Organizations in different markets and industries use the Syhunt technology for securing web applications.


We have been using Syhunt for a couple of years now during different penetration tests. It has discovered a number of SQL injections and XSS vulnerabilities we would have missed if tested by hand. One of the best ways of using Syhunt is by combining the source code analysis with the dynamic scanner to quickly zoom in on the real issues. Support by Syhunt has been outstanding, quick to reply and resolve questions. more

Arthur Donkers, Security Officer, 1Secure, Netherlands

Ertech Systems

With an objective approach, Syhunt has been able to identify a wide variety of threats, such as web server configuration weaknesses, susceptibility to denial-of-service attacks, and ranging to many serious application vulnerabilities such as SQL Injection and Cross Site Scripting (XSS). In my experience, Syhunt has proven its effectiveness to simulate numerous attack scenarios. It is a great product with an exceptional support team. more

Renato Andalik, Security Expert and CSO, Ertech Systems, Brazil


Solutionary constantly evaluates application and network scanning tools for use in our best-of-breed assessment approach. Syhunt consistently makes our list as one of the most effective and valuable tools on the market today.

Matt McDermott, Security Engineer II, Solutionary, Inc., United States

Wolverhampton City Council

Wolverhampton City Council has used the Syhunt products for a number of years. We find them extremely thorough in comparison to other scanning tools and they form an essential part of our testing process.

Dave Woodcock, Security Team Leader, Wolverhampton City Council, United Kingdom

Infoshield Consulting

Having being in contact with them over the past 4 years we must say that Syhuntīs dedication to research and development, and their customer service departmentīs fantastic responsive and personal customer support has really paid off.

Wipul Jayawickrama, Managing Director, Infoshield Consulting, Australia

MicroSolved, Inc.

The Syhunt suite is a complete solution for performing website baseline assessments. It provides an easy to use interface and effective reporting to security staff members. Its use can be a great time saver and dramatically increase the overall security posture of an organizationīs web presence.

Brent Huston, CEO, MicroSolved, Inc., United States

Verizon Business

Syhunt Dynamic is the most comprehensive web server scanning tool that I have come across. When I need to scan web servers I use Syhunt because Nessus and other tools just donīt have the depth of vulnerability database that Syhunt has.

Stuart Unsworth, Security Expert, Verizon Business, Australia

Sec-Tec, Ltd.

Faster, more resilient against unusual web servers, and excellent control over resource utilisation

David Wray, Managing Director of Sec-Tec, Ltd., United Kingdom

Expert Systems Resources, Inc.

The Syhunt Scanner incorporates very advanced techniques and features to prevent false positives and they work extremely well. This really helps to weed out the clutter and identify the real security vulnerabilities.

Paul Woroshow, Vice-President, Expert Systems Resources, Inc., Canada

MicroSolved, Inc.

We have identified significant vulnerabilities in each of the popular content managers we reviewed [using Syhunt Code for PHP]. Several of the products were found to have various types of injection vulnerabilities (SQL/command/etc.), arbitrary file disclosure and access issues and tons of cross-site scripting (XSS) problems.

Brent Huston, CEO, MicroSolved, Inc., United States

Stealth - ISS Inc.

We use a numbers of different security tools and techniques, including commercially available software and open sources tools. The major tools that are being used are eEye, ISS and Syhunt products as well as other products that meet the latest technology and security standards and have been approved by governmental institutions. Using a combination of these tools and techniques we are able to identify known security problems in our customerīs networks.


Web Hacking Exposed

We liked the GUI and the simplicity of Syhunt‘s user model. We had a very positive experience working with the product‘s development team

Web Hacking Exposed


We use Syhunt on almost a daily basis. It is an amazing tool to work with. Pretty fast and very accurate.



A robust, filter-evasion capable web application scanning tool. The newly added features have made this tool a must in the security side of web based application exploitation. This tool will help to identify problems before attackers can find them and exploit them.


Syhunt Insight

CMS Security Handbook

Log analysis is vital after a hack, and this tool makes it easier. Syhunt enables you to review your log files for potential and confirmed attacks.

Tom Canavan, CMS Security Handbook

Web Hacking Exposed

While the benefit of being able to securely configure a web server through your web application security assessment tool is obvious, we were unsure about the log analysis feature until we tired it on one of the authorīs personal web servers hosting several applications live on the Internet

Web Hacking Exposed

Syhunt Harden & Other Syhunt Tools


For many people who donīt want to become security specialists configuring an application to run securely is often a daunting task. By automatically analyzing Apache and PHP installations, and giving expert advice, the Syhunt Harden software allows common people to secure their Apache installations without spending more time on the task than necessary.

Ivan Ristic, Developer of ModSecurity, founder of Thinking Stone, and member of the Web Application Security Consortium, OASIS, and the PHP Security Consortium, United Kingdom