Technology | Coverage Type | Extension(s) |
Any server-side scripting platform | N/A | |
Any web server platform | N/A | |
Apache HTTP Server | N/A | |
ASP (Classic) | .asp | |
ASP.NET | .aspx | |
HTML | Any | |
JavaScript | .js | |
Java / JSP | .java, .jsp | |
Lua* | .lua, .lp | |
Perl | .pl | |
PHP | .php, .phtml, .php3, .php4, .php5, .php6, .phps | |
Python | .py, .psp, .psp_, .wsgi | |
Ruby | .rb |
(*) indicates initial or beta support for code scan
Coverage Type
- - White Box (Source Code Scan)
- - Black Box (Dynamic Scan)
- - Complementary Settings Scan
- - Log Scan
Apache HTTP Server Support
- Syhunt Dynamic remotely scans Apache HTTP Servers for known vulnerabilities.
- Syhunt Hardener scans Apache configuration files for weak security settings.
- Syhunt Insight scans Apache logs for intrusion attempts.
ASP & ASP.NET Support
- Syhunt Dynamic remotely scans any type of ASP/ASP.NET web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of ASP/ASP.NET web applications for vulnerabilities.
For details about the ASP code scanning capabilities available in Syhunt Hybrid, see: Vulnerable ASP Code
HTML Support
- Syhunt Dynamic comes with an intelligent HTML parser that can handle malformed HTML like a web browser.
- Syhunt Dynamic is both HTML5 and CSS3-aware.
- Syhunt Code can identify key HTML tags within the source code of a web application.
HTTP Support
- Syhunt Dynamic remotely scans all types of web servers, such as Unix, Linux or NT, for vulnerabilities.
- Syhunt's HTTP feature set includes:
- HTTPS support (SSL 2/SSL 3/TLS 1)
- Certificates support
- Basic & NTLM authentication support
- HTTP 1.0 and 1.1 support
- Keep-Alive support
- HTTP redirection support
- Syhunt Insight scans HTTP logs created by web servers for intrusion attempts.
JavaScript/AJAX Support
- Syhunt Dynamic can parse, emulate & execute JavaScript code.
- Syhunt Dynamic remotely exploits AJAX-based web applications.
- While scanning a web site, Syhunt Dynamic performs XHR requests if necessary.
- Syhunt Code can identify key AJAX / JavaScript within the source code of a web application.
JSP Support
- Syhunt Dynamic remotely scans any type of Java / JSP web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of Java and JSP web applications for vulnerabilities.
For details about the Java code scanning capabilities available in Syhunt, see: Vulnerable JSP Code
PHP Support
- Syhunt Dynamic remotely scans any type of PHP web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of PHP web applications for vulnerabilities.
- Syhunt Hardener scans PHP configuration files for weak security settings.
For details about the PHP code scanning capabilities available in Syhunt, see: Vulnerable PHP Code
Python Support
- Syhunt Dynamic remotely scans any type of Python web application for both known and custom vulnerabilities.
- Syhunt Hybrid scans the source code of Python CGI, WSGI, Mod_python, PSP and Django web applications for vulnerabilities.
Page last modified on May 17, 2018, at 04:44 PM