What's New in Syhunt Community

Version 6.5 (December 26, 2018)

  • Added a revamped vulnerability details dialog with editing capabilities.
  • Added Dynamic Targets screen to launcher - allows to manage a list of common target URLs. You can access it through the purple bookmark icon in the Launcher toolbar or the New Scan dialog.
  • Added Rails framework, WII framework and WordPress related optimizations.
  • Added the ability to import and export a scan session from/to a file.
  • Added additional scan progress info to the results tab
  • Reviewed hunt methods Malware Content and Structure Brute Force and enabled additional checks. Improved extension checking and structure brute force checks and fixed a false positive case.
  • Improved fingerprinting and added detected languages and OS type to reports.
  • Improved spider (improved web site caching and mapping).
  • Improved compatibility with source control systems (GIT and SVN) in Syhunt Code
  • Reclassified dynamic XSS risk based on CVSS3 score.
  • This release comes with the latest Syhunt Sandcat browser updates and drops support for Windows Vista:
    • Added the ability to import/export/clear bookmarks.
    • Confirm exit when tasks are running.

Version 6.4 (October 17, 2018)

  • Revamped launcher screen.
  • Added additional password file disclosure checks.
  • Added Jooma-specific optimizations.
  • Added Nginx support in Syhunt Insight.
  • Improved spidering (additional link extraction and improved relative path handling).
  • Combined link list with additional details into new Coverage report section.

Version 6.3 (September 8, 2018)

  • Added full support for CVSS (Common Vulnerability Scoring System). (Full details)
  • Added the ability to compare past scan sessions to determine new, unchanged or removed vulnerabilities, and save the comparison results as HTML (Menu -> Past Sessions -> Compare Checked button).
  • Added File Inclusion and OWASP Top 5 hunt methods to Syhunt Code.

Version 6.2 (June 15, 2018)

  • Added code scan support for Node.js based web applications. (Full details)
  • Added Server-Side JavaScript and MongoDB to Technologies tab in the Site Preferences screen.

Version 6.1 (May 17, 2018)

  • Several improvements in Syhunt Code:
    • Added code scan support for Java EE, JSP and Lua based web applications. (Full details)
    • Improved XSS detection in multiple languages (classic ASP, ASP.NET & PSP).
    • Improved input filtering analysis.
    • Improved speed (scan optimization).
    • Automatic Python WSGI script detection.
  • Improved fingerprinter (additional WAF detection) in Syhunt Dynamic.

Version 6.0 (October 10, 2017)

  • Major overhaul of both its scan engine and user interface, adding advanced fingerprinting capabilities, enhanced spidering, injection, browsing and code scan capabilities, and a large number of new and improved checks. (Full details)