Language: PHP DB: MYSQL Webserver: APACHE2 (= LAMP)
I am assessing different Vulnerability Scanners by running them against Vulnerable Web Applications (XVWA for instance). The Problem is, that after multiple requests made from the scanner, a Request with a specific PHPSESSID does not get any more responses from the webserver. But the Webserver is not down, it is just not responding to the PHPSESSID from the scanner - if i set my PHPSESSID Cookie in Chrome DevTools to that of the scanner, i also do not get any more responses from the server. But i do get responses with any other cookie value.
So the scanner seem to be stuck for ever - the scanner does not change the phpsessid cookie and the webserver does not reply a response with the given phpsessid, so i cannot conduct my assessment.
Is there maybe a simple solution to this problem, so that no scanner is getting "banned" or "blocked" during execution?
Thank you!
