I'm sure (not 100% though) that many security admins and tech staff in current
professional employment, would in their journey have crossed the so called black/white
line, in order to better understand exploits, vulnerabilities.

As mentioned here, as long as no damage is done to peoples computers or data, it really
isn't a crime, even though it is. Thin line..........Different ethical standards, etc,etc