Syhunt Hybrid 6 is out


And it is the best one yet

Checks Comparison

Community Code Dynamic Hybrid
Vulnerability Categories Covered 43
Limited checks
21+
600+ checks
70+
800+ injection checks
92+
1500+ checks
Hybrid Checks
Authentication Vulnerabilities
Broken Authentication
Brute Force Checks (Form & HTTP)
Password Disclosure
Unencrypted Login
Weak Password Hashing
Breach Confirmation
Backdoor Detection (Web-Based)
Hidden Debug Parameters
Inappropriate Content Detection
Malicious Content Detection
Command Execution
Cross-Site Scripting (XSS)
Filter Evasion/Weak Validation
HTML5 Specific XSS
File Inclusion
Local File Inclusion
Remote File Inclusion
NoSQL Injection
MongoDB
SQL Injection
Access
DB2
dbx
Firebird/InterBase
FrontBase
Informix
Ingres
MaxDB
mSQL
MySQL
Oracle
Ovrimos
PostgreSQL
SQL Server
SQLite
Swish
Sybase
Others
Unvalidated Redirects
Arbitrary File Manipulation
Code Injection
ASP Classic
ASP.NET
Java/JSP
Lua (Nginx, Apache, CGI-Lua, etc)
Perl
PHP
Python
Ruby
Server-Side JavaScript
Cookie Manipulation
Common Exposures
Dangerous Methods
Default Content
Internal IP Address Disclosure
Common Form Weaknesses
AutoComplete Enabled
Email Form Hijacking
Hidden Price Form Field
CRLF Injection
Cross Frame Scripting
Default Account
Denial-of-Service
Buffer Overflow
Client-Side Denial-of-Service
Directory Listing
Directory Traversal
Expression Language Injection
Extension Checking (Double & Common)
HTTP Header Injection
HTTP Response Splitting
Information Disclosure
LDAP Injection
Old/Backup Files
Common Backup Files
Common Backup Folders
Log Forging
Path Disclosure
Server-Side Includes Injection
Server-Side Request Forgery
Server-Specific Vulnerabilities
IIS, iPlanet & Others
Source Code Disclosure
ASP Classic
ASP.NET
Java/JSP
Lua
Perl
PHP
SSI
Structure Brute Force Checks
Admin Pages
Common Files
Common Vulnerable Scripts
Database Disclosure
Suspicious HTML Comments
XML Injection
XML External Entity (XXE) Injection
XPath Injection
Web Technology Disclosure
Key Areas Identification (in source code)