The AppScan window mode allows users to select only one scan target at a time, but if you want to scan multiple sites in bulk
You can do this by using the AppScanCMD.exe tool under the AppScan installation folder.
(1) AppScan window mode allows only one target site to be selected for scanning
(2) Go to the AppScan installation folder and look for the AppScanCMD.exe tool
(3) CMD open appscancmd View Help document, mainly divided into two parts, one is scan execution, the other is report generation.
C:\Program Files (x86) \ibm\appscan Standard>appscancmd.exe-Hprogram usage:appscancmd exec|ex|e parametrs: [/STARTING_URL|/SURL|/SU //Demo.testfire.net>][/dest_scan|/dest|/d <full_path> ] [ /base_scan|/Base|/b <full_path> ] [ /old_host|/ohost|/oh //Demo.testfire.net>][/new_host|/nhost|/nh //Testing.testfire.net>][/scan_template|/stemplate|/st <full_path> ] [ /LOGIN_FILE|/LFILE|/LF <full_path> ] [ /MULTI_STEP_FILE|/MSTEPFILE|/MF <full_path> ] [ /MANUAL_EXPLORE_FILE|/MEXPLOREFILE|/MEF <full_path> ] [ /POLICY_FILE|/PFILE|/PF <full_path> ] [ /additional_domains|/adomains|/ad <demo.testfire.net123> ] [ /REPORT_FILE|/RF <full_path> ] [ /report_type|/rt <Xml,Pdf,Rtf,Txt,Html,rc_ase>{XML}] [/min_severity|/msev <Informational,Low,Medium,High>{Informational}] [ /test_type|/tt <All,Application,Infrastructure,ThirdParty>] Flags: [/verbose|/v {false} ] [ /SCAN_LOG|/SL {false} ] [ /explore_only|/eo {false} ] [ /test_only|/to {false} ] [ /multi_step|/mstep|/ms {false} ] [ /Continue|/c {false} ] [ /merge_manual_explore_requests|/mmer {false} ] [ /include_responses|/ir {false} ] [ /OPEN_PROXY|/OPRXY|/OPR/LISTENING_PORT|/LPORT|/LP <port number>] You can create a new scan with Base_scan configuration, save Dest_scan, and create reports, if configured. Appscancmd Report|rep|R parametrs:/base_scan|/Base|/b <full_path>/REPORT_FILE|/RF <full_path> [ /report_type|/rt <Xml,Pdf,Rtf,Txt,Html,rc_ase>{XML}] [/min_severity|/msev <Informational,Low,Medium,High>{Informational}] [ /test_type|/tt <All,Application,Infrastructure,ThirdParty>] Flags: [/verbose|/v {false}] To create a base_scan report.
Appscancmd Close_proxy|cprxy|CPR If you have previously opened the AppScan agent, turn it off. Appscancmd Help|h Printing use.
(4) Explanation of some of the explanatory documents
(5) in AppScan installation directory (C:\Program files (x86) \ibm\appscan standard) Write batch file Source.bat,
The goal is to enable the AppScan batch scan site, the contents of the batch file are as follows
/e/b c:\appscancmd\website1.scan/d C:\appscanCMD\CompletedLog\website1.scan//e/b C:\appscanCMD\ WEBSITE2.SCAN/D C:\appscanCMD\CompletedLog\website2.scan//e/b c:\appscancmd\website3.scan/d c \ Appscancmd\completedlog\website1.scan/Vpause
The explanation of the fourth step explains that the tool commands used in the batch file are appscancmd first;
Second, use the "/E" parameter to indicate that the scan task is performed; the "/b" parameter specifies the basic file format for. Scan, and note that the file requires you
Generate a profile from the AppScan graphics page where you want to scan the site and save it locally, and the "/b" parameter is the absolute path to the configuration file.
How to generate a configuration file * * *
The "/d" parameter indicates the file name (containing the absolute path) after the scan is saved. You can then perform a batch scan from the command line.
AppScan Implementing a batch scan site