Supported Technologies & Languages

TechnologyCoverage TypeExtension(s)
Any server-side scripting platformN/A
Any web server platform N/A
Apache HTTP Server N/A
ASP (Classic) .asp
ASP.NET* .aspx
HTML Any
JavaScript/AJAX .js
JSP*.jsp
Lua.lua, .lp
Perl .pl
PHP .php, .phtml, .php3, .php4, .php5, .php6, .phps
Python .py, .psp, .psp_, .wsgi
Ruby.rb

(*) indicates initial or beta support for code scan

Coverage Type

  • - White Box (Source Code Scan)
  • - Black Box (Dynamic Scan)
  • - Complementary Settings Scan
  • - Log Scan

Apache HTTP Server Support

  • Syhunt Dynamic remotely scans Apache HTTP Servers for known vulnerabilities.
  • Syhunt Hardener scans Apache configuration files for weak security settings.
  • Syhunt Insight scans Apache logs for intrusion attempts.

ASP & ASP.NET Support

  • Syhunt Dynamic remotely scans any type of ASP/ASP.NET web application for both known and custom vulnerabilities.
  • Syhunt Hybrid scans the source code of ASP/ASP.NET web applications for vulnerabilities.

For details about the ASP code scanning capabilities available in Syhunt Hybrid, see: Vulnerable ASP Code

Flash & Silverlight Support

  • Syhunt Dynamic scans both Flash & Silverlight applications looking for links to follow and parameters to manipulate.

HTML Support

  • Syhunt Dynamic comes with an intelligent HTML parser that can handle malformed HTML like a web browser.
  • Syhunt Dynamic is both HTML5 and CSS3-aware.
  • Syhunt Code can identify key HTML tags within the source code of a web application.

HTTP Support

  • Syhunt Dynamic remotely scans all types of web servers, such as Unix, Linux or NT, for vulnerabilities.
  • Syhunt's HTTP feature set includes:
    • HTTPS support (SSL 2/SSL 3/TLS 1)
    • Certificates support
    • Basic & NTLM authentication support
    • HTTP 1.0 and 1.1 support
    • Keep-Alive support
    • HTTP redirection support
  • Syhunt Insight scans HTTP logs created by web servers for intrusion attempts.

JavaScript/AJAX Support

  • Syhunt Dynamic can parse, emulate & execute JavaScript code.
  • Syhunt Dynamic remotely exploits AJAX-based web applications.
  • While scanning a web site, Syhunt Dynamic performs XHR requests if necessary.
  • Syhunt Code can identify key AJAX / JavaScript within the source code of a web application.

JSP Support (Beta)

  • Syhunt Dynamic remotely scans any type of JSP web application for both known and custom vulnerabilities.
  • Syhunt Hybrid scans the source code of JSP web applications for vulnerabilities.

For details about the JSP code scanning capabilities available in Syhunt, see: Vulnerable JSP Code

PHP Support

  • Syhunt Dynamic remotely scans any type of PHP web application for both known and custom vulnerabilities.
  • Syhunt Hybrid scans the source code of PHP web applications for vulnerabilities.
  • Syhunt Hardener scans PHP configuration files for weak security settings.

For details about the PHP code scanning capabilities available in Syhunt, see: Vulnerable PHP Code

Python Support

  • Syhunt Dynamic remotely scans any type of Python web application for both known and custom vulnerabilities.
  • Syhunt Hybrid scans the source code of Python CGI, WSGI, Mod_python, PSP and Django web applications for vulnerabilities.
Page last modified on November 02, 2016, at 11:05 AM