How the Manual Explorer tool works

The Manual Explorer tool uses an internal proxy server which records HTTP/HTTPS traffic that goes through this proxy. When you start a browser from the Manual Explorer tool, the proxy information of the browser is updated so that all traffic from the browser goes through the tool's proxy server. The original proxy settings of the recording browser are restored after the recording session is closed. Do not change the browser proxy settings while the recording session is in progress, and do not browse to other websites in the Manual Explorer tool because that traffic will also be recorded and cause problems in the scan data. At the end of the recording session, you save the data to an HTTP traffic file, which you use to configure scans on the Enterprise Console. The format of the file is compatible with QuickScans, recorded logins, and explore data.

Follow the instructions in Manually exploring your site to add more URLs to the scan to download and install the tool.

Note: The Manual Explorer tool is NIST compliant. See Support for FIPS 140-2 and NIST SP800-131a security standards for details.

When your browser is not configured to use a proxy

Figure 1(a) shows a typical scenario where a browser is not configured to use any proxy settings. Figure 1(b) shows how the browser behavior changes when you start that browser from the Manual Explorer tool. The tool changes the proxy settings of the browser to 127.0.0.1:9999, which is the default configuration of the internal proxy server. When the browser is closed, the proxy settings are returned to the previous browser settings (in this case, no proxy setting).

When your browser is already configured to use proxy settings

Figure 2(a) shows a typical scenario when your browser has existing proxy settings to connect to the Internet. Here, the proxyhost refers to a configured proxy server address for the browser. When you launch the browser from the Manual Explorer tool, the tool collects existing proxy information. The Manual Explorer tool uses this original proxy setting (Proxyhost:port) to connect to the Internet as shown in Figure 2(b). Next, it replaces the browser proxy setting with its own proxy settings (127.0.0.1) for the recording session. When the browser is closed, its proxy settings are returned to the original value (in this case, Proxyhost:port).