> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# White Box Testing

> Source-aware penetration testing with AI Exploitation - chain vulnerabilities into real attack paths.

## Overview

White box testing examines your application with **full internal knowledge, including the source
code** - the most comprehensive form of penetration testing. In CodeAnt, white box testing is
delivered by **AI Exploitation**: AI agents read your codebase end-to-end and **chain vulnerabilities
into real attack paths, validate exploitability, and surface the issues attackers would actually
reach in production** - not just isolated, theoretical findings.

## Watch it in action

<iframe className="w-full aspect-video rounded-xl" src="https://www.youtube.com/embed/ihGNNaIWXnw" title="AI Exploitation walkthrough" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen />

## Key Features

* **Full source-code analysis:** Agents explore the repository to trace untrusted input from source
  to sink across the whole code path.
* **Attack-path chaining:** Findings are connected into realistic, exploitable attack paths rather
  than reported in isolation.
* **Two scan modes:**
  * **High Precision** - tuned for a low false-positive rate; reports only findings it can verify
    end-to-end (untrusted source → unsafe sink, with no mitigation in the path).
  * **High Recall** - a broader scan that surfaces more potential vulnerabilities.
* **Broad vulnerability coverage:** RCE (command injection, SSTI, deserialization), SQL/NoSQL
  injection, authentication/authorization bypass, SSRF, hardcoded secrets, cryptographic misuse,
  XSS, path traversal, and more.

## How It Works

<Steps>
  <Step title="Open AI Exploitation">
    Open **AI Exploitation** from the sidebar of the CodeAnt dashboard.
  </Step>

  <Step title="Select a repository and branch">
    Choose the repository you want to analyze and the branch to scan.
  </Step>

  <Step title="Scope the scan (optional)">
    Optionally narrow coverage with include / exclude file patterns to focus on the areas that
    matter most.
  </Step>

  <Step title="Choose a mode and run">
    Pick **High Precision** for verified, low-noise findings or **High Recall** for broader coverage,
    then start the scan. Results are presented as findings with the attack paths the agents traced.
  </Step>
</Steps>

## Availability

AI Exploitation is part of the **Code Security** plan. Your **first scan is free**; additional scans
use credits.

<Note>
  Looking for a deeper security analysis after a SAST scan? AI Exploitation chains the vulnerabilities
  in your code into real attack paths and validates which ones are actually exploitable - see
  [Application security](/scan_center/code_security/security) for the static analysis it builds on.
</Note>

## When to use white box testing

White box testing gives the deepest coverage because the agents can read everything an attacker would
have to guess. Use it on your most sensitive repositories where exploitable logic lives in the source.
For external, attacker's-eye coverage of your public surface, pair it with
[Black Box Testing](/pentesting/black_box); to focus the analysis with partial context, see the
[Gray Box](/pentesting/gray_box) approach.
