From Syhunt Web Application Security Docs

SyhuntHybrid5: FAQs

Basic FAQs

How many time Syhunt Dynamic will take to run all the tests?
Duration depends on the number of pages and applications your website contains and the scan method you selected. The web application checks (crawling stage) is usually the part of the scan that can take more time and depends on the size of the target site.

Is it safe to increase the number of threads?
Yes, it is. Syhunt Dynamic was developed to detect and inform about performance problems during the scan. Just keep an eye in the Messages screen. If you see a large number of timeouts then your system (or the target system) is not handling it well. Don't worry if there is a small number of timeouts. Syhunt was coded to retry these requests.

Can I load a previous scan session and re-run reports again?
Yes, select the Past Sessions option from the Menu. The Session Manager screen will open. Click Generate Report for the session you want and you will see the session results and the options to export data and generate reports.

Is there a list of tests that are conducted using the updated version of Syhunt?
You can get an idea of the tests by clicking the Menu -> Help, and then select "Vulnerability List".

Are these tests CVE compliant?
Not all the checks have CVE numbers, but anything with a CVE is included in the scanner. So, any exploit that has been posted to forums like Bugtraq is in there as well, in addition to variations on exploits. For example, Syhunt Dynamic checks for several hundred forms of the Unicode exploit. There are also filters to prevent false-positives on all these checks.

Do any of the tests crash the tested host?
As far as crashing the host - there are denial of service checks which may crash the tested host - you can turn those off when scanning though.

Is there any way to provide a list of IP addresses (not necessarily in the same range) for scanning?
Yes. See the SyHybriCS for detailed information on this.

Does Syhunt Dynamic have any problems with personal firewalls?
Yes, you'll just have to let the firewall know that Syhunt is authorized to make connections to the Internet. However, some software firewalls do not handle high loads very well. It is not recommended to run both a personal firewall and Syhunt on the same machine.

If you're running a PC firewall on the scanning system that does outbound filtering, try disabling it - we've occassionally seen firewalls automatically block a program's socket calls without first prompting the user as to whether or not it should be allowed to make connections.

Is there any way to scan ports 23 (telnet) and 21 (ftp)?
Syhunt is not a general purpose security scanner, it is specialized for evaluating web servers. The port option is just there for HTTP servers that happen to run on something other than 80.

Name Changes

What happened to Sandcat Platinum and TrustSight?
Sandcat Platinum was renamed to Sandcat Pro a few years ago and later to Syhunt Dynamic. The TrustSight technology was absorbed into the Syhunt Dynamic software.

What happened to Collapse?
Collapse is now the main GUI application of the Syhunt suite. It integrates all the functionality of the Syhunt scanners.

Retrieved from
Page last modified on October 04, 2015, at 03:57 AM