The next step up from black-box testing is grey-box testing. If a black-box tester is examining a system from an outsider’s perspective, a grey-box tester has the access and knowledge levels of a user, potentially with elevated privileges on a system. Grey-box pen-testers typically have some knowledge of a network’s internals, potentially including design and architecture documentation and an account internal to the network.

The purpose of grey-box pen-testing is to provide a more focused and efficient assessment of a network’s security than a black-box assessment. Using the design documentation for a network, pen-testers can focus their assessment efforts on the systems with the greatest risk and value from the start, rather than spending time determining this information on their own. An internal account on the system also allows testing of security inside the hardened perimeter and simulates an attacker with longer-term access to the network.