|This article relies largely or entirely upon a single source. (June 2012)|
Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings (see white-box testing). This method of test can be applied to virtually every level of software testing: unit, integration, system and acceptance. It typically comprises most if not all higher level testing, but can also dominate unit testing as well.
Specific knowledge of the application's code/internal structure and programming knowledge in general is not required. The tester is aware of what the software is supposed to do but is not aware of how it does it. For instance, the tester is aware that a particular input returns a certain, invariable output but is not aware of how the software produces the output in the first place.
Test cases are built around specifications and requirements, i.e., what the application is supposed to do. Test cases are generally derived from external descriptions of the software, including specifications, requirements and design parameters. Although the tests used are primarily functional in nature, non-functional tests may also be used. The test designer selects both valid and invalid inputs and determines the correct output without any knowledge of the test object's internal structure.
Test design techniques
Typical black-box test design techniques include:
- Decision table testing
- All-pairs testing
- State transition tables
- Equivalence partitioning
- Boundary value analysis
In penetration testing, black-box testing refers to a methodology where an ethical hacker has no knowledge of the system being attacked. The goal of a black-box penetration test is to simulate an external hacking or cyber warfare attack.
- Acceptance testing
- Boundary testing
- Fuzz testing
- Metasploit Project
- Sanity testing
- Smoke testing
- Software testing
- Stress testing
- Test automation
- Web Application Security Scanner
- White hat hacker
- White-box testing
- Grey box testing
- Ron, Patton. Software Testing.
- BCS SIGIST (British Computer Society Specialist Interest Group in Software Testing): Standard for Software Component Testing, Working Draft 3.4, 27. April 2001.