Syhunt Code: Getting Started

The information in this document applies to version 6.5 of Syhunt Code.

How to perform a code scan

Syhunt's whitebox scan (source code scan) can uncover multiple classes of application vulnerabilities and also identify key areas of the code that need review. Its static source code analysis functionality can detect cross-site scripting, file inclusion, SQL injection, command execution and validation problems. Initially only PHP was supported. As of today, multiple web programming languages are supported.

Supported Languages

ASP (Classic)
ASP.Net
Java EE / JSP
JavaScript (Node.js - Express & Koa)
Lua (mod_lua, CGILua & Lua Pages)
Perl
PHP
Python (CGI, Django, mod_python & WSGI)

Follow along with this guide to learn how to perform a source code scan and generate a vulnerability report.

  1. Launch Syhunt Hybrid and click the Syhunt Code icon or New Scan button in the welcome page.

  2. Select a code directory to scan and press the OK button to start the scan.

In the end of the scan, you can click Generate a Report to save the results as a HTML report or any other prefered format.

How to perform a code scan via command-line

  1. Go to the directory Syhunt is installed using the command prompt.
  2. Example command-line:
 Scancode C:\WWW\Docs\ -gr

Syhunt ScanCode tool reports are automatically generated and saved if the -gr parameter is provided. You can also open the session by launching Syhunt and using the Menu -> Past Sessions option.

System Requirements

Syhunt Hybrid, Dynamic and Code

  1. 512 MB of memory
  2. 500 MB of free disk space
  3. Internet connection (optional for dynamic scans and some features)
  4. Windows 7, 8 or 10.

Syhunt ScanTools

  1. 512 MB of memory
  2. 500 MB of free disk space
  3. Internet connection (optional for dynamic scans and some features)
  4. Windows XP, 2003, 2008, Vista, 7, 8 or 10.

If you use a personal firewall, you'll just have to let the firewall know that Syhunt Dynamic is authorized to make connections to the Internet. However, some software firewalls do not handle high loads very well. It is not recommended to run both a personal firewall and Syhunt on the same machine.


For additional product documentation, visit syhunt.com/docs