> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Gray Box Testing

> A private, scoped penetration testing engagement run with partial knowledge of your systems.

## Overview

Gray box testing sits **between black box and white box**: the tester works with *partial* knowledge
of your systems - limited credentials, architecture notes, API documentation, or a scoped view of a
specific flow - but not full source-code access. It simulates a realistic insider-adjacent threat,
such as an authenticated user, a partner with API access, or an attacker who has already gathered
some reconnaissance.

<Note>
  Gray box testing is a **private, hands-on engagement** with the CodeAnt security team - not a
  self-serve mode in the dashboard. Because it involves sharing credentials and context and agreeing
  on scope, every engagement is scoped and run together with you. [**Contact
  us**](mailto:support@codeant.ai) to set one up.
</Note>

## Why gray box

|                | Black box                   | **Gray box**                    | White box                      |
| -------------- | --------------------------- | ------------------------------- | ------------------------------ |
| **Knowledge**  | None                        | Partial                         | Full (incl. source)            |
| **Simulates**  | External attacker           | Insider / authenticated user    | Code review / insider          |
| **Coverage**   | Public surface              | Targeted, context-guided        | Most comprehensive             |
| **How to run** | Self-serve in the dashboard | Private engagement - contact us | Self-serve via AI Exploitation |

Gray box is a good fit when:

* You want testing **focused** on a specific flow - authentication, a payment path, a partner API.
* You can share *some* context (a test user, a role, an architecture note, an endpoint list) but not
  full source.
* You want realistic, insider-style coverage guided by a security engineer rather than an automated scan.

## How an engagement works

<Steps>
  <Step title="Reach out">
    [Contact us](mailto:support@codeant.ai) with the application and the areas you want tested. We'll
    align on goals, scope, and timeline.
  </Step>

  <Step title="Share scoped context">
    You provide the partial knowledge the engagement runs on - test credentials, a user role, API
    docs, or architecture notes for the target flow. Access stays scoped to what's agreed.
  </Step>

  <Step title="Testing">
    The CodeAnt security team tests the agreed scope using that context, combining authenticated
    probing with targeted analysis.
  </Step>

  <Step title="Report and retest">
    You receive a findings report with severity, reproduction, and impact. After you remediate, we
    retest to confirm the fixes.
  </Step>
</Steps>

## Self-serve alternatives

If you'd rather start immediately without an engagement, the two self-serve options cover the ends of
the spectrum:

* [**Black Box Testing**](/pentesting/black_box) - external attacker perspective, zero internal
  knowledge. Run it yourself from the dashboard.
* [**White Box Testing**](/pentesting/white_box) - full source-aware analysis via AI Exploitation.

For an insider-style test in between, [contact us](mailto:support@codeant.ai) about a gray box engagement.
