Predefined templates

About this task

AppScan® comes with some predefined scan templates that are configured to produce the best results when testing AppScan® on a test site. These templates save you the need to adjust the many configuration options to optimize your scan. (Updates to these templates may be included in AppScan® updates from time to time.)

  • Regular Scan
  • demo.testfire.net (for scanning the Altoro Mutual Bank website, which has been created for demonstration purposes)
  • Hacme Bank
  • GraphQL (see Scanning a GraphQL web API)
  • Parameter-Based navigation
  • Production Site (configured for use with live production sites, see Scanning live production environments for more details)
  • Quick and Light Scan (configured to produce useful results in a short time)
  • WebGoat v5
  • WebSphere® Commerce
  • WebSphere® Portal

The table below shows some basic configuration details of some of the predefined templates.

Test Application

Path Exclusion

Path Limit

Explore Method*

Case Sensitive

Login

WebGoat

.*attack\?Num=.*

Off

Depth First

Yes

Username: guest Password: guest

demo.testfire.net

none

5

Breadth First

No

Username: jsmith Password: demo1234

* For details of Explore Method refer to Explore options view

To scan with a predefined template:

Procedure

  1. On the menubar, click File > New > New from template... > Browse.
  2. Browse to the AppScan templates folder, default location:
    C:\Program Files (x86)\HCL\AppScan Standard\Templates

    The scan configuration dialog box opens.

  3. Define the Starting URL for the scan (see Starting URL and domains).
  4. If applicable, record the login procedure, or supply username and password (see Login method).
  5. Click OK to close the dialog box.
  6. In the context toolbar, click Start full scan.