Much good work is lost for the lack of a little more.


Understanding Penetration Testing Terminology

There is a lot of jargon used regarding security assessment and penetration testing. For those looking to understand a little more about penetration testing or those looking to refresh their knowledge, below are explanations of common processes and terms around:

Penetration Test Phases

Non-Technological Tests (Physical Assessments / Social Engineering)

Internal vs. External Assessments

White, Black and Gray Container Testing

The Three Phases of a Penetration Test

Penetration testing is often used as a catch-all for any type of security service performed by an organization.

A true penetration test involves three distinct stages that build upon each other: Scanning, Assessing and Penetrating. It is important to understand the differences to ensure a properly scoped and delivered service.

iTechWorks provides services around each of these areas.


Discovery refers to the process of identifying known and potential vulnerabilities and/or unpatched or misconfigured systems. Many tools and techniques are used for this process depending on the environment, infrastructure, application and assessment type.
Discovery provides the attack surface of the infrastructure or application, allowing a tester to target potentially weak areas first and to ensure that coverage is as complete as possible.


Assessment takes the information identified through initial discovery and applies manual effort to validate findings and investigate further areas of interest.Building on the information collected during discovery, assessments include conducting additional checks and validations.
When conducting an assessment, iTechWorks reduces false positives by validating results up to the point of potentially penetrating the system. Since this is a manual review of collected information, time is spent validating, eliminating and collecting evidence of vulnerabilities within systems for reporting purposes.


Once a vulnerability has been identified and validated, the final stage is exploitation, conducted in accordance with predetermined rules of engagement with a client. This final stage is comprised of a manual attempt to exploit vulnerabilities identified in systems, escalating privileges, gaining control of the network and stealing sensitive data. The real value of a penetration test is shown in this phase and reveals what it would be possible for an attacker to achieve.

Non-Technological Penetration Tests

Penetration tests do not need to be exclusively technological in nature. Additional types of tests include physical and social engineering evaluations.

Physical security

Physical security assessments attempt to infiltrate an organization’s facilities and information through a variety of means, such as gaining access by evading security measures (e.g. secured doors, motion sensors, checkpoints and other, similar countermeasures).

Social Engineering

Social Engineering relates to coercing individuals within an organization to inadvertently grant access to someone not authorized to have such permission. Examples of Social Engineering may include phishing, phone campaigns and impersonation. Social Engineering may be a component of a physical security assessment and layered into the approach.

Internal vs. External Assessments

Internal and external assessments relate to network/infrastructure and application testing. As you would suspect, the terms refer to the source of the assessment or test’s origin. The source of an internal assessment or test comes from inside the organization and could mimic a malicious insider or well-meaning employee gaining access to, or exposing, sensitive information. External assessments or tests mimic how an external actor would attempt to gain access to sensitive information from outside the organization by targeting their public facing profile and architecture.

White / Black / Gray Container Testing

Penetration testing options include black container, white container and grey container tests.

White container

White container, or authenticated tests, target the security of your underlying technology with full knowledge of your IT department. Information typically shared with the tester includes: network diagrams, IP addresses, system configurations and access credentials. This type of testing allows for different ‘role-based’ testing, allowing for iTechWorks penetration testers to act as various individuals within, or connected to, an organization.

Black container

Black container, or unauthenticated tests closely represent a hacker attempting to gain unauthorized access to a system or IT infrastructure to obtain and exfiltrate data. Black container penetration testing evaluates both the underlying technology as well as the people and processes in place to identify and block real-world attacks. iTechWorks testers will not have prior knowledge of your organization and architecture.

Grey container

Grey container testing lies between black and white. Testers will have knowledge of some areas but not others. These areas are defined before the start of an engagement with the aim to ensure adequate coverage and depth of testing whilst controlling time and budget requirements.