• 1 reply
  • Latest Post - ‏2012-09-13T12:51:39Z by bbrazeau
403 Posts

Pinned topic Scanning Web Services with WSDL

‏2012-09-12T09:01:06Z |

Is there a way to use AppScan Standard Edition to scan a web service without a WSDL. Could it be done by recording a set of example requests the service?

When I create a new scan and select Web Service, it seems to require that a WSDL be entered.

  • bbrazeau
    148 Posts

    Re: Scanning Web Services with WSDL

    Hi Philip

    For AppScan Standard, for the starting URL, you would still need at least to put the domain name (e.g. instead of of where the requests were being sent. If you are going to be using endpoints, you do not need to put the WSDL location as it does not exist, at the very least, just domain you will be security testing. Once this is setup, you can use the GSC to record the endpoint requests and capture them for AppScan Standard.