The Syhunt Hybrid suite scans for the vulnerabilities listed in the OWASP's Top Ten Most Critical Web Application Security Vulnerabilities and the PHP Top 5 Vulnerabilities documents. The tool's database includes over 260 web application security checks in over 38 categories of web attacks. We have been adding new attack variants on a regular basis. Remote command execution, XSS (cross-site scripting), SQL injection, PHP configuration and filesystem attacks are some of the most known types of vulnerabilities tested by Syhunt.
A complete list of checks performed by Syhunt is available here.