Test Your Slang Project

Prerequisite: a system to scan!

To complete this guide, you will need a system to scan that matches the platform your Project was written for.

Open your project’s project.slang and check the platform you have declared. Here are your options:

  • If the platform matches the system you are running slang on, then you can scan LOCALHOST.
  • For Windows projects, you can scan a remote system that’s configured for Windows Remote Management (enabling WinRM) using the system’s IP (or hostname) and an Administrative username and password.
  • For macOS, Linux, Cisco and other non-Windows projects, you can scan a remote system that’s running SSH using the system’s IP (or hostname) and an SSH credential.

Create a Slang Scan Config

  1. Open the QuickStart project in VS Code (File, Open Folder)
  2. From the Terminal ([CTRL]+`), run slang export QuickStart quickstart.xml --scan_config QuickTest.
    • This will export the QuickStart Project to SCAP (XML) and attempt to run a scan configuration named QuickTest.
    • Since you haven’t configured QuickTest, Slang will walk you through configuring the scan target.
  3. Follow the prompts to configure QuickTest

View Test Results

  1. You should see a new folder in your project, scan_configs/QuickTest containing the scan configuration and results.
  2. Find the HTML report under scan_configs/QuickTest and open it in your browser to view the report.
    • Tip: you can open the report in your browser from the Terminal. Use start <path.to.report.html> on Windows and open <path.to.report.html> on macOS.

Iterative Development

Once you have created a scan configuration, you can edit your Slang and re-run the test using slang export QuickStart quickstart.xml --scan_config QuickTest.

Slang saved your QuickTest configuration and you won’t be prompted to create it again.

More Testing

Here are a few more testing tips:

  • To remove a scan configuration, delete the appropriate scan_configs subfolder
  • You can create as many scan configurations as you’d like by giving them each a unique name. For example, to create a configuration called WindowsNonCompliant, run slang export QuickStart quickstart.xml --scan_config WindowsNonCompliant.
  • If you’re scanning LOCALHOST, you can use the --elevate CLI parameter to skip the Scan as Administrator prompt. See slang export -h for details.

Questions? Feedback?

