Abstract— Cyber-attacks are critical cybersecurity concerns across the world. Catching malicious hackers prior to a cyberattack can save significant financial cost as well as avoid devastating cyber-attacks. Current methods of identifying and reprimanding hackers generally occurs after an attack and is reactive in nature. This research aims to proactively identify key hackers who are creating and disseminating malicious tools within hacker forums. Specifically, we utilize social network analysis techniques to systematically identify key hackers for keylogging tools within a large English hacker forum. Results of this study indicate that many key hackers are the most senior, longest tenured participants of their community.