Early today I received this question:
"I've been looking for a way to integrate Appscan Enterprise with Selenium and noted some blog posts of yours that show integration with Appscan for various purposes.
"I've been looking for a way to integrate Appscan Enterprise with Selenium and noted some blog posts of yours that show integration with Appscan for various purposes.
I would like to know if you have any ideas on how it may be possible to glue together Selenium & Appscan. I'm wishing there was a way to port Selenium to Manual Explore."
to which I replied:
"I have not used AppScan enterprise a lot, but doesn't it have a proxy function? If so, you could feed your selenium scripts to it first, and then let it fuzz/test it.
to which I replied:
"I have not used AppScan enterprise a lot, but doesn't it have a proxy function? If so, you could feed your selenium scripts to it first, and then let it fuzz/test it.
Have you seen the equivalent technique used by ZAP proxy?"
So here is my Question: Any good resources on how to create such 'AppScan Enterprise + Selenium' setup?
The idea is to use Selenium scripts to define how the app works and then use AppScan Enterprise (a BlackBox scanner) to apply security testing on top
References on ZAP and Selenium:
So here is my Question: Any good resources on how to create such 'AppScan Enterprise + Selenium' setup?
The idea is to use Selenium scripts to define how the app works and then use AppScan Enterprise (a BlackBox scanner) to apply security testing on top
References on ZAP and Selenium:
- Security testing with Selenium and the Zed Attack Proxy (ZAP)
- Automated Security Testing
- Security regression testing using Selenium and ZAP
