Syhunt Hybrid 6 is out


And it is the best one yet

Syhunt [Code]


Dive into your source code and locate flaws

Syhunt Code enables developers and QA (Quality Assurance) testers to automatically scan any kind of application source code for potential security vulnerabilities. Pin point with this tool the exact lines of the code that need to be patched.

View Datasheet


Vulnerability Scanner

Syhunt Code has been especially designed to scan web applications for various types of issues, such as Cross-Site Scripting (XSS), File Inclusion, SQL Injection, Remote Command Execution and weak validation. By automating the process of reviewing the web application's code, Syhunt's code scanning functionality can make the life of QA testers easier, helping them quickly find and eliminate security vulnerabilities from web applications.

Deep Diving Tool

Syhunt Code allows you to go over every detail of the app to find vulnerabilities. By identifying key areas of the code, such as key HTML tags, AJAX / JavaScript, entry points and interesting keywords, Syhunt Code can also help auditors perform code reviews better, faster and more efficiently.

Hybrid Scanner Integration

When used from within Syhunt Hybrid, Syhunt Code can also perform ASP, Perl, PHP & Python source code scans that are complementary to its dynamic scans. Syhunt Hybrid scans your application's source code first, then tries to remotely confirm its flaws.

Learn more


Audit & inspect web apps faster and deeper


Supported Languages

ASP (Classic)
ASP.Net
Perl
PHP
Python

Check for all kinds of vulnerabilities

CheckCWE
Command ExecutionCWE-78
SQL InjectionCWE-89
SQL Injection (Functional)
SQL Injection (Object-Oriented)
File InclusionCWE-98
Local File Inclusion
Remote File Inclusion
Cross-Site Scripting (XSS)CWE-79
Weak XSS ValidationCWE-79
Hidden Entry Points
Web-Backdoors
Debug Parameters
NoSQL Injection 
Unvalidated RedirectsCWE-601
Arbitrary File ManipulationCWE-73
HTTP Response SplittingCWE-113
LDAP InjectionCWE-90
XPath InjectionCWE-643
Common Form Weaknesses 
Weak Password Hashing 

We have identified significant vulnerabilities [using Syhunt Code]. Several products we reviewed were found to have various types of injection vulnerabilities, arbitrary file disclosure and access issues and tons of XSS problems.

Brent Huston, CEO, MicroSolved, Inc.

Over 20 million websites are running PHP today and most of them are vulnerable to attacks. Reviewing the source code of applications is one of the most effective ways to isolate security vulnerabilities.

Felipe Daragon, CEO, Syhunt

More Quotes


Syhunt Code runs under any modern Windows version from Windows XP through 10 (Specs)