If you have saved a standard procedures in the form of
a Manual Explore, you can import it to another scan to test it again,
even on a different server.
About this task
You can import a Manual Explore procedure that you previously saved, to use as part of a new
scan. This is useful in the case of standard procedures that need to be rescanned. This can be done
even if scanning the same application on a different server (see note in Step 3 below).
Supported Manual Explore file formats are: EXD, HAR, DAST.CONFIG, and CONFIG.
Procedure
- Click File > Import > Explore Data.
-
Browse to the saved Manual Explore file (EXD, HAR, DAST.CONFIG, or CONFIG), and click
Open.
The Import dialog box opens.
- The Import with responses check
box is selected by default, and AppScan will analyze these responses
when preparing to test the site. If your site has changed in a way
that affects its responses, you can clear the checkbox, so that AppScan
sends the requests again and gathers up-to-date responses. However,
in this case it may be more effective to perform the Manual Explore
again.
Note: If the file was saved in a version of AppScan
that did not save the response data, the check box is cleared and
grayed out. You can select Continue anyway to
import the requests, send them to the site, and gather new responses
to analyze for testing. However, in this case it may be more effective
to perform the Manual Explore again.
- To start scanning, click Continue or Continue anyway.
- AppScan analyzes
the Explore stage data, to check for host conflicts.
If the file
covers hosts that are not included in the current configuration, the
Conflicts in Explore Data File dialog box appears. Resolve any conflicts
by selecting an appropriate
Action for each
host:
- Ignore: Do not explore this host.
- Add to tested hosts: Add the listed host
to the servers of the scan.
- Replace with <hostname>: For each host
defined in the scan, there is an option to replace the conflicting
host with host already in the scan configuration.
Note: This feature
effectively lets you record a manual explore on one host and replay
the process on a different server that hosts the same application.
This can be used, for example, to record a process on a staging server
and replay it on a production server.
- The scan begins:
- If the imported data includes responses, the cached data is analyzed
in preparation for the Test stage.
- If the imported data does not include responses, a full
Explore stage is run first, followed by analysis of the responses
to formulate tests for the Test stage.
- When the Explore stage and analysis are complete, the scan pauses.
- At this point you can optionally continue Manual or Automatic
Exploring.
- To continue with the Test stage of the scan, click Scan > Continue > Test.