Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only. T&Cs apply

Find out more

Types of pentesting and ethical hacking

In this video, we explore three types of penetration tests: black-box, white-box, and grey-box.

There are three types of penetration tests: black-box, white-box, and grey-box.

Black-Box

No information on the test target prior to the testing.

Black box with the text 'Zero knowledge of target' inside.

White-Box

Full and complete details of the test target.

White box with the text 'Full knowledge of target' inside.

Grey-Box

Partial details of the target systems.

Grey box with the text 'Some knowledge of target' inside.

Based on Objectives

External testing

External testing refers to any attacks on the test target using procedures performed from outside the organisation that owns the test target.

The objective of external testing is to find out if an outside attacker can get in and how far he can get in once he has gained access.

Internal testing

Internal testing is performed from within the organisation that owns the test target. The strategy is useful for estimating how much damage an internal threat (a disgruntled employee, for example) could cause.

Internal testing is centred on understanding what could happen if the test target was successfully penetrated by an authorised user with access privileges.

Watch the video above discussing penetration testing/ethical hacking categories.

This article is from the free online

Cybercrime Prevention and Protection

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now