Web Application Security Checks

The information in this document applies to version 6.9 of Syhunt Hybrid.

Syhunt's database is the culmination of years of research by Syhunt and includes checks for a extremely wide array of different web application security threats, as shown below.

Checks

CheckCWE
Authentication Vulnerabilities
Authentication Bypass / Broken Authentication through Dynamic AnalysisCWE-287
Authentication Bypass / Broken Authentication through Source Code AnalysisCWE-287
Automated Authentication Brute Force (Form & HTTP-Based)
Password DisclosureCWE-311
Unencrypted LoginCWE-319
Insecure Salting through Source Code Analysis 
Broken Cryptography 
Insecure Hashing Algorithms through Source Code Analysis 
Insecure Cryptographic Algorithms through Source Code Analysis 
Insecure Randomness through Source Code Analysis 
Weak Protocols through Source Code Analysis 
Weak Password Hashing through Source Code Analysis
Breach Confirmation
Breach Confirmation through Dynamic Analysis
Breach Confirmation through Source Code Analysis
Breach Confirmation through Web Server Log Analysis
Hidden Debug Parameter Discovery through Dynamic Analysis
Hidden Debug Parameter Discovery through Source Code Analysis
Hidden Debug Parameter Discovery and Injection through Hybrid Analysis
Inappropriate Content Detection
Malicious Content Detection
Web-Based Backdoor Detection through Dynamic Analysis
Web-Based Backdoor Detection through Source Code Analysis
Command ExecutionCWE-78
Command Execution through Dynamic Analysis
Command Execution through Source Code Analysis
Cross-Site Scripting (XSS)CWE-79
Cross-Site Scripting (XSS) through Dynamic Analysis
Cross-Site Scripting (XSS) through Source Code Analysis
Weak XSS Filter/Validation Bypass through Dynamic Analysis
Weak XSS Filter/Validation Bypass through Source Code Analysis
DOM-Based XSS through Source Code Analysis
HTML5 Specific XSS
Cross-Site Request Forgery (XSRF) through Source Code Analysis
File InclusionCWE-98
Local File Inclusion (LFI) through Dynamic Analysis
Remote File Inclusion (RFI) through Dynamic Analysis
Local File Inclusion (LFI) through Source Code Analysis
Remote File Inclusion (RFI) through Source Code Analysis
File Manipulation through Source Code Analysis 
NoSQL Injection 
NoSQL Injection through Dynamic Analysis (Error-Based) 
NoSQL Injection through Dynamic Analysis (Time-Based) 
NoSQL Injection through Source Code Analysis 
NoSQL Injection in MongoDB 
SQL InjectionCWE-89
SQL Injection through Dynamic Analysis (Error-Based)
SQL Injection through Dynamic Analysis (Blind)
SQL Injection through Dynamic Analysis (Time-Based)
SQL Injection through Source Code Analysis
SQL Injection through Source Code Analysis (HQL)
Code InjectionCWE-94
Code Injection through Dynamic Analysis (Print-Based)
Code Injection through Dynamic Analysis (Time-Based)
Code Injection through Source Code Analysis
Code Injection in ASP Classic
Code Injection in ASP.NET
Code Injection in Java/JSP
Code Injection in Lua (Nginx, Apache, CGI-Lua, etc)
Code Injection in Perl
Code Injection in PHP
Code Injection in Python
Code Injection in Ruby
Code Injection in Server-Side JavaScript
Source Code DisclosureCWE-540
Source Code Disclosure through Injection
Source Code Disclosure through Content Analysis
Source Code Disclosure (ASP Classic)
Source Code Disclosure (ASP.NET)
Source Code Disclosure (Java/JSP)
Source Code Disclosure (Lua)
Source Code Disclosure (Perl)
Source Code Disclosure (PHP)
Source Code Disclosure (SSI)
Extension Checking
Double Extension Checking
Common Backup Extensions
Structure Brute Force
Admin Pages
Common Backup Files
Common Backup Folders
Database Disclosure
Old/Backup FilesCWE-530
Common Form Weaknesses
Email Form Hijacking
Hidden Price Form Field
AutoComplete Enabled (in sensitive form inputs)
Unencrypted Credit Card Transaction
Denial-of-Service (DoS)CWE-730
Client-Side Denial-of-Service
Denial-of-Service through Injection
Denial-of-Service through Source Code Analysis
Buffer OverflowCWE-120
Multiple Disclosure Vulnerabilities
Common Exposures
Hardcoded Sensitive Information through Source Code Analysis
Logging of Sensitive Information through Source Code Analysis
Local Storage Usage through Source Code Analysis
Sensitive Data Stored in Local Storage through Source Code Analysis
Sensitive Information Client-Side through Source Code Analysis
Information Disclosure through InjectionCWE-200
Information Disclosure through Content AnalysisCWE-200
Information Disclosure through Source Code AnalysisCWE-497
Internal IP Address DisclosureCWE-200
Path Disclosure through InjectionCWE-211
Path Disclosure through Content AnalysisCWE-211
Directory ListingCWE-548
Web Technology Disclosures
Suspicious HTML Comments
Log ForgingCWE-117
Log Forging through Source Code Analysis
XPath InjectionCWE-91
XPath Injection through Dynamic Analysis
XPath Injection through Source Code Analysis
LDAP InjectionCWE-90
LDAP Injection through Dynamic Analysis
LDAP Injection through Source Code Analysis
Unvalidated RedirectsCWE-601
Unvalidated Redirects through Dynamic Analysis
Unvalidated Redirects through Source Code Analysis
CRLF Header InjectionCWE-93
CRLF Header Injection through Dynamic Analysis
CRLF Header Injection through Source Code Analysis
Expression Language (EL) InjectionCWE-917
Cookie Manipulation
Cross Frame ScriptingCWE-352
Dangerous MethodsCWE-749
Default ContentCWE-276
Directory TraversalCWE-22
HTTP Header Injection through Source Code Analysis 
Server-Specific Vulnerabilities in IIS, iPlanet & Others 
Server-Side Request Forgery (SSRF) through Dynamic AnalysisCWE-918
Server-Side Request Forgery (SSRF) through Source Code AnalysisCWE-918
Server-Side Includes (SSI) Injection 
Client-Side Request Forgery (CSRF) through Source Code Analysis
XML Injection through Dynamic AnalysisCWE-661
XML Injection through Source Code AnalysisCWE-661
XML External Entity (XXE) InjectionCWE-827
XML External Entity (XXE) Injection through Dynamic Analysis 
XML External Entity (XXE) Injection through Source Code Analysis 
Security Misconfiguration through Source Code Analysis 
Known Vulnerable Apps
Outdated Vulnerable Scripts through Source Code Analysis
Known Vulnerable Apps (Apache Struts)
Known Vulnerable Apps (ASP Classic)
Known Vulnerable Apps (ASP.Net)
Known Vulnerable Apps (ColdFusion)
Known Vulnerable Apps (Dynamic HTML)
Known Vulnerable Apps (Flash)
Known Vulnerable Apps (Java / JSP)
Known Vulnerable Apps (Perl)
Known Vulnerable Apps (Python)
Known Vulnerable Apps (Ruby)
Known Vulnerable Apps (SSI)
Known Vulnerable Apps (IIS)


Supported Server-Side Languages (DAST)

ASP (Classic)
ASP.Net
Java / JSP
JavaScript
Lua
Perl
PHP
Python
Ruby

Supported Server-Side Languages (SAST)

ASP Classic (VBScript & JavaScript)
ASP.Net (C# & VB.Net)
Java (JEE / JSP)
JavaScript (Client and Server-Side, Node.js, Angular, AngularJS, Express.js & Koa.js)
Kotlin (Ktor)
Lua (ngx_lua, mod_lua, CGILua & Lua Pages)
Object Pascal (Delphi XE and older, Lazarus & DWS)
Perl
PHP
Python (CGI, Django, mod_python & WSGI)
Ruby (Rails & ERB)
TypeScript (Client and Server-Side, Node.js & Angular)

Supported Languages (Mobile)

Java (Android)
Kotlin (Android)
Swift (iOS)
Objective-C, C & C++ (iOS)
Object Pascal (Delphi XE)
JavaScript (including Node.js, Angular, AngularJS, Express.js & Koa.js)

Supported Databases (SQL Injection Detection)

Access
DB2
dbx
Firebird/InterBase
FrontBase
Informix
Ingres
MariaDB / MySQL
MaxDB
mSQL
Oracle
Ovrimos
PostgreSQL
SQL Server
SQLite
Swish
Sybase

Contact