The form of penetration test that you’ll conduct depends on the needs of your client. In

this part of the book, you’ll learn about the different kinds of “pen tests”.

Black Box Tests

In a black box test, you don’t have any information regarding your target. Your first task is

to research about your client’s network. Your client will define the results they need, but

they won’t give you other pieces of data.

The Advantages

Black box tests offer the following advantages:

The tester will start from scratch. Thus, he will act like a malicious hacker who

wants to access a network.

The tester will have higher chances of detecting conflicts in the network.

The tester doesn’t need to be an expert programmer. Unlike other types of pen tests,

black box tests don’t rely on ready-made scripts.

The Disadvantages

The disadvantages of black box tests are:

It can be time-consuming.

It is extremely complex. The tester needs to spend time and effort in designing and

launching an attack.

White Box Tests

These tests are detailed and comprehensive, since the hacker has access to all the

information related to his target. For example, the hacker can use the IP addresses and

source codes of a network as basis for his attack.

This form of test relies heavily on codes and programming skills.

The Advantages

The main advantages of white box testing are:

It makes sure that each module path is working properly.

It makes sure that each logical decision is verified and comes with the right

Boolean value.

It allows the hacker to detect errors in scripts.

It helps the hacker in identifying design flaws that result from conflicts between the

target’s logical flow and actual implementation.

Gray Box Tests

Here, the hacker has access to some information regarding his target. You may think of a

gray box test as a combination of black box and white box tests.

The Advantages

The hacker can perform the test even without using the network’s source code.

Thus, the penetration test is objective and non-intrusive.

There will be minimal connection between the tester and the developer.

The client doesn’t need to supply every piece of information to the tester. Sharing

private or sensitive information with an outsider is extremely risky, especially if

that third-party is skilled in attacking networks.

Different Facets of a Penetration Test

You can divide a penetration test into three facets, namely:

Network Penetration

This facet focuses on the physical attributes of your target. The main goal of this facet is to

identify vulnerabilities, determine risks, and ensure the security of a network. As the

hacker, you should search for flaws in the design, operation, or implementation of the

network you’re dealing with. You will probably hack modems, computers, and access

devices in this part of the attack.

Application Penetration

In this facet, you will concentrate on the target’s logical structure. It simulates hacking

attacks to verify the effectiveness of the network’s existing defenses. Application

penetration usually requires hackers to test the firewall and/or monitoring mechanisms of

their target.

System Workflows or Responses

This facet focuses on how the organization’s workflows and responses will change during

an attack. It also involves the relationship of end-users with their computers. During this,

the penetration tester will know whether the members of the network can prevent

malicious attacks.

Manual and Automated Tests

Penetration testers divide tests into two categories: manual and automated. Manual tests

rely on the skills of a white hat hacker. The tester has complete control over the process. If

he makes a mistake, the entire penetration test can prove to be useless. Automated tests,

on the other hand, don’t need human intervention. Once the test runs, the computer will

take care of everything: from selecting targets to recording the results.

In this part of the book, you’ll learn important information regarding these types of tests.

You need to master this concept if you’re serious about hacking. With this knowledge, you

can easily determine the type of test that must be used in any situation.

Manual Penetration Tests

You will run manual tests most of the time. Here, you will use your tools, skills, and

knowledge to find the weaknesses of a network.

Manual tests involve the following steps:

Research – This step has a huge influence over the entire process. If you have a lot

of information about your target, attacking it will be easy. You can conduct research

using the internet. For example, you may look for specific information manually or

run your hacking tools.

Kali Linux has a wide of range of tools that you can use in this “reconnaissance” phase.

With Kali’s built-in programs, you can easily collect data about your targets (e.g.

hardware, software, database, plugins, etc.).

Assessment of Weaknesses – Analyze the information you collected and identify

the potential weaknesses of the target. Your knowledge and experience will help

you in this task. Obviously, you need to work on the obvious weaknesses first.

That’s because these weaknesses attract black hat hackers.

Exploitation – Now that you know the specific weaknesses of your target, you must

perform an attack. You will “exploit” a weakness by attacking it with a hacking


Preparation and Submission of Output – Record all the information you gathered

during the test. Arrange the data so that your clients can easily determine the next

steps. Make sure that your report is clearly explained. Don’t use jargon.

White hat hackers divide manual penetration tests into the following categories:

Comprehensive Tests – This kind of test covers an entire network. A

comprehensive test aims to determine the connections between the parts of a target.

However, comprehensive tests are time-consuming and situational.

Focused Tests – Tests that belong to this category concentrate on a specific risk or

vulnerability. Here, the hacker will use his skills in pinpointing and exploiting

certain vulnerabilities in a network.

Automated Penetration Tests

Automated tests are easy, fast, reliable and efficient. You can get detailed reports just by

pressing a single button. The program will take care of everything on your behalf. In

general, the programs used in this test are newbie-friendly. They don’t require special

skills or knowledge. If you can read and use a mouse, you’re good to go.

The most popular programs for automated tests are Metasploit, Nessus, and OpenVAs.

Metasploit is a hacking framework that can launch attacks against any operating system.

Hackers consider Metasploit as their primary weapon.

Infrastructure Tests

A computer system or network usually consists of multiple devices. Most of these devices

play an important role in keeping the system/network stable and effective. If one of these

devices malfunctions, the entire system or network might suffer. That is the reason why

penetration testers must attack the infrastructure of their targets.


Please enter your comment!
Please enter your name here