Explore two open-source OWASP tools designed to enhance the efficiency and comprehensiveness of white box penetration testing in this 47-minute conference talk from AppSecCali 2019. Learn how OWASP Code Pulse uses glass box testing techniques to provide real-time code coverage feedback, helping testers maximize their testing coverage and communicate useful metrics. Discover the Attack Surface Detector, which performs static code analysis to identify web application endpoints, parameters, and datatypes, integrating with Burp Suite and OWASP ZAP for rapid dynamic testing. Gain insights into recent features, major releases, and participate in a Q&A session to provide feedback on these tools' effectiveness and potential improvements for penetration testing needs.