We have identified significant vulnerabilities [using Syhunt Code]. Several products we reviewed were found to have various types of injection vulnerabilities, arbitrary file disclosure and access issues and tons of XSS problems.
Brent Huston, CEO, MicroSolved, Inc.
Syhunt Code
Dive into your source code and locate flaws
Revolutionize your web application security with Syhunt Code's cutting-edge technology. Automatically scan any type of web application source code for potential vulnerabilities with ease and pinpoint the exact lines of code that require patching.
Accelerate your development and quality assurance processes, while ensuring the highest level of security for your web applications. Trust Syhunt Code to keep you ahead of the curve and protect your web applications from potential threats.
Available for on-premises deployment for businesses using Windows, and Linux.
Syhunt Code in Numbers
Outline
Know Our Features
Features
Vulnerability Scanner
Syhunt Code has been especially designed to scan web applications for various types of issues, such as Cross-Site Scripting (XSS), File Inclusion, SQL Injection, Remote Command Execution and weak validation. By automating the process of reviewing the web application's code, Syhunt's code scanning functionality can make the life of QA testers easier, helping them quickly find and eliminate security vulnerabilities from web applications.Deep Diving Tool
Syhunt Code allows you to go over every detail of the app to find vulnerabilities. By identifying key areas of the code, such as key HTML tags, JavaScript, XHR requests, entry points and interesting keywords, Syhunt Code can also help auditors perform code reviews better, faster and more efficiently.Hybrid Scanner Integration
Integrations with other systems
Syhunt Code integrates with Gitlab and Jenkins for Continuous Integration (CI), JIRA, GitHub and GitLab for issue tracking, Imperva SecureSphere and F5 BIG-IP Application Security Manager (ASM) for virtual vulnerability patching, and more.CVSS Support
Syhunt Code comes with full support for the Common Vulnerability Scoring System, an industry standard designed to convey vulnerability severity and help determine urgency and priority of response. When a report is generated, vulnerabilities are sorted by default based on their CVSS3 score.MEAN Stack Coverage
Syhunt Code analyzes the source code of web applications built using the MEAN stack - this includes a large number of vulnerability checks tailored for MongoDB, Express.js, Angular (v2 and higher), AngularJS, Node.js, Koa.js, jQuery, client-side and server-side JavaScript.Configuration Hardening
Syhunt Code also evaluates security threats and identifies appropriate countermeasures at the web server configuration stage, providing extra protection against web hacking techniques and the highest levels of application security.Audit & inspect web apps faster and deeper
Supported Languages
ASP Classic (VBScript & JavaScript) |
ASP.Net (C# & VB.Net) |
Java (JEE / JSP) |
JavaScript (Client and Server-Side, Node.js, Angular, AngularJS, Express.js & Koa.js) |
Kotlin (Ktor) |
Lua (ngx_lua, mod_lua, CGILua & Lua Pages) |
Object Pascal (Delphi XE and older, Lazarus & DWS) |
Perl |
PHP |
Python (CGI, Django, mod_python & WSGI) |
Ruby (Rails & ERB) |
TypeScript (Client and Server-Side, Node.js & Angular) |
Check for all kinds of vulnerabilities
Check | CWE |
Command Execution | CWE-78 |
SQL Injection | CWE-89 |
SQL Injection (Functional) | |
SQL Injection (Object-Oriented) | |
SQL Injection (Hibernate/HQL) | |
File Inclusion | CWE-98 |
Local File Inclusion | |
Remote File Inclusion | |
Cross-Site Scripting (XSS) | CWE-79 |
Weak XSS Validation | CWE-79 |
Hidden Entry Points | |
Web-Backdoors | |
Debug Parameters | |
NoSQL Injection | |
Unvalidated Redirects | CWE-601 |
Arbitrary File Manipulation | CWE-73 |
HTTP Response Splitting | CWE-113 |
LDAP Injection | CWE-90 |
XML External Entity (XXE) Injection | CWE-827 |
XPath Injection | CWE-643 |
Server-Side Request Forgery | CWE-918 |
Log Forging | CWE-117 |
Information Disclosure | CWE-497 |
Common Form Weaknesses | |
Weak Password Hashing |
Testimonials
We have used Syhunt for years because it`s been the best web app security assessment tool out there. Rapidly updated to cover new vulnerabilities as they arise and very easy to use. more
Robert Davies, CEO, Stealth-ISS
Buy Product
Syhunt Code runs under any modern 64-bit Linux or Windows version, including Windows 10 and 11 (Specs)