Predefined templates
About this task
AppScan® comes with some predefined scan templates that are configured to produce the best results when testing AppScan® on a test site. These templates save you the need to adjust the many configuration options to optimize your scan. (Updates to these templates may be included in AppScan® updates from time to time.)
- Regular Scan
- demo.testfire.net (for scanning the Altoro Mutual Bank website, which has been created for demonstration purposes)
- Hacme Bank
- GraphQL (see Scanning a GraphQL web API)
- Parameter-Based navigation
- Production Site (configured for use with live production sites, see Scanning live production environments for more details)
- Quick and Light Scan (configured to produce useful results in a short time)
- WebGoat v5
- WebSphere® Commerce
- WebSphere® Portal
The table below shows some basic configuration details of some of the predefined templates.
Test Application |
Path Exclusion |
Path Limit |
Explore Method* |
Case Sensitive |
Login |
---|---|---|---|---|---|
WebGoat |
.*attack\?Num=.* |
Off |
Depth First |
Yes |
Username: guest Password: guest |
demo.testfire.net |
none |
5 |
Breadth First |
No |
Username: jsmith Password: demo1234 |
* For details of Explore Method refer to Explore Options view
To scan with a predefined template:
Procedure
- On the menubar, click File > New > New from template... > Browse.
-
Browse to the AppScan templates folder, default location:
C:\Program Files (x86)\HCL\AppScan Standard\Templates
The scan configuration dialog box opens.
- Define the Starting URL for the scan (see URL and Servers view).
- If applicable, record the login procedure, or supply username and password (see Login tab).
- Click OK to close the dialog box.
- In the context toolbar, click Start full scan.