Security testing is the primary job of ethical hackers. These tests might be configured in such way that the ethical hackers have no knowledge, full knowledge, or partial knowledge of the target of evaluation (TOE).
- No Knowledge Tests – No knowledge testing is also known as blackbox testing. Simply stated, the security team has no knowledge of the target network or its systems. Blackbox testing simulates an outsider attack as outsiders usually don’t know anything about the network or systems they are probing. The attacker must gather all types of information about the target to begin to profile its strengths and weaknesses. The advantages of blackbox testing include
- The test is unbiased as the designer and the tester are independent of each other.
- The tester has no prior knowledge of the network or target being examined. Therefore there are no preset thoughts or ideas about the function of the network.
- A wide range of resonances work and are typically done to footprint the organization, which can help identify information leakage.
- The test examines the target in much the same way as an external attacker.
The disadvantages of blackbox testing include
- It can take more time to perform the security tests.
- It is usually more expensive as it takes more time to perform.
- It focuses only on what external attackers see, while in reality, most attacks are launched by insiders.
- Full Knowledge Testing (or Whitebox) – Whitebox testing takes the opposite approach of blackbox testing. This form of security test takes the premise that the security tester has full knowledge of the network, systems, and infrastructure. This information allows the security tester to follow a more structured approach and not only review the information that has been provided but also verify its accuracy. So, although blackbox testing will typically spend more time gathering information, whitebox testing will spend that time probing for vulnerabilities.
- Partial Knowledge Testing ( or Graybox) – In the world of software testing, graybox testing is described as a partial knowledge test EC-Council literature describes graybox testing as a form of internal test. Therefore, the goal is to determine what insiders can access. This form of test might also prove useful to the organization as so many attacks are launched by insiders.