Using AppScan
Manual exploring enables you to explore specific parts of your application, filling in fields and forms as you go. This can be a way of ensuring that particular areas of the site are covered, and that AppScan has the information needed to complete forms correctly.
The AppScan browser opens and you record your actions, links and input data, while you browse through the application. When you stop the recording, AppScan shows you list of the links you crawled, with relevant form filler data that it can now use when exploring or testing the site automatically.
Before Automatic Explore
There are several reasons why you might choose to perform a Manual Explore before an Automatic Explore:
- You want to use the Manual Explore as a way of providing AppScan with data for filling forms, by manually exploring and completing the data as you go.
- You want to ensure that AppScan tests a speific, important part of the site.
- You want to scan a specific user process (the URLs, files, and parameters that a user will access given a certain scenario), you can create a manual explore for this process only. This manual explore could be done before you begin a scan.
- Your application uses JavaScripts or Java applets that reveal certain parts of the application only when states (such as Hover and Mouse Over) follow each other in a specific order. Note that this is not the same as a multi-step operation. For a multi-step operation, AppScan must visit links in a specific order; in this case, once AppScan has the link, it can test it in a single step, like any other link.
After performing the Manual Explore, you can continue with an automatic Explore stage (Explore Only, or Full Scan), so that the scan covers your entire application.
Instead of Automatic Explore
Sometimes you may choose to perform a Manual Explore instead of an Automatic Explore:
- You want to scan only a small part of the site, and prefer to
define the parts to test by manually exploring.
After manually exploring you can complete your scan by clicking Test Only.
After Automatic Explore
There are two main reasons why you may choose to perform a Manual Explore after an Automatic Explore:
- Your scan resulted in some URLs being categorized as Interactive
(see User Interaction Needed), meaning
that AppScan was unable to automatically fill in the required data.
You can manually explore these URLs to do this.Note: After you do this the URLs are removed from the list of Interactive URLs.
- Your site includes SWF (Adobe Flash) files. AppScan tests these, if configured (see Explore Options view), but if you find it missed certain files, you can identify them for AppScan using Manual Explore. Note that you do not need to explore the movie itself, just click on the SWF file, close Manual Explore, and then rerun Automatic Explore.