Blackbox |
Minimal. Only the essential information, such as IP addresses and domains, is provided. |
Greybox |
Extended. In this case, we are provided with additional information, such as specific URLs, hostnames, subnets, and similar. |
Whitebox |
Maximum. Here everything is disclosed to us. This gives us an internal view of the entire structure, which allows us to prepare an attack using internal information. We may be given detailed configurations, admin credentials, web application source code, etc. |
Red-Teaming |
May include physical testing and social engineering, among other things. Can be combined with any of the above types. |
Purple-Teaming |
It can be combined with any of the above types. However, it focuses on working closely with the defenders. |