Approaches to pentesting
There are three types of approaches to pentesting:
- Black-box pentesting follows non-deterministic approach of testing
- You will be given just a company name
- It is like hacking with the knowledge of an outside attacker
- There is no need of any prior knowledge of the system
- It is time consuming
- White-box pentesting follows deterministic approach of testing
- You will be given complete knowledge of the infrastructure that needs to be tested
- This is like working as a malicious employee who has ample knowledge of the company's infrastructure
- You will be provided information on the company's infrastructure, network type, company's policies, do's and don'ts, the IP address, and the IPS/IDS firewall
- Gray-box pentesting follows hybrid approach ...
Get Python: Penetration Testing for Developers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.