Are there different types of mobile application penetration?
There are three main types of mobile penetration testing.
- Black Box Testing - A penetration tester simulates a real-world attack by exploiting only information available to the public.
- White Box Pen testing - the pen tester has all relevant documentation and contextual understanding about the target application, the internal network environment it is deployed in, and what other systems may be reachable which enables a deeper test of the application.
- Grey box testing- the pen tester has some additional information, access, and credentials before a pen test engagement but approaches the test with a typical user's knowledge of the application environment and tech stack.