feat: Better source-aware testing (#391)

2026-03-31 14:53:49 -04:00
parent 7d5a45deaf
commit e78c931e4e
31 changed files with 2398 additions and 106 deletions
--- a/docs/usage/scan-modes.mdx
+++ b/docs/usage/scan-modes.mdx
@@ -31,6 +31,8 @@ Balanced testing for routine security reviews. Best for:

 **Duration**: 30 minutes to 1 hour

+**White-box behavior**: Uses source-aware mapping and static triage to prioritize dynamic exploit validation paths.
+
 ## Deep

 ```bash
@@ -44,6 +46,8 @@ Thorough penetration testing. Best for:

 **Duration**: 1-4 hours depending on target complexity

+**White-box behavior**: Runs broad source-aware triage (`semgrep`, AST structural search, secrets, supply-chain checks) and then systematically validates top candidates dynamically.
+
 <Note>
 Deep mode is the default. It explores edge cases, chained vulnerabilities, and complex attack paths.
 </Note>