hacks—also known as penetration testing and can also involve vulnerability assessment—are done by the request of the owner of the targeted systems or networks and use all the same methods that a hacker would just short of, say, social engineering tactics or corporate espionage.
Meanwhile, illegal hacking is (obviously) a punishable crime in most countries, so penetration testing and deciding to become an ethical hacker if you're particularly skilled in scouring the ins and outs of IT security systems is a positive and less dangerous way for you to make use of your hard-earned skills or inborn talent.
Curiously, there is such a term as a "certified" ethical hacker.
They're the ones who've been certified by a certification body to search for vulnerabilities and weaknesses in targeted systems by profession, so they're given carte blanche to use all the same tools and know-how of a typical hacker as well in order to truly test the limits of a given network's or computer's protective measures; probably even to the point of doing distributed denial of service attacks and programming trojans, worms, or other malware just to see how weak or strong the security of a given system is.
As of August 2008, the certification for certified ethical hackers is in Version 6, while the exam code for C|EH is 312-50.
Meanwhile, the EC-Council also offers certification in the form of the C|NDA or Certified Network Defense Architect, which has an exam code of 312-99 and is only available to selected government agency members.
Furthermore, the United States' very own NSA or National Security Agency offers certifications for ethical hackers as well, such as the CNSS-4011.