This section explains how to use additional tools provided with HCL AppScan Standard.
AppScan offers access to five utilities (PowerTools), each providing a specific feature to help you manage your application security or to help you use AppScan.
The HTTP Request Editor PowerTool enables you to send a fully-controlled HTTP request to your site, to test how your site responds to different kinds of HTTP request.
This section describes options you can control, to customize AppScan, from the Options dialog box in Tools > Options.
This extension lets you scan using Open API description files. It is available from Tools > Extensions > Web Services Wizard (Open API), and the extension is enabled by default.
The Authentication Tester PowerTool is a testing utility that uses the "brute-force" technique to reveal weak username-password combinations that could be used to gain access to your web application. (A brute force attack is an automated process of trial and error used to guess authentication credentials, causing a server to acknowledge an imposter as a legitimate user.)
The Connection Test PowerTool enables you to ping web sites without using the Ping protocol, which is blocked by many firewalls.
The Encode/Decode PowerTool encodes and decodes strings you put into it, to and from the format of your choice.
Writing precise regular expressions can be a tedious trial-and-error process. You can use the Expression Test PowerTool to help accelerate the process.
Logs can help you troubleshooting.
You can filter the Result List in any of the views, for specific data.