Complete
AppScan is now configured as a recording proxy for your device to send requests to the application. You are now ready to start your Manual Explore of the application.
Procedure
-
Click Finish.
The External Traffic Recorder opens with a status message indicating that it is connected to your device.
- When
the External Traffic Recorder opens with status "Waiting for incoming
connections, manually Explore the web service from your device/application:
- Using your device or application, explore the web service.
As you explore, domains detected are listed in the left pane of the recorder, and URLs are listed in the right pane.
- When finished, in AppScan click Stop Recording.
- Using your device or application, explore the web service.
- Review
and edit the Manual Explore data:
- Domains detected
- All domains to which requests were sent are listed, and by default
selected for adding to the list of Additional Servers and Domains
(Configuration > URLs and Servers > Additional Servers and Domains)
so they can be included in the scan. You can deselect any you do not
want included in the scan.Tip: You should deselect any domains that belong to other companies.
- Requests sent
- All requests sent by the device to domains that are selected (in the left pane), are listed. If you select/clear domains in the
left pane, the requests list is updated. You can delete specific requests
if they are not needed.Tip: If the total number of filtered requests is more than 200, deleting some of them may produce a more efficient scan.
Note: At this stage you can click Export to save the Explore data for use on another machine. - Click
OK to close the recorder.
AppScan takes a few moments to process and display the data.
- To start
the Test stage, click Scan > Test Only
The Test stage starts and when complete the scan results are displayed.
Related topics: