From Syhunt Web Application Security Docs

SyhuntHybrid4: FAQs

Basic FAQs

How many time Syhunt Dynamic will take to run all the tests?
Duration depends on the number of pages and applications your website contains and the scan method you selected. The web application checks (crawling stage) is usually the part of the scan that can take more time and depends on the size of the target site.

Is it safe to increase the number of threads?
Yes, it is. Syhunt Dynamic was developed to detect and inform about performance problems during the scan. Just keep an eye in the Events screen. If you see a large number of timeouts then your system (or the target system) is not handling it well. Don't worry if there is a small number of timeouts. Syhunt was coded to retry these requests.

Can I load a previous scan session and re-run reports again?
Yes, this is possible since the 3.0 release. Select the View option from the menubar and then Sessions. The Session Manager screen will open. Click Generate Report for the session you want and you will see the session results and the options to export data and generate reports.

Is there a list of tests that are conducted using the updated version of Syhunt?
You can get an idea of the tests by clicking the menu Help, and then select "Vulnerability List". See for the last update. This page gives you some idea of what gets added to Syhunt every month.

Are these tests CVE compliant?
Not all the checks have CVE numbers, but anything with a CVE is included in the scanner. So, any exploit that has been posted to forums like Bugtraq is in there as well, in addition to variations on exploits. For example, Syhunt Dynamic checks for several hundred forms of the Unicode exploit. There are also filters to prevent false-positives on all these checks.

Do any of the tests crash the tested host? As far as crashing the host - there are denial of service checks which may crash the tested host - you can turn those off when scanning though.

Is there any way to provide a list of IP addresses (not necessarily in the same range) for scanning? Yes. See the QuickStart for detailed information on this.

How can I configure the DB Update? You should enter these in the Login screen:

  1. Start Syhunt
  2. Click the menu File-> Login option
  3. Fill in your username and password (please note that the password is case sensitive!). And press Connect.

When was Syhunt's last database update? See for the last update.

Does Syhunt Dynamic have any problems with personal firewalls?
Yes, you'll just have to let the firewall know that Syhunt is authorized to make connections to the Internet. However, some software firewalls do not handle high loads very well. It is not recommended to run both a personal firewall and Syhunt on the same machine.

If you're running a PC firewall on the scanning system that does outbound filtering, try disabling it - we've occassionally seen firewalls automatically block a program's socket calls without first prompting the user as to whether or not it should be allowed to make connections.

Is there any way to scan ports 23 (telnet) and 21 (ftp)?
Syhunt is not a general purpose security scanner, it is specialized for evaluating web servers. The port option is just there for HTTP servers that happen to run on something other than 80.

Is there any way to use a proxy server for web scanning?
Does your net connection require a proxy server for web access? If so, you'd have to configure Syhunt Dynamic with that information. Syhunt will ask for this information after the installation. Using proxy servers for HTTP scanning is also possible, but not recommended.

Name Changes

What happened to Sandcat Platinum and TrustSight?
Sandcat Platinum was renamed to Sandcat Pro a few years ago and later to Syhunt Dynamic. The TrustSight technology was absorbed into the Syhunt Dynamic software.

What happened to Collapse?
Collapse is now the main GUI application of the Syhunt suite. It integrates all the functionality of the Syhunt scanners.

Retrieved from
Page last modified on December 05, 2013, at 10:29 PM