We are happy to announce the release of Syhunt Hybrid 6.9.14 which improves and expands the product tools Syhunt Dynamic, Syhunt Code and Syhunt Breach. The new release comes with a revamped Breach user interface, accelerated Breach scans, automatic issue submission, and the long-awaited ability to ignore specific vulnerability alerts when performing DAST and SAST scans, among other enhancements.
Improvements in Version 6.9.14
- Breach: added support for concurrent scans and various user interface and experience improvements
- Breach: significantly faster scans (from 1m18sec against a .com domain to around 23sec and 3sec after first scan).
- Breach: added the breach score to the monitored targets list.
- Integrations: added the ability to automatically submit a brief of the identified vulnerabilities to issue trackers such as GitHub or GitLab through CLI, CI/CD pipeline and Powershell. More
- DAST: Minor improvements to the handling of Start URLs in Syhunt Dynamic.
- DAST: vulnerabilities can now be ignored by their ignore ID. More
- DAST: Added various checks for JBoss/Wildfly vulnerabilities.
- SAST: Added ability to ignore vulnerabilities by creating .vulnignore file within repositories or code directories. If a Ignore ID shown in report is added to the .vulnignore file, then the vulnerability will not be reported again. More
- SAST: Improved detection of Log4Shell vulnerability in Java applications.
- SAST: fixed a few false positives in Java applications (three cases reporting Information Disclosure, Log Forging and XML Injection)
- Improved license management.
- Fixed: session import option not working from session manager.
Happy bug and breach hunting!