Add automated/configurable session management for tested apps (e.g support for JSESSIONID, PHPSESSID, aspsessionid.*, asp.net_sessionid, etc)

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Pick a test Web application which normally requires authentication
2. Point webvulscan to the test Web app and attempt a scan
3. Currently, there is no way the tool will pass login page (unless 
authentication is disabled entirely for the test app - which is unrealistic)

What is the expected output? What do you see instead?
Be able to scan an app which requires authentication and normally uses 
authorisation cookies to maintain the user session on client-side. Currently, 
this is not possible with latest version of webvulscan tool.

What version of the product are you using? On what operating system?
webvulscan_v0.12

Please provide any additional information below.

Original issue reported on code.google.com by marian.v...@gmail.com on 17 Oct 2012 at 1:09

[GoogleCodeExporter]

Original comment by webvuls...@gmail.com on 22 Oct 2012 at 11:13

• Added labels: Priority-High, Type-Enhancement
• Removed labels: Priority-Medium, Type-Defect

[GoogleCodeExporter]

Original comment by webvuls...@gmail.com on 22 Oct 2012 at 11:16

• Changed state: Accepted