What's New in Syhunt 6.9.13
April 8, 2022
Syhunt Hybrid 6.9.13 adds Spring4Shell vulnerability detection, expands SCA and DWET capabilities
Syhunt's breach hunting tool (formerly IcyDark) is now Syhunt Breach.
Last week we all learned about the critical Spring4Shell (CVE-2022-22965) vulnerability that affects Spring apps and that when exploited by attackers may result in remote command execution. Today we release Syhunt Hybrid 6.9.13 which adds the detection of the Spring4Shell vulnerability to Syhunt tools, Syhunt Dynamic, Syhunt Code and Syhunt Forensic (formerly Insight). In addition to this critical DAST check, Syhunt 6.9.13 expands its SCA component in Syhunt Code to cover the Spring4Shell vulnerability and adds 260 new ransomware related leaks to its Syhunt Breach tool (formerly IcyDark), reaching a total of 3103 ransomware group leaks.
Expanding SCA Capabilities
Product Name Changes
Today we are also announcing a few product name changes: the Syhunt IcyDark product will now be called Syhunt Breach and the Syhunt Insight log scanner will now be called Syhunt Forensic. The name change will more accurately reflect the nature of the product which expanded its coverage to support not only dark web breach hunting, but also breach prevention, forensic analysis and on-demand services through Syhunt Hybrid's console. Despite the name changes affecting the mentioned products, Syhunt's dark web monitoring division will continue to be called Syhunt Icy.
The old product names and the corresponding new names
|Syhunt Insight||->||Syhunt Forensic|
|Syhunt IcyDark||->||Syhunt Breach|
|Syhunt IcyScore||->||Syhunt Breach Score|
Improvements in Version 6.9.13
- Added 260 new ransomware related leaks to Syhunt Breach, reaching a total of 3103 ransomware group leaks
- Added 69 additional vulnerability checks for ASP.NET apps in Syhunt Code, covering various vulnerability categories.
- Added integration with DefectDojo dashboard
- Added check for Spring4Shell (CVE-2022-22965) vulnerability to Syhunt Dynamic.
- Added checks for Spring4Shell vulnerability to Syhunt Code Composition: checks for vulnerable Spring, SpringBeans, SpringBoot, SpringWebFlux and SpringWebMVC components.
- Added checks for web backdoors related to Spring4Shell to Syhunt Dynamic.
- Added checks for Spring4Shell scans to Syhunt Forensic log scanner.
- Added a new hunt method called Spring4Shell, which allows to scan specifically for the Spring4Shell vulnerabilities in Syhunt Dynamic and Code. This method is also available through the CLI.
- Improved Debug Parameters check in Syhunt Dynamic.
- Make it easier to enter business registration number in domain preferences screen.
- Improved session and token management in Syhunt Dynamic.
- Improved form handling in Syhunt Dynamic.
- Improved crawling in login situations.
- Optimized scan against vulnerable targets in Syhunt Dynamic.
- Improved PHPInfo detection in Syhunt Dynamic.
- Added detection of weak session ID in Syhunt Dynamic.
- Upgraded GitLab JSON format to version 14.0.4.
- GitLab compatible JSON export can now be generated by providing output filename with double extension .dast.json or .sast.json.
- Setup binaries for Windows are now signed with Syhunt's code certificate.
Happy breach hunting!