1.Previous
3.Next

the target system. For such a penetration test, administrative credentials are typically provided in order to analyse how or which attacks can impact high-privileged accounts. Source code can be made available to be used as a reference for the tester. When the code is a target of its own, this is not (only) a penetration test but a source code security audit (or security review).

See also

* Black-box testing
* Gray-box testing

1.Previous
3.Next