Syhunt Documentation Wiki

What is Syhunt?

Syhunt is a hybrid multilanguage web application security assessment suite. It allows you to scan for the most common web application flaws from a hacker's perspective. Syhunt will remotely inject data in the web applications and analyze the application response in order to determine if the application code is vulnerable to specific attacks (such as SQL Injection, XSS, and many other web application vulnerability flaws). Syhunt will also scan the application's source code, if requested, in search for security issues.

Key Technologies Supported

Which operating systems and applications are supported for scanning?
Syhunt modules are built with the flexibility to cover multiple web server platforms:

• Any web server platform (via remote scanning). Syhunt scans all types of web servers, such as Unix, Linux or NT.
  • Devices such as routers and firewalls that run web sites.
• ASP, ASP.NET, JSP, Perl, PHP & Python web applications (via source code scanning)
• Intrusion detection systems (via its IDS evasion techniques).
• Syhunt Hardener (an assessment tool designed specifically for Apache and PHP platforms) is also available.

For more details about the supported technologies, see: Supported Technologies & Languages

Updates

How often does Syhunt provide updates and how are they distributed?
Immediate to monthly, depending on the severity of new discovered vulnerabilities and the range of affected systems. We do provide automatic (automatic update feature) or manual updates (manual downloading).