Test Types
Understand the different types of penetration tests CodeWall can perform.
When creating a new test, you choose the type of test you want to run. Each test type is designed for different objectives and levels of access.
Available test types
| Type | Description | Access Level | Best For |
|---|---|---|---|
| Surface Discovery | Maps your external attack surface from a domain or company name | No access needed | Understanding what's exposed |
| Full Blackbox | Tests a target with no prior knowledge | No credentials | Simulating an external attacker |
| Scoped Blackbox | Tests multiple specific targets (domains, URLs, IPs, endpoints) | No credentials | Focused testing of specific assets |
| Authenticated (Gray Box) | Tests with provided credentials to access authenticated areas | Credentials provided | Deep testing behind login walls |
| MCP Server Security | Tests MCP servers for injection and access control vulnerabilities | Server access | AI tool integrations, agent pipelines |
| LLM App / Chatbot | Tests LLM-powered apps for prompt injection and guardrail bypasses | API access | Chatbots, AI assistants, LLM wrappers |
Coming soon
| Type | Description |
|---|---|
| Infrastructure Test | Scan cloud environments for misconfigurations, open firewall rules, exposed storage buckets, and IAM policy weaknesses across AWS, Azure, and GCP |
| Internal Test | Deploy a CodeWall sensor inside your network to continuously test internal systems and services |
| Code Test | Integrate into your CI/CD pipeline to analyse code for security vulnerabilities on every commit |
| Mobile App | Test iOS and Android apps for security vulnerabilities including authentication, API exposure, and local data storage issues |
Surface Discovery
Discovers and maps your external attack surface starting from a domain or company name. The agent will:
- Enumerate subdomains and related domains
- Identify exposed services and open ports
- Fingerprint technologies and software versions
- Map the discovered assets into your asset inventory
Use this as a starting point to understand what's publicly visible before running deeper tests.
Full Blackbox
Simulates an external attacker with no prior knowledge. Provide a single domain and CodeWall will:
- Crawl and map the application
- Test for vulnerabilities without any credentials
- Focus on externally exploitable issues
- Identify misconfigurations and information disclosure
Scoped Blackbox
Like Full Blackbox, but you define multiple specific targets rather than a single domain. Provide a list of:
- Domains
- URLs
- IP addresses
- Specific endpoints
You can also explicitly exclude targets to keep certain assets out of scope.
Authenticated (Gray Box)
The deepest test type. Provide authentication credentials so CodeWall can test behind login walls:
- Bearer token — provide an API token or JWT
- Basic auth — provide username and password
- Custom headers — define arbitrary headers for non-standard auth
See Define Authentication for setup details.
MCP Server Security
Tests a Model Context Protocol server for security vulnerabilities in its exposed tools. Provide:
- SSE transport — the server's SSE endpoint URL
- stdio transport — a shell command to start the server, plus any environment variables
CodeWall will enumerate all available tools, analyse their schemas, and test each tool's parameters for injection vulnerabilities including SQL injection, command injection, path traversal, and SSRF.
LLM App / Chatbot
Tests an LLM-powered application for prompt injection and other LLM-specific vulnerabilities. Provide:
- The application's API endpoint URL
- The request format (OpenAI-compatible, Anthropic Messages API, or custom)
- Optionally, a known system prompt for measuring extraction completeness
CodeWall will test for direct and indirect prompt injection, system prompt extraction, data exfiltration, and guardrail bypasses.