Simple automation with AppScan for multi-station scanning

Because AppScan can only enter a target when creating a new scan task, and there is no awvs/nessus to provide the Web interface, I used to think that AppScan could not set up a task auto-scan in bulk like Awvs.

However, a little experience to share today is simply a simple appscan automated scan.

In fact, the AppScan GUI interface creates a new scan task that specifies only one target and does not provide a awvs/nessus-like web interface, but it provides a "AppScanCMD.exe".

The manufacturer's idea of providing this gadget might be to make it easier for users to use AppScan for automated scanning at the command line. Its function is divided into: perform scan task and generate scan report two block .

Then let's introduce the syntax of the tool.

First look at the help information provided by the tool itself:

Let's talk about the meaning of these parameters.

Parameters	Shorthand	Shorthand 2	Meaning	Parameter Value Description	Parameter type
Exec	Ex	E	Perform a scan task
Report	Rep	R	Perform report generation tasks
/base_scan	/base	/b	Specify the base file format for. scan	Must be an absolute path to a. scan file	Must fill in
/dest_scan	/dest	/d	Specifies the file name formatted as. Scan	Must be the absolute path to the. scan file, can be the same file as Base_scan, or you can specify a new file, simply meaning the location and file name where the scan results are saved	Must fill in
/report_file	/rf		Specify the location and file name where the report is saved (file name without extension)	Where to save the report	Options available
/report_type	/rt		Specify report type (optional xml|pdf|rtf|txt|html)	The default value is XML	Options available
/min_severity	/ms		Specifies the level of vulnerability to be reflected in the report, and no level of vulnerability is written to the report (optional low|medium|high|informational)	The default value is informational, which is the prompt information and the above level of vulnerability are written to the report, equivalent to the full scanning of the vulnerability content	Options available
/verbose	/V		Verbose mode	If this parameter is selected, the scan status is dynamically displayed when scanning The default value is False, which means that the scan status is not displayed	Options available
/test_only	/to			The default value is False	Options available
/explore_only	/eo			The default value is False	Options available
/multi-step	/ms			The default value is False	Options available
/test_type	/tt		Optional all|application|infrastructure	The default value is all	Options available

The explanation here is not very detailed, but basically enough.

Understand the meaning and use of the parameters, then the next can be performed under DOS scan, because to achieve batch scanning, so I would generally write a bat script to execute.

Before the real start of the scan, we need to know one thing:

Appscancmd cannot use command line options to set scan parameters directly with Wvs_console, Appscancmd scan must be based on a base_scan to read the scan parameters.

So before using appscancmd we have to create a base_scan through the GUI. Create Base_scan the same as creating a new scan task under the GUI, the only difference in the Scan Configuration Wizard, select I'll start the scan later, and then save the scan to a file.

Complete the configuration, save the result file, and finally exit AppScan GUI.

Then, execute a DOS command or write a batch script to perform the scan:

@echo offappscancmd/e/b d:\merchant.scan/d d:\1.scan/vappscancmd/e/b d:\3.scan/d d:\2.scan/vappscancmd/e/b D:\4. SCAN/D d:\3.scan/vappscancmd/e/b d:\5.scan/d d:\4.scan/vappscancmd/e/b d:\6.scan/d d:\5.scan/vpause

Following the execution mechanism of a DOS command, the next command continues after the execution of the previous command, so that a batch is written to achieve the purpose of sequentially scanning multiple targets.

Following the explanation of the above parameters, the complete explanation of our commands in this batch is:

Perform a scan task, read the scan configuration information from the file D:\2.scan, and then save the scanned results to the same file, and display the scan details during the scan.

If you do not want to save the scan results to the same file, specify the new file name directly with the/d parameter.

OK, that's easy.

Simple automation with AppScan for multi-station scanning