There are different types of Hackers around us:
- Black Hat Hacker
- White Hat Hacker
- Grey Hat Hacker
Black Hat Hacker Is a person who attempts to find computer security vulnerabilities and exploit them for personal financial gain or other malicious reasons. This differs from white hat hackers, which are security specialists employed to use hacking methods to find security flaws that black hat hackers may exploit.
Black hat hackers can inflict major damage on both individual computer users and large organizations by stealing personal financial information, compromising the security of major systems, or shutting down or altering the function of websites and networks.
Grey Hat Hacker very few things in life are clear black-and-white categories. In reality, there’s often a gray area. A gray-hat hacker falls somewhere between a black hat and a white hat. A gray hat doesn’t work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things.
Types of Penetration Testing :
- Black Box Penetration Testing
- White Box Penetration Testing
- Grey Box Penetration Testing
Black Box Testing The main differences are that with black box testing the testers are given very little or no information prior to the penetration test. It is also referred to as “blind testing” because the tester has to find an open route to access the network.
Disadvantages of Black Box Penetration Testing:
- Particularly, these kinds of test cases are difficult to design.
- It does not proper plan. Moreover it’s kinda trail-error method.
White Box Testing Is when the tester is given full disclosure about the network prior to the penetration testing. This will include IP addresses, source code, network protocols and diagrams. Also known as “Full Disclosure” testing. Sometimes this is also known as structural, glass box, clear box, and open box testing.
- This ensures that all independent paths of a module have been exercised.
- This ensures that all logical decisions have been verified along with their true and false value.
Grey Box Testing In between black box and white box testing you will find grey box testing. The penetration tester will be given partial details about the network infrastructure. We don’t need to provide the internal information about the program functions and other operations. It’s always good perform Grey box to fulfill your security audit.