Predefined templates

About this task

AppScan® comes with some predefined scan templates that are configured to produce the best results when testing AppScan® on a test site. These templates save you the need to adjust the many configuration options to optimize your scan. (Updates to these templates may be included in AppScan® updates from time to time.)

  • Regular Scan
  • Quick and Light Scan (configured to produce useful results in a short time)
  • Parameter-Based navigation
  • WebSphere® Commerce
  • WebSphere® Portal
  • demo.testfire.net (for scanning the Altoro Mutual Bank website, which has been created for demonstration purposes)
  • Production Site (configured for use with live production sites, see Scanning live production environments for more details)
  • Hacme Bank
  • WebGoat v5
  • Worklight® (for scanning in an IBM Worklight server environment)

The table below shows some basic configuration details of some of the predefined templates.

Test Application

Path Exclusion

Path Limit

Explore Method*

Case Sensitive

Login

WebGoat

.*attack\?Num=.*

Off

Depth First

Yes

Username: guest Password: guest

demo.testfire.net

none

5

Breadth First

No

Username: jsmith Password: demo1234

* For details of Explore Method refer to Explore Options view

To scan with a predefined template:

Procedure

  1. On the main screen, click the New Scan icon (or File > New), and then in the Predefined Templates area select the required template.
  2. Click Save As, type in a name for the scan, and save the scan.
  3. Define the Starting URL for the scan (see URL and Servers view).
  4. If applicable, record the login procedure, or supply username and password (see Login tab).
  5. Click the Start Scan icon