Importing Manual Explore data

If you have saved a standard procedures in the form of a Manual Explore, you can import it to another scan to test it again, even on a different server.

About this task

You can import a Manual Explore procedure that you previously saved, to use as part of a new scan. This is useful in the case of standard procedures that need to be rescanned. This can be done even if scanning the same application on a different server (see note in Step 3 below).

Supported Manual Explore file formats are: EXD, HAR, DAST.CONFIG, and CONFIG.

Procedure

  1. Click File > Import > Explore Data.
  2. Browse to the saved Manual Explore file (EXD, HAR, DAST.CONFIG, or CONFIG), and click Open.

    The Import dialog box opens.

  3. The Import with responses check box is selected by default, and AppScan will analyze these responses when preparing to test the site. If your site has changed in a way that affects its responses, you can clear the checkbox, so that AppScan sends the requests again and gathers up-to-date responses. However, in this case it may be more effective to perform the Manual Explore again.
    Note: If the file was saved in a version of AppScan that did not save the response data, the check box is cleared and grayed out. You can select Continue anyway to import the requests, send them to the site, and gather new responses to analyze for testing. However, in this case it may be more effective to perform the Manual Explore again.
  4. To start scanning, click Continue or Continue anyway.
    1. AppScan analyzes the Explore stage data, to check for host conflicts.
      If the file covers hosts that are not included in the current configuration, the Conflicts in Explore Data File dialog box appears. Resolve any conflicts by selecting an appropriate Action for each host:
      • Ignore: Do not explore this host.
      • Add to tested hosts: Add the listed host to the servers of the scan.
      • Replace with <hostname>: For each host defined in the scan, there is an option to replace the conflicting host with host already in the scan configuration.
        Note: This feature effectively lets you record a manual explore on one host and replay the process on a different server that hosts the same application. This can be used, for example, to record a process on a staging server and replay it on a production server.
    2. The scan begins:
      • If the imported data includes responses, the cached data is analyzed in preparation for the Test stage.
      • If the imported data does not include responses, a full Explore stage is run first, followed by analysis of the responses to formulate tests for the Test stage.
    3. When the Explore stage and analysis are complete, the scan pauses.
  5. At this point you can optionally continue Manual or Automatic Exploring.
  6. To continue with the Test stage of the scan, click Scan > Continue > Test.

What to do next

Related tasks:

Recording with a browser

Exporting Manual Explore data

Back to:

Using a browser