上QQ阅读APP看书,第一时间看更新
Approaches to pentesting
There are three types of approaches to pentesting:
- Black-box pentesting follows non-deterministic approach of testing
- White-box pentesting follows deterministic approach of testing
- You will be given complete knowledge of the infrastructure that needs to be tested
- This is like working as a malicious employee who has ample knowledge of the company's infrastructure
- You will be provided information on the company's infrastructure, network type, company's policies, do's and don'ts, the IP address, and the IPS/IDS firewall
- Gray-box pentesting follows hybrid approach of black and white box testing