Certified Ethical Hacker (CEH v13) — Question 116

An organization decided to harden its security against web-application and web-server attacks. John, a security personnel in the organization, employed a security scanner to automate web-application security testing and to guard the organization's web infrastructure against web-application threats. Using that tool, he also wants to detect XSS, directory transversal problems, fault injection, SQL injection, attempts to execute commands, and several other attacks.
Which of the following security scanners will help John perform the above task?

Answer options

• A. AlienVault® OSSIMTM
• B. Syhunt Hybrid
• C. Saleae Logic Analyzer
• D. Cisco ASA

Correct answer: B

Explanation

The correct answer is B, Syhunt Hybrid, which is specifically designed for web application security testing and can detect various vulnerabilities including XSS and SQL injection. Options A, C, and D do not focus on web application security testing; AlienVault® OSSIMTM is more of a SIEM solution, Saleae Logic Analyzer is used for hardware debugging, and Cisco ASA is a firewall appliance.