[Java-project] Need a little help with WebScarab SessionID Analysis

David Ryan dave.ryan at gmail.com
Wed Aug 23 17:29:49 EDT 2006


On 23/08/06, Verachten Bruno <Bruno.Verachten at atosorigin.com> wrote:
> Hi all,

Hi there,

> I'm trying to implement some of the OWASP rules in our code, and I'm
> facing a little problem with the WebScarab SessionID Analysis.
> I found an Howto there :
> http://www.owasp.org/index.php/How_to_test_session_identifier_strength_w
> ith_WebScarab but it refers to a "radio button [that] is set to
> 'Cookies'". I can't find it anywhere in the GUI, so I'm stuck with my
> session cookies in the headers of the requests.
> Can anyone help?

I'm not sure if this is the correct list for help on this tool (which
perhaps explains the lack of response!). However, I _think_ this
refers to the "Get cookies from response" checkbox (perhaps radio
button is a typo?) under the Proxies -> Miscellaneous section ... I
believe "checked" is the default.

Cheers.



More information about the Java-project mailing list