Exec command
The exec
command creates
a new scan with the starting URL specified (in /starting_url
, /base_scan
, or /scan_template
), runs it, and saves it. It can also optionally be used to generate
and save a report of the scan.
To run the exec
command, type exec
, ex
, or e
at the command prompt, followed by the required command
options, as described below.
Parameters
The following parameters can be included in the exec command.
Parameter |
Explanation |
---|---|
|
Sets the starting URL for the scan. If the starting URL is defined in the scan template or base scan you do not need to define it here. |
|
Specifies Automatic Login and sets the username and password. This overrides any login configured in the SCANT file (if used). |
|
Specifies a source scan (must include full path), whose configuration will be used for the new scan. |
|
Specifies the destination where the new scan will be saved (must include full path). If no path is specified, the scan is saved to a Temp folder, and AppScanCMD will notify you of its exact location and filename. |
|
Specifies the scan template file. |
|
These two parameters enable you to "search and replace" one host with another, in a base scan. |
|
Imports a saved login sequence. |
|
Imports a multi-step operations file. |
|
Imports a Manual Explore file (in format EXD, HAR, DAST.CONFIG or CONFIG). Note: As of AppScan
Standard Version 9.0.1, EXD files include response data. To import this data, add flag
/ir . If the flag is not added, the response data will not be imported, and
instead an Explore stage will be run (the saved requests will be sent) to gather new
responses to analyze for testing. |
|
Imports a test policy file. |
|
Defines domains other than that of the starting URL to be included in the scan. If there are more than one additional domains, separate them with a comma or add multiple instances of the parameter. |
|
Specifies the destination and name for the generated report (must include full path). This field is optional. If not set, no report is generated. Note
that if |
|
Specifies the types of information that will be included in the report (see Security reports) Default template (if none is specified): |
|
Specifies the report format. Default is XML.
|
|
Specifies the AppScan Enterprise application to which the report will be published. Used only
with |
|
Specifies the minimum result severity to include in reports. (non-xml reports only). Default is "low". |
|
Specifies which type of tests to include in the report. Default is "All". |
|
Overrides the log file path and allows users to specify a custom full path for log files, redirecting the log files to a desired directory or file path according to their specific needs. |
Flags
Flag |
Explanation |
---|---|
|
Continue the scan. |
|
Run an Explore stage only. |
|
When importing Manual Explore
data (EXD file) that includes response data, include the responses
(use with /mef ).Note: As of AppScan Standard Version
9.0.1, EXD files include response data. If you add this flag, and
the file includes response data, it is used when analyzing for testing.
If the file does not include response data, an Explore stage
will be run (the saved requests will be sent) to gather new responses to analyze for testing. |
|
Run an incremental scan on the specified base scan, scanning only new parts of the application. |
|
Run an incremental scan on the specified base scan, scanning new parts of the application and also those parts of the application where an issue was previously found. |
|
Apply Explore-stage Redundancy
Tuning settings to Manual Explore data, to help avoid duplicate requests
(use with |
|
Test multi-step operations only. |
|
Open AppScan recording proxy. By default the port set in Tools > Options > Recording Proxy tab is used. To set a different port use To save as a SCAN file without running a scan, use SCAN files are ZIP files containing several component files, including Manual Explore sequences
that are saved as individual |
|
Display the scan log during the scan. |
|
Run a Test stage only. |
|
Include progress lines in the output. |
Examples
Below are some examples of complete commands.
Example 1
appscancmd e /su https://demo.testfire.net.scan
Example 2
This will start an Explore stage only with the specified starting URL, using the Regular Scan template.
appscancmd e /su https://demo.testfire.net.scan /eo
Example 3
appscancmd e
/st D:\demo.testfire.net.scant
/d D:\demo.testfire.net.scan
/mef D:\ManualExplore.exd
/mf D:\MyMultistepOperation.seq
/lf D:\LoginSequence.login
/pf D:\MyTestPolicy.policy
Example 4: Additional domains
-additional_domains
parameter, separated by commas, or in
separate
parameters.appscancmd e
/st D:\demo.testfire.net.scant
/d D:\demo.testfire.net.scan
/mef D:\ManualExplore.exd
/ad demo.testfire.net1,demo.testfire.net2,demo.testfire.net3
/sl
appscancmd e
/st D:\demo.testfire.net.scant
/d D:\demo.testfire.net.scan
/mef D:\ManualExplore.exd
/ad demo.testfire.net1
/ad demo.testfire.net2
/ad demo.testfire.net3
/sl
Example 5: Change hosts and ports
appscancmd e
/st D:\demo.testfire.net.scant
/d D:\demo.testfire.net.scan
/mef D:\ManualExplore.exd
/oh https://demo.testfire.net:80
/nh https://demo.testfire.net2:8090
Example 6: Incremental scans
- Scan only new parts of the
application:
appscancmd e /b D:\demo.testfire.net.scan /d D:\demo.testfire.net.inc.scan /inc
- Scan new parts of the application and also those parts of the
application where an issue was previously
found:
appscancmd e /b D:\demo.testfire.net.scan /d D:\demo.testfire.net.incretest.scan /incretest