What's New in Syhunt 6.6

June 3, 2019

Syhunt adds SAST support for Angular, AngularJS, web services, and more

We're happy to announce that Syhunt version 6.6, released today, adds SAST support for web services, and extends support for the MEAN stack by adding support for Angular (v2 and higher) and AngularJS-based web applications, TypeScript, and a large number of additional checks covering Node.js, Express.js, jQuery, client-side JavaScript, and Java. Syhunt 6.6 also adds SAST support for Azure Repos and Electron-based apps, manual login option when performing DAST, and optimizations that speed up scans in both DAST and SAST. The extended coverage means that Syhunt is now able to scan not only the source code of web applications, but the source code of web services and JS-based desktop applications.

Code Checks for Angular & AngularJS

Syhunt 6.6 adds security code checks targeting Angular web apps, covering:

  • Cross-Site Scripting (XSS) - covering JavaScript and TypeScript
  • Cross-Site Request Forgery (XSRF)
  • Broken Authentication
  • Local Storage Usage
  • Sensitive Data Stored in Local Storage
  • Sensitive Information Client-Side
  • Outdated Vulnerable Scripts

Code Checks for Client-Side JavaScript

  • DOM-Based XSS (DOM-Based Cross-Site Scripting)
  • Local Storage Usage
  • Sensitive Data Stored in Local Storage
  • Outdated Vulnerable Scripts, including jQuery Core, jQuery Migrate, jQuery UI, fullPage, Bootstrap and momentjs - this includes the analysis of external, online JavaScript files.
  • Code Injection
  • Unvalidated Redirect
  • XML Injection
  • Client-Side Request Forgery
  • Information Disclosure (various)
  • Security Misconfiguration (various)

Code Checks for Node.js

  • Cross-Site Scripting (XSS)
  • Denial of Service (DoS) (new)
  • File Inclusion (new)
  • XPath Injection (new)
  • XML Injection (new)
  • Server-Side Request Forgery (SSRF) (new)
  • Information Disclosure (new)
  • Security Misconfiguration (new)
  • SQL Injection (improved)
  • Code Injection (improved)
  • Unvalidated Redirect (improved)
  • File Manipulation (improved)
  • Command Execution (improved)
  • HTTP Header Injection (improved)
  • Log Forging
  • Input filtering/validation analysis (improved)

Additional Code Checks

Syhunt 6.6 also adds checks for:

  • Broken Cryptography (new) - usage of Insecure Hashing Algorithms, Insecure Cryptographic Algorithms, Weak Protocols and Insecure Randomness.
  • Insecure Salting (new) - covering all languages
  • Hardcoded Sensitive Information (new), and logging of sensitive information
  • Weak Password Hashing (rewritten and improved)
  • Backdoor (improved)
  • SQL Injection, XML Injection and Information Leak (improved for Java)

Manual Login Support

Syhun 6.6 adds the ability to start a scan against a website after manually logging in - when you start a Dynamic scan from within the Sandcat Browser the tab session data is used as part of the scan. Use of the feature is explained in the manual login section of the Syhunt Dynamic QuickStart document.

Extended GIT Support

  • Added the ability to scan GIT repositories via user interface, and to create and manage a list of favorite target repositories.
  • Added support for Azure Repos using GIT.

Dynamic and Other Improvements

  • Improved HTTP/HTTPS protocol and SSL support (fixed: connection reset by peer error when trying to scan some websites).
  • Added an option to auto follow off-domain redirect in Start URL (enabled by default in GUI and CLI)
  • Ask about off-domain URL redirect when defining a dynamic target.
  • Added additional Joomla-specific optimizations.
  • Improved handling of popups in Sandcat Browser.
  • Fixed: inability to properly pin app to the Windows taskbar.
  • Fixed: many other bugs and false positives (as detailed in the CHANGELOG)

Note: Checks above in gray color are only available in the professional editions of Syhunt.

We hope you enjoy the new release!