# appscan

下载地址：[官方](https://www.ibm.com/developerworks/cn/downloads/r/appscan/index.html)、[第三方](https://www.exehack.net/4894.html)

IBM公司开发的，商业漏洞扫描器，识别安全风险、生成漏洞扫描**报告**并获取**修复建议**

> 可自动化 Web 应用的安全漏洞评估工作，能扫描和检测所有常见的 Web 应用安全漏洞，例如 SQL 注入（SQL-injection）、跨站点脚本攻击（cross-site scripting）、缓冲区溢出（buffer overflow）及最新的 Flash/Flex 应用及 Web 2.0 应用曝露等方面安全漏洞的扫描。

Ctrl+N创建扫描

选择扫描类型(常规扫描)

配置扫描，一般情况选择不登陆爬行

启动全面扫描即可

[使用教程](https://blog.csdn.net/qq_36761831/article/details/80031086)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://wintrystb.gitbook.io/book/v_scan/appscan.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.