Grey-Box Testing

What is Grey-Box Testing?

Grey-box testing is the most common type of penetration testing and is essentially a combination of both Black-Box and White-Box testing. It provides both methods’ advantages while removing most of the application’s flaws through the practical, balanced blend of white-box and black box testing.

As a penetration tester in a grey box test, the tester will be provided with credentials for the application. It will be whitelisted to keep firewalls or intrusion detection systems from blocking the tester.  For an internal network test, the penetration tester will be provided access to “see” the internal network but will not be given actual network credentials.  

Grey-box testing increases the testing landscape by focusing on all the software layers being tested independent of its complexity.  While black-box testers make sure everything is fine with interfaces and functionality, and white-box testers dig into the internal structure and fix the software’s source code. Grey-box testers, however, deal with both at the same time in a methodological, non-intrusive manner.

How It Works

Using this methodology, complex systems are targeted with a straightforward black-box approach. This allows virtually anyone from developers to testers to end-users to perform the required tests.  An engineer with partial knowledge of the internal structure, architecture, and functional specifications of the software is used to design individual test cases. The generated test cases aim to find and eliminate defects in and any gaps that would enable improper software usage.

Grey-box testing has been proven the most useful with integration testing. It is also better suited for web applications because they don’t generally have source code or binaries, making them impossible to test using a strictly white-box testing approach. One of the few drawbacks to this form of testing is that because there is limited knowledge of the software’s internal structure with relatively no access to its source code, it only offers partial test coverage, leading to untested code paths.