nerdexam
GIAC

GPEN · Question #220

GPEN Question #220: Real Exam Question with Answer & Explanation

The correct answer is C. Whisker. Whisker is an HTTP vulnerability scanner that pioneered session splicing and other IDS evasion techniques by splitting HTTP requests into small fragments to bypass signature detection.

Question

Which of the following tools can be used for session splicing attacks?

Options

  • AADMutate
  • BAPNIC
  • CWhisker
  • DARIN

Explanation

Whisker is an HTTP vulnerability scanner that pioneered session splicing and other IDS evasion techniques by splitting HTTP requests into small fragments to bypass signature detection.

Common mistakes.

  • A. ADMutate is a tool that mutates shellcode to produce polymorphic exploit payloads, used to evade IDS shellcode signatures, not for HTTP session splicing.
  • B. APNIC (Asia Pacific Network Information Centre) is a Regional Internet Registry that manages IP address allocation in the Asia-Pacific region and has no offensive security tool function.
  • D. ARIN (American Registry for Internet Numbers) is a Regional Internet Registry responsible for IP address management in North America and is not a security attack tool.

Concept tested. Session splicing IDS evasion tool identification

Reference. https://resources.infosecinstitute.com/topics/hacking/session-splicing/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice
Which of the following tools can be used for session splicing attacks? | GPEN Q#220 Answer | NerdExam