Certified Ethical Hacker (CEH v11) — Question 27

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?

Answer options

• A. tcpsplice
• B. Burp
• C. Hydra
• D. Whisker

Correct answer: D

Explanation

Whisker is a tool specifically designed for performing session splicing attacks, allowing attackers to bypass IDS detection by sending fragmented packets. While tcpsplice can manipulate TCP streams and Burp is a web application testing tool, neither is primarily focused on session splicing like Whisker. Hydra is a password-cracking tool and does not relate to session splicing at all.