Skip to the content
  • Why Vertex
    • Expertise in Education
    • Your Trusted Partner
    • Humanitix Case Study
    • Give Back
    • Careers
  • Penetration Testing
  • ISO27001
  • Cyber Training
  • Solutions
    • Cyber Security Audit
    • Incident Response
    • Managed Services
  • News
  • Contact
  • Why Vertex
    • Expertise in Education
    • Your Trusted Partner
    • Humanitix Case Study
    • Give Back
    • Careers
  • Penetration Testing
  • ISO27001
  • Cyber Training
  • Solutions
    • Cyber Security Audit
    • Incident Response
    • Managed Services
  • News
  • Contact
LOG IN

What are the different types of penetration testing?

Person typing on laptop with padlock icon

Penetration testing, also referred to as ethical hacking or pen testing, is the act of testing a computer system for security weaknesses which could be exploited by an attacker. The key word here is ‘testing’. Unlike other forms of measuring a system’s resilience, such as audits and vulnerability assessments, a penetration test involves employing the same methods and techniques that real hackers use, only in a non-destructive way. You could think of it as hiring an actual burglar to attempt to break into your house, but rather than steal your belongings, they take a picture and tell you how they got in.

But why on earth would you want to employ someone to hack into your systems? Well, whether you like it or not, cyber criminals are going to try. So you might as well have someone who is on your side hack you first. That way they can tell you how they did it and you can fix those vulnerabilities before the cyber criminals find them. Penetration testing can be used to not only validate your system’s resilience to cyber attack, but may also be necessary for compliance and regulation, such as with PCI DSS, HIPAA, SOC2, and ISO27001.

Penetration testing can also be broken down into several types, depending on the amount of information the penetration tester is given and the system being tested. First we will look at the different types of penetration testing distinguished by the amount of information given to the tester. These are black box, grey box, and white box testing.

Black Box

The tester starts with little information other than an IP address and logins. They won’t be told what programming languages the software is built with, the type of database used, etc., and must do all reconnaissance themselves. This gives a more accurate representation of what an attacker is able to achieve with the information an outsider can gather.

Grey Box

In between black box and white box testing. The tester is given partial knowledge of the internal structure of the application, such as information about some of the logic, networks, database used, etc.

White Box

The tester is given a lot of information about the system, such as network maps and the code itself. The testers therefore spend less time doing reconnaissance and have a better understanding of the internals of the system.

Next, we will look at the different types of penetration testing differentiated by the type of system being tested.

Infrastructure / External Network

This involves testing of the network’s perimeter, including externally-facing assets such as servers, firewalls, and switches. Think of it as an attacker outside of a network trying to get in. It makes a lot of sense that companies would want to test this as networks that are accessible from the internet (which most are) could have people from all over the globe trying to hack them.

Internal Network

As the name suggests, an internal penetration test is conducted from within the network. This type of testing simulates an attacker who managed to breach the external network, has physically plugged a device into an ethernet port within the network, or a malicious insider – which happens more often than people realise. This will give insight into how easily an attacker can traverse the network, what assets they’re able to access, and if they’re able to elevate their privileges (such as by exploiting misconfigurations to gain read/write permissions to files they shouldn’t).

Website / Web Application

Given the dynamic nature of websites these days, they offer a plethora of vectors which attackers can target. Attackers might try things like uploading malicious files or stealing user data by sending malicious code through forms (‘forms’ being parts of the website that accept user input, such as login forms or user comments). This is typically the most labour intensive type of penetration test.

Mobile Application

Mobile apps are simply software running on phones (iOS and Android), and like all software, could contain vulnerabilities. Penetration testing of mobile applications includes testing of things such as how data is transmitted and stored, how sessions are managed, and flaws in the apps’ security protocol.

Wi-Fi (Wireless)

As you might have guessed, Wi-Fi penetration testing involves searching for vulnerabilities in wireless networks. These vulnerabilities can exist due to things such as misconfigurations, weak protocols, outdated software, and the use of default or insecure passwords.

Social Engineering

The methods we’ve discussed so far are all technical, but cyber criminals aren’t restricted to purely digital means. Social Engineering Penetration Testing is by identifying vulnerabilities with the people and process such as calling and asking the staff for their password, or sending them a phishing email and tricking them into providing their password. The scope of a Penetration Test of Social engineering could be one specific social engineering attack such as phishing or a combination.

Physical

Physical penetration tests involve searching for weaknesses in physical controls such as locks, doors, cameras, or sensors, as well as psychological manipulation (referred to as social engineering). To do this, testers might pretend to be an employee who has forgotten their access card and ask another staff member to give them access to a restricted area. They could also try things like crowbar to open the door or break the lock, pick the lock, tailgating (following an authorised individual into a secured premise), and badge cloning (copying authentication data from an RFID badge’s microchip to another badge).

Hopefully you now have a better understanding of the different types of penetration testing. It’s also important that you choose a good company to do the testing. Certifications such as CREST can give confidence that the company has skilled employees and proper processes in place to protect your data (see our article on CREST certification). Vertex Cyber Security is a CREST ANZ certified provider of penetration testing services.

CATEGORIES

CREST - Cyber Attack - Cyber Security - Hacker - ISO27001 - Penetration Testing - SOC2 - Vulnerability

TAGS

cyber security - ethical hacking - pen test - penetration testing

SHARE

PrevPreviousIs public Wi-Fi safe?
Next‘Hey Mum’ ScamNext

Follow Us!

Facebook Twitter Linkedin Instagram
Cyber Security by Vertex, Sydney Australia

Your partner in Cyber Security.

Terms of Use | Privacy Policy

Accreditations & Certifications

blank
blank
blank
blank
blank
  • 1300 229 237
  • Suite 13.04 189 Kent Street Sydney NSW 2000 Australia
  • 121 King St, Melbourne VIC 3000
  • Lot Fourteen, North Terrace, Adelaide SA 5000
  • Level 2/315 Brunswick St, Fortitude Valley QLD 4006, Adelaide SA 5000

(c) 2025 Vertex Technologies Pty Ltd.

download (2)
download (4)

We acknowledge Aboriginal and Torres Strait Islander peoples as the traditional custodians of this land and pay our respects to their Ancestors and Elders, past, present and future. We acknowledge and respect the continuing culture of the Gadigal people of the Eora nation and their unique cultural and spiritual relationships to the land, waters and seas.

We acknowledge that sovereignty of this land was never ceded. Always was, always will be Aboriginal land.