This method of testing resembles an actual attack the most, as it is conducted with no previous knowledge of the system or application. With no insight in the source code or access accounts, and without consultations with the developers, our pentest team initiates the first phase attack – gathering all possible information about the application. Using the gathered data as a starting point, the team then simulates an attack on the application. These attack help identify the potential security weak spots, both in the application itself and in the server configuration. Black Box testing relies on manual inspection, configuration scanning, manual verification and exploitation of the detected weaknesses, because it is done with no prior insight in the application or its code.