Black box is a second type of penetration testing which is something “real hackers thing” In black box testing a professional ethical hacker is hired to perform test on a network. He just do not know anything about the network, OS, anything …
With this zero knowledge he is completely kept in dark about system information hence the test is named as black box. This ethical hacker try to perform passive attack gathering which included gaining information about organization, its employees & technical details about the servers from outside.
This is performed like any other black hat hacker does for some criminal activity.
This test is more effective compared to white box testing & really tests the ethical hacker’s knowledge about penetrating the system.
Penetration testing needs highly trained & experienced professional as this test is quite risky & performed under observation of organizational officials.
Before performing any such tests legal permissions must be taken from their Internet Service Provider (ISP) & from local cops if necessary. The agreements are signed between ethical hacker & organization. And things should be clearly defined on what to do & what not to, for making circumstances workable to an ethical hacker.
Concept is simple but the actual work needs some experience. Its process is complex & involves many things that you see for the first time so newbie or fresher in this field can not take the responsibility of performing a back box