Book Image

Python Penetration Testing Essentials

By : Mohit Raj
Book Image

Python Penetration Testing Essentials

By: Mohit Raj

Overview of this book

Table of Contents (14 chapters)
Python Penetration Testing Essentials
About the Author
About the Reviewers

Approaches to pentesting

There are three types of approaches to pentesting:

  • Black-box pentesting follows non-deterministic approach of testing

    • You will be given just a company name

    • It is like hacking with the knowledge of an outside attacker

    • There is no need of any prior knowledge of the system

    • It is time consuming

  • White-box pentesting follows deterministic approach of testing

    • You will be given complete knowledge of the infrastructure that needs to be tested

    • This is like working as a malicious employee who has ample knowledge of the company's infrastructure

    • You will be provided information on the company's infrastructure, network type, company's policies, do's and don'ts, the IP address, and the IPS/IDS firewall

  • Gray-box pentesting follows hybrid approach of black and white box testing

    • The tester usually has limited information on the target network/system that is provided by the client to lower costs and decrease trial and error on the part of the pentester

    • It performs the security assessment and testing internally