Penetration testing can be categorized into three types: Black box, Grey box and White box. This article focuses primarily on how a penetration tester can effectively conduct a Grey Box penetration test.
Grey Box penetration test is a popular service among organisations because it produces outstanding results, particularly when the target object is an application. Many times the knowledge gathered during grey box testing may be so useful that another Black Box pentesting project from same organisation may get converted to grey box in the middle of the pentesting process.
Why Grey Box Penetration Testing?
Grey box penetration testing is basically a penetration test in which the tester is provided with partial information about the target (web application or mobile app etc.). The information could include URLs, IP addresses, any cloud service, framework or any other software being used in the target. There are chances where the tester will be only provided with credentials and nothing else.
Grey box testing is important for determining the extent of access a privileged person may have and the possible harm they may create. Grey box tests offer a mix between depth and efficiency, and they can be used to simulate an insider threat or a network perimeter breach. In real-world attacks, the adversary will first perform reconnaissance on the target environment and then conduct the attack.
Advantages of Grey Box
1: The penetration test is conducted from a point of view of a user or attacker who is logged into the target system/application.
2: Since the tester is provided partial information about the target, the reconnaissance phase in the whole penetration test is reduced significantly.
3: Very limited amount of guess work is involved.
4: The cost for the test lies between two extremes.
5: Time taken for the test to complete is predictable judging from the scope of the target.
Disadvantages of Grey Box
1:- Grey box is a combination of black box and white box, the testers are provided with partial information, but still there is no access to the source code of the target, which can cause the tester to miss a critical vulnerability.
2:- Because testing all possible input would take too long and be unreasonable, many programme pathways are often not checked by many tester. A habit which is not ideal to be a great pentester.
3:- The testing conducted on the target is not thorough enough, even though it is more compared to a black box pentest. The penetration testing does not include source code analysis, and also the tester is not provided any information about the target.
Some of the most common and popular tools among the penetration tester include:
1: Chrome Dev Tools
3: Burp Suite
4: OWASP ZAP
Stages of Grey box penetration test
There are mainly five stages involved in a grey box penetration test, these are explained as follows:
Planning: This stage involves planning on how and from where to begin the penetration test. The planning includes analyzing the scope of the target, working on test cases to be used for pentesting different features of the application etc.
Reconnaissance:This could include discovering an IP address, internal subdomains, hidden endpoints, credentials exposed of an employee in a github repository etc.
Initial Exploitation: This phase also involves locating server and cloud-based infrastructure misconfigurations.The requested information aids the security team in the development of various attack scenarios, such as privilege escalation.Scanning would be feasible behind the login as well.Scanning is also carried out behind the login.
Advanced Penetration Testing:This phase involves executing of attacks on the discovered endpoints for example exploiting an SQL injection to check how much sensitive data can be extracted from that vulnerability and further report how much the vulnerability can impact the organisation.
Report & Documentation:This is the last phase of the penetration test. It involves documenting all the vulnerabilities discovered in the target system, the severity, impact of each vulnerability and also offers remediation to each of them.
Read More Articles:-
- 5 Step Guide to Breaking Down the Pentesting Process in 2022
- How to Perform Static Pentesting of iOS Mobile Application
- Ethical Hacker’s: Top 10 Web Application Penetration Testing Books
- Mitigation of the Spring4Shell vulnerability: Overview and detection in 2022
- How To Jailbreak Your Iphone: Step-by-Step Guide in 2022
- What are the 3 Phases of Penetration Testing in 2022
- What are the Best Web Application Penetration Testing Tools