Is there a way to use AppScan Standard Edition to scan a web service without a WSDL. Could it be done by recording a set of example requests the service?
When I create a new scan and select Web Service, it seems to require that a WSDL be entered.
bbrazeau 2700013NU6148 Posts
Re: Scanning Web Services with WSDL2012-09-13T12:51:39ZThis is the accepted answer. This is the accepted answer.Hi Philip
For AppScan Standard, for the starting URL, you would still need at least to put the domain name (e.g. demo.testfire.net instead of demo.testfire.net/transfer/tranfer.asmx?wsdl) of where the requests were being sent. If you are going to be using endpoints, you do not need to put the WSDL location as it does not exist, at the very least, just domain you will be security testing. Once this is setup, you can use the GSC to record the endpoint requests and capture them for AppScan Standard.