An outside-in pentest. Forget everything you know about the guts and come in from the outside.
This tool is in my tabs - I haven't used it, but it seems to ball up all the ones I do use. I've been curious about it.
Bingo. Even something a simple as iteratively running nmap, upping the fingerprinting-aggressiveness with each run can be helpful. This can let you know "are they using any scan-detectors to auto-block script-kiddies" and help you level-set the types of attacks that are likely to work.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.