Cookie Analysis

Webscarab is perhaps the only tool i can think of for this. I use this tool to figure out whether the session ids are predictable or not. The 'visualisation' feature is just great. Although the interface is not a very well designed and if you are a new user you have difficulties operating this tool but once you learn this tool its very handy. Some other great features include the compare feature which is a bit like 'diff' command in unix.

Another feature why i like this tool is for the inbuilt fuzzing module. Just specify the parameter in the request which you want to fuzz and point to the file containing the values, which you would like the paramter to take. Then use the 'compare' section to compare different responses and this should indicate whether fuzzing was successful or not. Although this also has a built in proxy feature, but i still prefer burp for proxy may be becuase of the better gui.

For the basic cookie analysis i use a firefox plugin. This plugin allows you to view all the cookies for a partciular domain currently set in your browser, and also allows you to edit them.