How to analyze all the web pages of one web application keeping the session against a set of templates?

[pakkers]

I'm trying to test for security headers in my web application with nuclei. Imagine that I have this sitemap:

• login.html
  • home.html (need cookie session)
  • profile.html (need cookie session)
  • buy.html need (cookie session)
  • logout.html need (cookie session)

Then I use raw request to simulate the login. To maintain the session I use cookie_reuse tag), but now, how can analyze the rest of my web pages iterating thrown security headers templates (missing-csp.yaml, missing-hsts.yaml, etc.).

Maybe with headless templates ?? Maybe workflows if support cookie session??

Thanks in advance

[ehsandeep]

@pakkers As of now, cookie-reuse: true is usable within same template, so all the tests needs to be defined in the same template, but as you suggested.

Maybe workflows if support cookie session??

Having this support will definitely make things simple for advanced workflows.