Syhunt License Options
The Syhunt scanner comes in many editions, each targeted at a different set of needs. All licenses include 1 seat and 1 to 3 years of technical support, upgrades and vulnerability updates.
| Product Name | Product Code | Types of Testing | No. of Targets |
| Syhunt Hybrid Infinity | HYB-INF-CNL |        | ∞ Unlimited targets with: No language restriction for DAST/SAST/MAST DWET limited to one domain |
| Syhunt Hybrid Diamond | HYB-DIA-UNL | | ∞ Unlimited targets with: Three (3) language restriction for DAST/SAST. DWET limited to one domain |
| Syhunt Hybrid Platinum Plus | HYB-PLS-UNL | | ∞ Unlimited targets with: Three (3) language restriction for DAST/SAST |
| Syhunt Hybrid Platinum | HYB-PLA-UNL | | ∞ Unlimited targets with: Three (3) language restriction for DAST/SAST |
| Syhunt Hybrid One | HYB-ONE-DOM | | One (1) Domain target with: Three (3) language restriction for DAST/SAST Surface-to-dark web leak monitoring |
| Syhunt Breach Five | BRE-005-DOM | | Five (5) Domain targets with: Surface-to-dark web leak monitoring Three (3) language and 45-day restriction for DAST/SAST |
| Syhunt Breach Three | BRE-003-DOM | | Three (3) Domain targets with: Surface-to-dark web leak monitoring Three (3) language and 45-day restriction for DAST/SAST |
| Syhunt Breach One | BRE-ONE-DOM | | One (1) Domain target with: Surface-to-dark web leak monitoring Three (3) language and 45-day restriction for DAST/SAST |
| Syhunt Dynamic Infinity | DYN-INF-CNL | | ∞ Unlimited targets with: No language restriction for DAST |
| Syhunt Dynamic Augmented | DYN-AUG-UNL | | ∞ Unlimited targets with: Three (3) language restriction for DAST |
| Syhunt Code Infinity | COD-INF-CNL | | ∞ Unlimited targets with: No language restriction for SAST/MAST |
| Syhunt Code Plus | COD-PLS-UNL | | ∞ Unlimited targets with: Three (3) language restriction for SAST |
| Syhunt Code (Web) | COD-WEB-UNL | | ∞ Unlimited targets with: Three (3) language restriction for SAST |
| Syhunt Mobile | COD-MOB-UNL | | ∞ Unlimited targets with: No mobile language restriction |
Syhunt Hybrid Infinity
Allows to scan both web applications and mobile applications for vulnerabilities and to monitor one (1) domain for surface to dark web leaks. Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. Permission to use Syhunt in consultant services to scan your customers (if applicable) is included.
| Product Name | Syhunt Hybrid Infinity |
| SKU/Product Code | HYB-INF-CNL |
| Types of Testing | DAST, OAST, SAST, FAST, MAST & DWET |
| No. of Targets | Unlimited targets (with DWET only limited to a single domain of your ownership) |
| Language Support | Unlimited Web languages. Unlimited Mobile languages. Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js |
| Product Datasheet | Product Brief |
Syhunt Dynamic Infinity
Comes with a wide array of features to detect and help you fix your web application security vulnerabilities with minimal effort. Tests the web application response to thousands of different web attacks often carried by real-world adversaries, including inferential, in-band and out-of-band attacks through Augmented Dynamic Analysis (OAST). This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. Permission to use Syhunt in consultant services to scan your customers (if applicable) is included.
| Product Name | Syhunt Dynamic Infinity |
| SKU/Product Code | DYN-INF-CNL |
| Types of Testing | DAST & OAST |
| No. of Targets | Unlimited |
| Language Support | PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Product Brief |
Syhunt Code Infinity
Enables developers and QA (Quality Assurance) testers to automatically scan any kind of mobile or web application source code for potential security vulnerabilities. This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. Permission to use Syhunt in consultant services to scan your customers (if applicable) is included.
| Product Name | Syhunt Code Infinity |
| SKU/Product Code | COD-INF-CNL |
| Types of Testing | SAST & MAST |
| No. of Targets | Unlimited |
| Language Support | Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js |
| Product Datasheet | Product Brief |
Syhunt Hybrid Diamond
Allows to scan both web applications and mobile applications for vulnerabilities and to monitor one (1) domain for surface to dark web leaks. Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Hybrid Diamond |
| SKU/Product Code | HYB-DIA-UNL |
| Types of Testing | DAST, OAST, SAST, FAST, MAST & DWET |
| No. of Targets | Unlimited targets (with DWET only limited to a single domain) |
| Language Support | Restricted to three (3) Web languages. Unlimited Mobile languages. Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js |
| Product Datasheet | Product Brief |
Syhunt Hybrid Platinum Plus
Allows to scan both web applications and mobile applications for vulnerabilities. Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Hybrid Platinum Plus |
| SKU/Product Code | HYB-PLS-UNL |
| Types of Testing | DAST, OAST, SAST & MAST |
| No. of Targets | Unlimited |
| Language Support | Restricted to three (3) Web languages. Unlimited Mobile languages. Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js |
| Product Datasheet | Product Brief |
Syhunt Hybrid Platinum
Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Hybrid Platinum |
| SKU/Product Code | HYB-PLA-UNL |
| Types of Testing | DAST, OAST & SAST |
| No. of Targets | Unlimited |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Product Brief (Platinum & Standard) |
Syhunt Dynamic Augmented
Comes with a wide array of features to detect and help you fix your web application security vulnerabilities with minimal effort. Tests the web application response to thousands of different web attacks often carried by real-world adversaries, including inferential, in-band and out-of-band attacks through Augmented Dynamic Analysis (OAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Dynamic Augmented |
| SKU/Product Code | DYN-AUG-UNL |
| Types of Testing | DAST & OAST |
| No. of Targets | Unlimited |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Product Brief |
Syhunt Code Plus
Enables developers and QA (Quality Assurance) testers to automatically scan any kind of mobile or web application source code for potential security vulnerabilities. This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Code Plus |
| SKU/Product Code | COD-PLS-UNL |
| Types of Testing | SAST & MAST |
| No. of Targets | Unlimited |
| Language Support | Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js |
| Product Datasheet | Product Brief |
Syhunt Code (Web)
Enables web developers and QA (Quality Assurance) testers to automatically scan any kind of web application source code for potential security vulnerabilities This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Code (Web) |
| SKU/Product Code | COD-WEB-UNL |
| Types of Testing | SAST |
| No. of Targets | Unlimited |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Datasheet |
Syhunt Mobile
Enables publishers, developers and QA testers to automatically scan Android and iOS mobile apps for the OWASP Mobile Top 10 and other vulnerabilities. Find the vulnerable portions of the code in minutes and patch them before making app updates available to users. This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.
| Product Name | Syhunt Mobile |
| SKU/Product Code | COD-MOB-UNL |
| Types of Testing | MAST |
| No. of Targets | Unlimited |
| Language Support | Java (Android), Swift, Objective-C, C, C+ & JavaScript, including Node.js |
| Product Datasheet | Datasheet |
Syhunt Breach Five
Allows to monitor five (5) domains for surface to dark web leaks. Includes additional capabilities with some restrictions: its DAST & SAST capabilities are only available during the first 45 days of the year. If there is a need for regular (365-day) DAST/SAST scanning and integration, the HYB-DIA-UNL license is recommended instead of this one.
| Product Name | Syhunt Breach Five |
| SKU/Product Code | BRE-005-DOM |
| Types of Testing | DAST, OAST, SAST, DWET & FAST |
| No. of Targets | Wildcard (domain target 5, scored targets 25) |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Datasheet |
Syhunt Breach Three
Allows to monitor three (3) domains for surface to dark web leaks. Includes additional capabilities with some restrictions: its DAST & SAST capabilities are only available during the first 45 days of the year. If there is a need for regular (365-day) DAST/SAST scanning and integration, the HYB-DIA-UNL license is recommended instead of this one.
| Product Name | Syhunt Breach Three |
| SKU/Product Code | BRE-003-DOM |
| Types of Testing | DAST, OAST, SAST, DWET & FAST |
| No. of Targets | Wildcard (domain target 3, scored targets 15) |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Datasheet |
Syhunt Hybrid One
Allows to scan web applications for vulnerabilities and to monitor one (1) domain for surface to dark web leaks. This license is restricted to three (3) Web languages and allows to scan a wildcard target (a domain and its subdomains), which can be scanned for an unlimited number of times.
| Product Name | Syhunt Hybrid One |
| SKU/Product Code | HYB-ONE-DOM |
| Types of Testing | DAST, OAST, SAST, DWET & FAST |
| No. of Targets | Wildcard (domain target 1, scored targets 10) |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Datasheet |
Syhunt Breach One
Allows to monitor one (1) domain for surface to dark web leaks. Includes additional capabilities with some restrictions: its DAST & SAST capabilities are only available during the first 45 days of the year. If there is a need for regular (365-day) DAST/SAST scanning and integration, the HYB-ONE-DOM license is recommended instead of this one.
| Product Name | Syhunt Breach One |
| SKU/Product Code | BRE-ONE-DOM |
| Types of Testing | DAST, OAST, SAST, DWET & FAST |
| No. of Targets | Wildcard (domain target 1, scored targets 10) |
| Language Support | Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby |
| Product Datasheet | Datasheet |
Target Types
Targets supported by a product license can be:
- Unlimited target: This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. For DAST, the license allows to scan multiple domains and all its subdomains. For SAST, any GIT URL can be scanned.
- Domain target: This license allows to scan a domain target, which can be scanned for an unlimited number of times.
- This license is restricted to three (3) Web languages and allows to scan a wildcard target (a domain and its subdomains), which can be scanned for an unlimited number of times. For DAST, the license allows to scan a single domain and all its subdomains. For the same target, you can optionally have a development domain and a production domain. For SAST, multiple repositories can be scanned within a single GIT user in a single source code control domain.
- For DWET, the license allows to scan a single domain, or a limited number of domains as described in the license terms, including their subdomains. Each domain authorization come with the right to check the breaches and score of the authorized domain and its subdomains, and include the right to check the score between 1 to 25 third-party domain(s) or subdomain(s) as described in the license terms.
- Restrictions apply to governamental domains breach checking and scoring: each governamental subdomain checked count as an additional domain, requiring a separate domain license.
- Restrictions apply to third-party domain scoring: each third-party domain or subdomain checked count as an additional scored domain. Third-party domains that are governamental or military cannot be scored as explained in the Syhunt Score terms. Third-party score query does not include access to compromised data that relates to queried domains.
- In the case of the bulk discount (from 25 domains onwards), each domain will include a maximum of 2 scored targets per domain. This means that if the user licensed 25 domains, the user can check the score of up to 50 domains: 25 authorized domains and 25 third-party domains. If needed, this number can be increased by purchasing a Breach Score extension license.
| Target Code | No. of Targets | No. of Languages | Examples |
| CNL | Unlimited targets (with consultant usage permission) | All supported languages, including: Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js | Scan URL: www.mydomain1.com www.mydomain2.com Scan Code: anygit.com/anyuser/anyproject.git |
| UNL | Unlimited targets | Web - Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby Mobile - All supported languages, including Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js | Scan URL: www.mydomain1.com www.mydomain2.com Scan Code: anygit.com/anyuser/anyproject.git |
| DOM | Domain (Wildcard) target *.mydomain.com mygit.com/user/*.git | Three (3) supported languages. Selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python or Ruby | Scan URL: mydomain.com www.mydomain.com subdomain1.mydomain.com subdomain2.mydomain.com Scan Code: mygit.com/user/project1.git mygit.com/user/project2git mygit.com/user/project3.git |
Types of Testing
| SAST | Static analysis of the security of a web application's source code |
| MAST | Static analysis of the security of a mobile application's source code (Android & iOS) and Android APK file |
| DAST | Dynamic analysis of the security of a web application security with deep crawling and parameter injection |
| OAST | Augmented dynamic analysis of the security of a web application security with out-of-band (OOB) techniques |
| HAST | Hybrid-Augmented analysis of the security of web applications, on which the results of the static analysis are automatically used to enhance its augmented dynamic analysis |
| DWET | Surface to dark web exposure analysis of Internet domains |
| FAST | Forensic analysis of the security of a web application through the analysis of web server log files |
License Models, Terms & Conditions
| Code | Period | SKU Example |
| 1YR | Subscription valid for a one (1) year period. | HYB-PLS-UNL-1YR |
| 2YR | Subscription valid for a two (2) year period. | HYB-PLS-UNL-2YR |
| 3YR | Subscription valid for a three (3) year period. | HYB-PLS-UNL-3YR |
| PER | Perpetual Perpetual license valid for lifetime, with an annual renewal cost for software maintenance. | HYB-PLS-UNL-PER |
- A yearly subscription license (1YR, 2YR or 3YR) grants the user with a valid license key for the product for a limited period. When the period expires, the user needs to purchase a new license key in order to continue using Syhunt. A subcription license comes with 1 to 3 years of software maintenance. Upon expiration of the limited period, if the subscription is not renewed, the Syhunt license shall automatically become disabled.
- A perpetual license grants the user with a valid license key for the product for an indefinite period. This lifetime license key will be valid only for the product’s version that was ordered. The perpetual license comes with 1 year of software maintenance from date of purchase.
- Software maintenance - a yearly support plan based on annual renewals that grants the user the right to product updates, tech support and integration with its online services, such as Syhunt's OAST service Syhunt Signal. The product update right means that the user is entitled to new version and updates of the software for free during the period of the maintenance plan, which is effective for a period up until one year, after which the user needs to extend it. The user is encouraged to purchase maintenance annually with no lapse.
- Syhunt's End User License Agreement (EULA) apply as well to any of the licenses above. The EULA must be accepted prior to installing and running the software.
- Syhunt is licensed per seat - a seat is a device, as explained below.
Seats & Integrations
- Syhunt is licensed per device, whether physical or virtual, and not per user. Each virtual machine on the same host PC needs it's own license for Syhunt.
- Each license allows installation on 1 device.
- If a Jenkins agent or Jenkins server, or GitLab runner agent, is installed and configured on this device, they can integrate and interoperate with the installed, licensed copy of Syhunt, allowing Syhunt to be called from within pipeline scripts, as documented in our integrations documentation.
- Due to the availability of Syhunt for Linux and macOS, the Syhunt license that allows to install Syhunt into a single device now allows two devices during the first 90 days, as long as the first device is a Windows machine and the second device a Linux or macOS machine. After the initial 90 day period, you need to select between the Windows, Linux or macOS version of Syhunt, which must be used on a single device.
- If you have a license with permission for multiple devices or if you purchase additional licenses of Syhunt to be installed on additional devices, when installing Syhunt on such additional devices, it will be necessary to select between the Windows, Linux or macOS version of Syhunt.