Here I mainly share how to use AppScan to perform a security scan on some functions of a large project.
------------------------------------------------------------------------
In fact, very little is known about security testing. Because that company requires a monthly security scan of the product. I have mastered the skills of using one person, so I will share it with you.
Because the product is relatively large and there are many functional modules, it is impossible for us to scan the entire product. Again, each tester is responsible for testing different modules. We only need to scan the modules we are responsible for testing.
The scanning tool is naturally IBM AppScan, which is powerful and easy to use. Anyone who knows a little about security testing has used or heard of this tool. Not much to introduce here.
Extract links to scanned features
The first thing to do is to extract the scanned links. fiddler tool to extract. Open the system, find the function module you need to scan, turn on the fiddler interception function, and then perform various operations on the function you want to test, and fiddler will record all the visited links. Because it involves privacy, the picture below will be vague. .
In fact, there are a lot of links in the request, but many of them are the same, we just need to find out all the different ones. Here you need to know about each connection. There are also some external links that do not need to be extracted.
aaa.bbb.cn g2.aaa.bbb.cn g1.aaa.bbb.cn webapp.aaa.bbb.cn uec.aaa.bbb.cn addrapi.aaa.bbb.cn smsrebuild1.aaa.bbb.cn disk2.aaa.bbb.cn mw.aaa.bbb.cn scriptlog.aaa.bbb.cn images.139cm.com appmail.aaa.bbb.cn gfile5-disk.aaa.bbb.cn gfile8-disk.aaa.bbb.cn gfile7-disk.aaa.bbb.cn
After extracting all the links, there are few. There is not much to remove the duplicates.
Complete the configuration wizard
Open appscan below to create a scan. (I have already talked about the download, installation, cracking, and introduction of appascan in another blog post)
Select Regular scan to enter the configuration wizard. Click Next to enter the configuration
The above step is the key point. The starting URL fills in the URL you want to scan. Other servers and domains: Add all the extracted links here. Include a link to the home page of the post site. Click Next.
Here are three ways to record the account, not much introduction. The first and third are the most common.
Then click on the next option after several next steps, select the third or fourth item to complete the configuration of the scan.
Record scan script
After completing the configuration, it is time to start recording the script.
Click the explore button on the toolbar, appscan will open its own browser, enter the system user name and password to log in to the system, and operate the function of the module you want to scan.
The picture above shows the appscan's own browser that I opened (because the URL I entered was wrong, so I couldn't access it). After the operation is complete, click the Pause button to close the browser window.
After closing the browser, all the connections you visit will be recorded in the above window, click OK. All the information will be recorded, the next thing to do is click on the scan button on the toolbar to start scanning. We usually go off work in the evening, and the scan results can be seen the next morning.
------------------------------------
I could have ended it here, and I will talk more about the settings. Ha ha! When manually exploring, because the opened browser is built with appscan, there may be compatibility problems, and some pages cannot be opened normally. So is it possible to use the browser (IE, Firefox, Google) on our computer to record? Of course it is possible.
menu bar--tools--options--advanced
This must be a big picture, we only need to modify the parameters of the openExternalBrowser option "value" (1=IE, 2=firefox, 3=chrome).
| @ Crayon |