Importing Manual Explore data

If you have saved a standard procedures in the form of a Manual Explore, you can import it to another scan to test it again, even on a different server.

About this task

You can import a Manual Explore procedure that you previously saved, to use as part of a new scan. This is useful in the case of standard procedures that need to be rescanned. This can be done even if scanning the same application on a different server (see note in Step 3 below).

Supported Manual Explore file formats are: EXD, HAR, DAST.CONFIG, and CONFIG.

Procedure

  1. Click File > Import > Explore Data.
  2. Browse to the saved Manual Explore file (EXD, HAR, DAST.CONFIG, or CONFIG), and click Open.
    Note: You can add multiple files when importing. However, if one of the files is a dast.config, you can only include one dast.config file at a time.
    The Import dialog box opens.
  3. The Import with responses check box is selected by default, and AppScan will analyze these responses when preparing to test the site. If your site has changed in a way that affects its responses, you can clear the checkbox, so that AppScan sends the requests again and gathers up-to-date responses. However, in this case it may be more effective to perform the Manual Explore again.
    Note: If the file was saved in a version of AppScan that did not save the response data, the check box is cleared and grayed out. You can click Import to import the requests, send them to the site, and gather new responses to analyze for testing. However, in this case it may be more effective to perform the Manual Explore again.
  4. To start scanning, click Import.
    1. AppScan analyzes the explore stage data. If the file covers domains that are not included in the current configuration, the domains are displayed in the Select domains to inlcude in scan dialog box.
      1. Select any domain you want to include in the scan and click Continue.
      2. Additionally, right click any domain to replace it with one of the domains available in the scan configuration and click Continue.
        Note:
        • This feature effectively lets you record a manual explore on one domain and replay the process on a different server that hosts the same application. This can be used, for example, to record a process on a staging server and replay it on a production server.
        • If the imported data contains an encrypted file, the import fails because AppScan does not support encrypted files. To resolve this, save the file without encryption and then import it again.
    2. If all the domains in the file exist in the scan configuration, AppScan imports the data and initiates the scan:
      • If the imported data includes responses, the cached data is analyzed in preparation for the Test stage.
      • If the imported data does not include responses, a full Explore stage is run first, followed by analysis of the responses to formulate tests for the Test stage.
    3. When the Explore stage and analysis are complete, the scan pauses.
  5. At this point you can optionally continue Manual or Automatic Exploring.
  6. To continue with the Test stage of the scan, click Scan > Continue Test.

What to do next

Related tasks:

Recording with a browser

Exporting Manual Explore data

Back to:

Using a browser