Can you add a module for scanning for Local and Remote File Includes?

Yes that should be relatively simple enough to implement. I will try fit it in 
for the next release.

The test that checks for potentially insecure direct object references looks 
for file names, or paths, in the URL query string but does not actually go the 
step further and manipulate them to test for RFI/LFI.

Using dynamic methods for this is far better than using someone elses shell. 
See code.google.com/p/fimap for ideas. 
Adding RFI/LFI to this would be excellent - I think a good compromise would be 
to have it test for LFI/RFI on all parameters, while also using the rfilist.dat 
file floating around (I will link when I find it) to check paths, just in case.
Loving the project though!

Great that you like the project! Yes I agree, I think the scanner should have 
support for this vulnerability as it can be a high-risk one. I released another 
version yesterday but, unfortunately, I only had a few days to spend on the 
project and had a few issues to fix so I did not think I would fit this in. I 
should definitely be able to fit it in for the next one though. Thanks for the 
feedback and suggestions!