Penetration testers can utilize fragroute and wafw00f to identify whether there are any detection or prevention mechanisms put in place such as Intrusion Detection System (IDS) or an Intrusion Prevention system (IPS) or a Web application Firewall (WAF).
fragroute is a default tool in Kali Linux that can perform fragmentation of packets. The network packets will allow attackers to intercept, modify, and rewrite the egress traffic for a specific target. This tool comes in very handy on a highly secured remote environment.
The following screenshot provides the list of options that are available in fragroute to determine any network IDs in place:
Attackers can also write their own custom configuration to perform fragmentation attacks to delay, duplicate, drop, fragment, overlap, reorder, source-route, and segment. A sample custom configuration...