AppScan Activity Recorder
Item logo image for AppScan Activity Recorder

AppScan Activity Recorder

Featured
4.8(

5 ratings

)
Item media 2 screenshot
Item media 3 screenshot
Item media 1 screenshot
Item media 2 screenshot
Item media 3 screenshot
Item media 1 screenshot
Item media 2 screenshot
Item media 1 screenshot
Item media 2 screenshot
Item media 3 screenshot

Overview

Record traffic and actions to use in an AppScan Dynamic Analysis scan

AppScan Activity Recorder simplifies web application security testing. It allows you to capture manual crawl, login, and multi-step data (traffic and actions) for an AppScan Dynamic Analysis scan. Usage Instructions: • Open a website to record its browsing activity in the Chrome browser. • On the address bar, click the AppScan Activity Recorder extension icon to start recording the browsing activity. • The AppScan extension icon blinks indicating progress in recording the activity. • Tip: The extension icon’s tooltip displays the domain URL being recorded. This is particularly useful when you are accessing different sites in same chrome browser instance. • Perform the browsing activity. • Click the AppScan extension icon to stop recording. Or • Click Cancel in the chrome debugging message dialog box to stop recording. • The browser prompts you to save the recording in *.dast.config file format. Options page: Access the options page by right-clicking the extension icon in the toolbar and then selecting options. Or navigate to the options page by, first, opening chrome://extensions, locating the "AppScan Activity Recorder" extension, clicking Details, and then selecting the "Extension options" link. • Open debugger window: This option shows the user activity in a separate window. • Enable encryption: This option allows encryption of the recording to prevent exposure of recorded information. Note: Encrypted recorded files will be supported in HCL AppScan Enterprise version 10.4.0 and above and HCL AppScan on Cloud. Any HCL AppScan Integrations as for e.g. HCL AppScan Jenkins and HCL AppScan Azure DevOps Plugins, which integrate with HCL AppScan Enterprise and HCL AppScan on Cloud will also support encrypted recorded files for DAST Scans execution. Changelog: • 1.1.0 - Support to encrypt recorded files. - Bug fixes. • 1.0.10 - Updated AppScan icons. • 1.0.9 - Support for adding browser version and debug option to recorded traffic file. - Bug Fixes related to GPO support. • 1.0.8 - Support for "runtime_blocked_hosts" Extension settings GPO policy to validate the URL to record traffic. Follow instructions in “Set Chrome app and extension policies (Windows)” in this link: https://support.google.com/chrome/a/answer/7532015 to set "runtime_blocked_hosts" Extension settings GPO policy in Chrome Browser. Follow instructions in “Configure Microsoft Edge policy settings on Windows” in this link: https://docs.microsoft.com/en-us/deployedge/configure-microsoft-edge to set "runtime_blocked_hosts" Extension settings GPO policy in Edge Browser. - Capture AppScan Activity Recorder version info in recorded traffic file. • 1.0.7 - Fixed a bug to resolve issues wherein partial headers and HTML response were being captured in recorded traffic files. • 1.0.6 - Support for the new Edge version released on January 15th, 2020 and downloadable from "https://support.microsoft.com/en-in/help/4501095/download-the-new-microsoft-edge-based-on-chromium". Follow instructions in “To add an extension to Microsoft Edge from the Chrome Web Store” in this link: "https://support.microsoft.com/en-us/help/4538971/microsoft-edge-add-or-remove-extensions" to install AppScan Activity Recorder extension in Edge. • 1.0.4 - Support to start recording from a blank URL. • 1.0.3 - Support for log window to records cookies, actions and the requests being hit. • 1.0.0 - First release NOTES: • This extension will record browser traffic that includes request/response and user actions. Scope of recording is only for the current “active” tab where the extension is invoked. No activity is recorded for other tabs even if user switches to those. • Before starting the recording, it is recommended to logout from the site; disable auto-sign in/ auto-fill from Chrome settings to enable this extension to record all Browser tab activity. • Analysis of recordings from websites using HTTP/2 is not currently supported by AppScan. • From Chrome Version 84.0.4147.105 (Official Build) (64-bit) released on July 28th, 2020, you will see the info banner lingering even after the recording is stopped explicitly via the AppScan Activity Recorder icon. Please note this will not hamper the saved recording or the extension functionality in any way. Chrome WebStore Dev Support team has confirmed this as an intentional change. Please click on “Cancel” to dismiss the banner. • When Extension GPO policy "runtime_blocked_hosts" is set, during the recording of a non-blocked host, if you change the URL to blocked host URL then the final recording will have recording data from both sites.

4.8 out of 55 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Michael BaroneFeb 18, 2019

This extension would be even better if it could start automatically on opening chrome!

3 out of 3 found this helpful

Details

  • Version
    1.1.0
  • Updated
    November 29, 2023
  • Offered by
    app.sec.hcl
  • Size
    1.36MiB
  • Languages
    English
  • Developer
    HCL Technologies
    Bangalore SEZ, No. 129, Jigani Bomasandra, Link Road, Bangalore, Karnataka 562106 IN
    Email
    vinita-s@hcl.com
  • Trader
    This developer has identified itself as a trader per the definition from the European Union.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Related

Carbon Devtools

5.0(1)

A basic set of tools for teams building live Carbon pages.

Cyber Web Tools

1.0(5)

Chrome extension to analysis your website security. It provides various tools to find web security loopholes.

IBM Equal Access Accessibility Checker

4.9(14)

A web browser extension for checking accessibility issues

Rapid7 AppSec Plugin

3.7(3)

Rapid7 AppSec Plugin

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

Input hidden Monitor

0.0(0)

Monitoring of Hidden inputs

Burp Suite Navigation Recorder

5.0(3)

Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website.

IP, DNS & Security Tools | HackerTarget.com

4.2(31)

Quick access to IP, DNS & Network Tools. Check DNS, Whois, ASN, Traceroute, Ping and more. Tools for technical operators.

Detectify Recorder

5.0(5)

Detectify Recorder allows you to record interactions with a website which Application Scanning can use during security testing.

Hack-Tools

4.7(22)

The all in one Red team extension for web pentester

Scripter debugger extension

5.0(2)

This extension debugs the scripter blocks and load proccess

Tenable.io Web Application Scanning

3.0(3)

This extension helps you easily create and manage your web application scans for Tenable.io Web Application Scanning.

Carbon Devtools

5.0(1)

A basic set of tools for teams building live Carbon pages.

Cyber Web Tools

1.0(5)

Chrome extension to analysis your website security. It provides various tools to find web security loopholes.

IBM Equal Access Accessibility Checker

4.9(14)

A web browser extension for checking accessibility issues

Rapid7 AppSec Plugin

3.7(3)

Rapid7 AppSec Plugin

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

Input hidden Monitor

0.0(0)

Monitoring of Hidden inputs

Burp Suite Navigation Recorder

5.0(3)

Improve your Burp Suite scan coverage by manually capturing how to perform complex actions on your website.

IP, DNS & Security Tools | HackerTarget.com

4.2(31)

Quick access to IP, DNS & Network Tools. Check DNS, Whois, ASN, Traceroute, Ping and more. Tools for technical operators.

Google apps