Script kiddie

Part of a series on
Computer hacking
History Phreaking Cryptovirology Hacking of consumer electronics List of hackers
Hacker culture and ethic Hackathon Hacker Manifesto Hackerspace Hacktivism Maker culture Types of hackers Black hat Grey hat White hat
Conferences Black Hat Briefings Chaos Communication Congress DEF CON Hackers on Planet Earth Security BSides ShmooCon Summercon
Computer crime Crimeware List of computer criminals Script kiddie
Hacking tools Exploit forensics-focused operating systems Payload Social engineering Vulnerability
Practice sites HackThisSite Zone-H
Malware Rootkit Backdoor Trojan horse Virus Worm Spyware Ransomware Logic bomb Botnet Keystroke logging HIDS Web shell RCE Infostealer
Computer security Application security Cloud computing security Network security
Groups Anonymous Chaos Computer Club Homebrew Computer Club (defunct) Legion of Doom (defunct) LulzSec (defunct) Masters of Deception (defunct) Red team / Blue team
Publications 2600: The Hacker Quarterly Hacker News Nuts and Volts Phrack
v t e

A script kiddie, skript kiddie, skiddie, kiddie, or skid is a pejorative for an unskilled individual who uses malicious scripts or programs developed by others.

The term script kiddie was first used in 1988.^[1] In Brazil, the term "lammer" arised in the end of 80s and is more commonly used instead.^[2]

In a Carnegie Mellon report prepared for the US Department of Defense in 2000, script kiddies are defined as

The more immature but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet—often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.^[3]

Script kiddies typically have at least one or more effective and easily downloadable programs capable of breaching computers and networks.^[4]

Script kiddies vandalize websites both for the thrill of it and to increase their reputation among their peers.^[4] Some more malicious script kiddies have used virus toolkits to create and propagate the Anna Kournikova and Love Bug viruses.^[5] Script kiddies lack, or are only developing, programming skills sufficient to understand the effects and side effects of their actions. As a result, they leave significant traces which lead to their detection, or directly attack companies which have detection and countermeasures already in place. For example, they may leave automatic crash reporting turned on, sending their malware's source code to Microsoft.^[6][7]

Although script kiddie attacks might become increasingly more effective in the future, researchers have noted that other models, like the language model, can also be used to enhance protection against the improved script kiddie attacks. This continuous back and forth improvement suggests that the competition between cyber attackers and defenders will continue to increase.^[8]

• Black hat hacker
• Computer security
• Exploit (computer security)
• Hacker (computer security)
• Hacktivism
• Lamer
• List of convicted computer criminals
• Luser
• Noob
• Web shell, a tool that script kiddies frequently use

• Samuel Chng, Han Yu Lu, Ayush Kumar, David Yau (Mar 2022). "Hacker types, motivations and strategies: A comprehensive framework". Computers in Human Behavior Reports. 5. ISSN 2451-9588. Retrieved 27 Jan 2022.{{cite journal}}: CS1 maint: multiple names: authors list (link)
• Tapeworm (2005). 1337 h4x0r h4ndb00k. Sams Publishing. ISBN 0-672-32727-9.
• The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (2005) ISBN 978-0471782667

• Honeynet.org - Know Your Enemy (Essay about script kiddies) preserved at Internet Archive
• Cracking the Hacker Mindset Archived 2018-08-16 at the Wayback Machine