RESPONSE: Syhunt Hybrid already detects the Fastjson, Spring4Shell & Log4Shell RCE vulnerabilities Learn more

Syhunt LΛBS

Expand your arsenal of security tools

Learn about our free tools, upcoming tools and open source projects.

Syhunt Community

A feature-limited edition of the Syhunt scanner suite. Includes: Sandcat Pen-Tester Edition, Syhunt Hybrid, Dynamic, Code and Breach extensions.


Syhunt Community CLI

The Syhunt scanner suite in the form of console applications. Includes: Syhunt Hybrid, Dynamic, Code and Breach console apps.


Sandcat 6.0 RC2

An open-source, pentest and developer-oriented web browser, using the power of Lua. more

Source Download

Huntpad 2.0

An open-source notepad with features that are particularly useful to penetration testers. more

Source Download

More Open Source Tools

Special edition of Hakin9 magazine about open source pen-testing tools, including Syhunt Sandcat and Huntpad


Learn the latest information on web application security

Here you can find the straightforward information and instructions you need to get your web applications secure.

Web Application Security Scanner Comparisons

Comparisons between Syhunt and other industry leading web application security scanners.


Read our vulnerability research information and get access to our product datasheets.


Get in-depth information about vulnerabilities discovered by the Syhunt team.

Latest Vulnerability & Security Research

Read our latest vulnerability and security research information:

2022 Ransomware Threat Report

This report by Syhunt uncovers numbers about the ransomware groups and lists how corporations can defend themselves from this growing threat.

COMB: The Big Password Leak

Through our expert analysis, we highlight details of the compilation of leaks that exposed billions of passwords in February, 2021.

The Big Brazil Data Leak

Through our expert analysis and participation in a series of articles in the media, we helped highlight the dimension of the mega leak that exposed data from almost all Brazilians in January, 2021.

NoSQL & SSJS Injection

Detecting server-side JavaScript (SSJS) injection vulnerabilities using time-based techniques.

Lua Web Vulnerabilities

Auditing and Defending Lua-Based Web Applications.

Encryption Tools Comparison

This comparison by Syhunt can help you select the right encryption tool for personal, corporate or government use.