Black, grey and white box penetration testing
Black-box penetration testing
This is the sort of testing that is most similar to what a real attacker might do. The pentester would try to break into the system without any information about the internal systems or credentials provided before hand.
Grey-box penetration testing
In this pentest methodology the pentester has some information about the system. This could be diagrams, application logins, or VPN access, to name a few, but the the vast of the application architecture remains unknown to the attacker.
White-box penetration testing
This is the scenario where the pentester team has access to system info, source code, diagrams and other information about the architecture of the system. This type of testing is convenient when there are time constraints or the system owners assume that the attacker might already be in the system and want to spot where the system hole is.