Technology | Coverage Type | Extension(s) |
Any server-side scripting platform | | N/A |
Any web server platform | | N/A |
Apache HTTP Server | | N/A |
ASP (Classic) | | .asp |
ASP.NET | | .aspx |
HTML | | Any |
JavaScript | | .js |
Java / JSP | | .java, .jsp |
Lua* | | .lua, .lp |
Perl | | .pl |
PHP | | .php, .phtml, .php3, .php4, .php5, .php6, .phps |
Python | | .py, .psp, .psp_, .wsgi |
Ruby | | .rb |
(*) indicates initial or beta support for code scan
Coverage Type
- - White Box (Source Code Scan)
- - Black Box (Dynamic Scan)
- - Complementary Settings Scan
- - Log Scan
Apache HTTP Server Support
- Syhunt Dynamic remotely scans Apache HTTP Servers for known vulnerabilities.
- Syhunt Hardener scans Apache configuration files for weak security settings.
- Syhunt Insight scans Apache logs for intrusion attempts.
ASP & ASP.NET Support
- Syhunt Dynamic remotely scans any type of ASP/ASP.NET web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of ASP/ASP.NET web applications for vulnerabilities.
For details about the ASP code scanning capabilities available in Syhunt Hybrid, see: Vulnerable ASP Code
HTML Support
- Syhunt Dynamic comes with an intelligent HTML parser that can handle malformed HTML like a web browser.
- Syhunt Dynamic is both HTML5 and CSS3-aware.
- Syhunt Code can identify key HTML tags within the source code of a web application.
HTTP Support
- Syhunt Dynamic remotely scans all types of web servers, such as Unix, Linux or NT, for vulnerabilities.
- Syhunt's HTTP feature set includes:
- HTTPS support (SSL 2/SSL 3/TLS 1)
- Certificates support
- Basic & NTLM authentication support
- HTTP 1.0 and 1.1 support
- Keep-Alive support
- HTTP redirection support
- Syhunt Insight scans HTTP logs created by web servers for intrusion attempts.
JavaScript/AJAX Support
- Syhunt Dynamic can parse, emulate & execute JavaScript code.
- Syhunt Dynamic remotely exploits AJAX-based web applications.
- While scanning a web site, Syhunt Dynamic performs XHR requests if necessary.
- Syhunt Code can identify key AJAX / JavaScript within the source code of a web application.
JSP Support
- Syhunt Dynamic remotely scans any type of Java / JSP web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of Java and JSP web applications for vulnerabilities.
For details about the Java code scanning capabilities available in Syhunt, see: Vulnerable JSP Code
PHP Support
- Syhunt Dynamic remotely scans any type of PHP web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of PHP web applications for vulnerabilities.
- Syhunt Hardener scans PHP configuration files for weak security settings.
For details about the PHP code scanning capabilities available in Syhunt, see: Vulnerable PHP Code
Python Support
- Syhunt Dynamic remotely scans any type of Python web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of Python CGI, WSGI, Mod_python, PSP and Django web applications for vulnerabilities.