As ethical (white hat) hackers, we emulate an attacker by utilizing similar techniques to perform reconnaissance, identify vulnerabilities, and break into your systems. Unlike an attacker, however, we stop our test before exposing sensitive data or doing harm to your environment. With a White Box Penetration Test, we test a system with “administrator” or “root” level access and knowledge. This often includes access to architecture diagrams, design documents, specifications, and source code. A White Box Penetration Test is the most thorough and time consuming.
A White Box Penetration Test is commonly used in the following scenarios: