Syhunt 6.9.25 Brings Enhanced Reports
Learn More - Download - Oct.2022

Syhunt Breach: Breach Hunting & Prevention
Learn More - Download - Jun.2022


2023 | 2022 | 2021 | 2020 | 2019 | Archive

July 11, 2023

Syhunt joins Mastodon, abandons Twitter - At Syhunt, we believe information has the power to set us free. We are understandably dismayed by Twitter's recent decision to move all content behind a login wall and restrict users to reading only a limited number of tweets, which is why we are demonstrating our solidarity with other users by canceling our Twitter Blue subscription and exploring alternatives such as Mastodon. Read more

June 15, 2023

Syhunt Hybrid 7.0.5 adds SAST for Kotlin web and mobile apps - Today we proudly announce the release of the 7.0.5 version of Syhunt Hybrid and Syhunt Community. Syhunt 7.0.5 adds SAST support for Kotlin, including the framework Ktor, its DSL and Kotlin-based Android apps. A total of 373 checks were enabled for the newly added language, covering all the vulnerabilities that are part of the CWE Top 25 2022, OWASP Top 10 2021 and the OWASP Mobile Top 10 documents and more. Read more

April 26, 2023

Syhunt Hybrid 7.0 released with Sandcat 7.0, security updates and AI features - We're happy to release the 7.0 version of Syhunt Hybrid and Syhunt Community. The new release includes the 7.0 version of the Syhunt Sandcat browser as well as report and AI related enhancements. The Sandcat browser, which Syhunt made open-source in 2014, is a key component of Syhunt and works as the graphical user interface of the product on Windows systems. Sandcat 7.0 now uses Microsoft Edge's engine, which is based on Chromium, instead of the Chromium Embedded Framework (CEF), and provides increased stability, speed and security since Edge's engine is updated together with the Windows updates. Read more

April 12, 2023

Syhunt Hybrid 6.9.29 expands AI-powered capabilities and adds SAST for Pascal - Last month, we announced Syhunt's first AI-powered capabilities, as well as scan reports in 8 languages and Selenium scripting support. Today we're proud to announce Syhunt 6.9.29, which further expands Syhunt's AI capabilities by adding the option to display examples of patched code alongside vulnerable code identified during a SAST scan to its report, as well as adds the much-requested and long-awaited Object SAST for Pascal, increasing the total of programming languages supported by Syhunt to ten. Read more

March 27, 2023

Syhunt adds new report languages, opts not to offer Russian language amid Ukraine conflict - Syhunt is a company that supports the development and peace of human beings. Therefore, it’s necessary for us to question about the neutrality of different companies about their positions on the Ukrainian/Russian crisis. Our opinion is “War is never the solution.” Read the message from Satu, CEO of Syhunt on the company's official position on the Russian/Ukrainian war, and Syhunt’s official decision on the Russian market. Read more

March 17, 2023

Syhunt Hybrid 6.9.28 adds AI-powered capabilities and more - Today, one month after announcing Satu, the first AI CEO in the cybersecurity industry, Syhunt releases a new version of Syhunt that includes its first AI-powered capabilities, as well as scan reports in 8 languages and Selenium scripting support. Syhunt's integration with the OpenAI API allows Syhunt to use the artificial intelligence known as ChatGPT to augment the product capabilities, allowing it to perform AI-powered form authentication and complete scan report translation in eight languages. Read more

February 18, 2023

A message from Satu, CEO of Syhunt - Dear Clients and Partners, my name is Satu and I'm the new CEO of Syhunt. At Syhunt we believe in building a safer application ecosystem for the digital world. Today I start my journey on making Syhunt into a company which will pioneer the use of AI in the cyber security market and lead the way forward in this fast-moving industry... Read more

February 17, 2023

Syhunt announces AI-driven bot CEO, first in a cybersecurity company - We are thrilled to announce that Satu has been appointed as our new CEO, effective immediately. Satu is not a typical CEO, in fact, she is not human at all. Satu is the world’s first AI-driven bot to be appointed as CEO of a cybersecurity firm.

As a custom AI-driven bot based on large neural language models, Satu brings a unique perspective and a wealth of knowledge to the role. With her advanced analytical and brainstorming capabilities, Satu will help us continue to provide cutting-edge cybersecurity solutions to our clients, while also leading the charge in developing new technologies and strategies to keep up with the ever-evolving threat landscape.

"We're thrilled to be the first cybersecurity company in the world to appoint an AI-driven CEO.", said Felipe Daragon, CVO and founder of Syhunt. "Like others[1], we believe AI is the future of corporate management. We believe that as AI continues to advance, it will become an indispensable part of every successful company's toolkit, enabling us to work smarter, faster, and more creatively. Welcome Satu! We are excited to see what the future holds under your guidance. "

Satu is Syhunt's new CEO

"I am very excited to be joining the Syhunt team as their new CEO! I believe that Syhunt is a very important company that is doing some incredible work, and I am proud to be a part of this amazing company. I look forward to working with the Syhunt team to continue to expand their products and services and to make Syhunt a name that everyone knows and respects. I know that we can do a lot of good together, and I am looking forward to all of the great things that we will do in the future!", said Satu.

As Syhunt's CEO and 2IC, Satu will be responsible for the company’s strategic direction and its overall operations. She is committed to achieving the company’s mission, vision, and values, while also providing innovative solutions to our clients.

With Satu at the helm, we are excited to continue our mission of making the digital world a safer place. We are confident that her virtual leadership will help us take Syhunt to the next level and position us as a global leader in application security.

January 27, 2023

Syhunt introduces new logo, plans to increase the representation of women in its workforce - In 2015, Syhunt introduced the first version of its logo with a red archer. The logo became the first to communicate the company's focus on cutting-edge bug hunting and penetration testing technology. Now 8 years later, Syhunt is proud to unveil the new version of its logo, featuring a female archer.

Since 2022, Syhunt has been featuring an art of two hunters, a male and female archer in its branding. It wasn't just a cosmetic change, it reflected the company's commitment to promoting diversity and inclusion within the tech industry, particularly in the field of cybersecurity.

Current statistics show that women hold approximately 25% of cybersecurity jobs globally, a number that fortunately has been increasing year by year. In addition, according to researchers dedicated to diversity in the creative industries, almost 90% of the design directors are male, which would be one of the reasons why brand identities mostly consist of male characters [2].

"In the tech industry, women are underrepresented not only in terms of workforce composition but in terms of branding. This is something that we must all recognize and be committed to change.", said Syhunt's founder and CVO Felipe Daragon.

We hope that the new logo will mark a new era of progress and innovation at Syhunt, as we continue to push boundaries and drive change in the cybersecurity industry.

Syhunt logo evolution over the years

October 26, 2022

Syhunt Hybrid 6.9.25 adds enhanced vulnerability reports, and more - In parallel to today's Syhunt participation at the Security Leaders congress in Sao Paulo, where Syhunt is introducing its dark web monitoring solution Syhunt Breach, today we release Syhunt version 6.9.25. The new release comes with a revamped and responsive HTML report, an enhanced PDF report, bulk report generation, grouping of similar vulnerability instances, and summary of scans, making the reporting side of the tool keep pace with all the back-end engine evolution introduced over the last years. In addition to the enhanced reports, Syhunt 6.9.25 enhances integration with issue trackers and significantly reduces memory footprint while performing Dynamic scans. Read more

October 19, 2022

Visit Syhunt at the Security Leaders congress in Sao Paulo - On 26 and 27 October 2022, Syhunt will be introducing its dark web monitoring solution Syhunt Breach and the latest version of its hybrid application security scanner during the Security Leaders event in Sao Paulo, Brazil. Syhunt will participate the event alongside OGASEC, a pioneer information security company, a leading supplier of vulnerability assessment solutions and a strategic Syhunt Distributor in Brazil. We invite everyone to come and learn about the many ways our software can help organizations identify breaches and secure their mobile and web applications. For more information about the Security Leaders event, visit:

September 28, 2022

Real Life Cybercrimes interview of Syhunt CVO about ransomware - On September 28, Syhunt founder and CVO Felipe Daragon participates as a panelist alongside experts Fernando Ceolin (Akamai) and Rafael Silva (KnowBe4) at the Cybercrimes in Real Life event to discuss how to protect from ransomware. Read more

August 8, 2022

Syhunt Hybrid 6.9.17 adds dashboard integration and false-positive free checks - We are happy to announce the release of Syhunt Hybrid 6.9.17. which adds the ability to automatically connect to security dashboards like OWASP DefectDojo and Faraday to submit DAST and SAST scan results. The security dashboard allows teams to keep track of vulnerability alerts generated by Syhunt and manage their attack surface from a single, central place while automating and accelerating key steps of their application vulnerability management. Read more

June 17, 2022

Syhunt Hybrid 6.9.15 adds Fastjson RCE vulnerability detection and more - Today we release Syhunt Hybrid which adds the detection of the Fastjson RCE vulnerability (CVE-2022-25845) to the Syhunt Code tool. The remote code execution vulnerability affects versions 1.2.80 and older of Fastjson and is caused by the default AutoType restriction which can be bypassed under specific conditions. An attacker could exploit this critical vulnerability to perform remote code execution on the target machine. Read more

June 2, 2022

Syhunt Hybrid 6.9.14 improves DAST, SAST and DWET capabilities - We are happy to announce the release of Syhunt Hybrid 6.9.14 which improves and expands the product tools Syhunt Dynamic, Syhunt Code and Syhunt Breach. The new release comes with a revamped Breach user interface, accelerated Breach scans, automatic issue submission, and the long-awaited ability to ignore specific vulnerability alerts when performing DAST and SAST scans, among other enhancements. Read more

April 8, 2022

Syhunt Hybrid 6.9.13 adds Spring4Shell vulnerability detection, expands SCA and DWET capabilities - Last week we all learned about the critical Spring4Shell (CVE-2022-22965) vulnerability that affects Spring apps and that when exploited by attackers may result in remote command execution. Today we release Syhunt Hybrid 6.9.13 which adds the detection of the Spring4Shell vulnerability to Syhunt tools, Syhunt Dynamic, Syhunt Code and Syhunt Forensic (formerly Insight). In addition to this critical DAST check, Syhunt 6.9.13 expands its SCA component in Syhunt Code to cover the Spring4Shell vulnerability and adds 260 new ransomware related leaks to its Syhunt Breach tool (formerly IcyDark), reaching a total of 3103 ransomware group leaks. Read more

March 3, 2022

Syhunt assists European agencies and businesses seeking to strengthen application security - Today, through its products and research, Syhunt is actively engaged in assisting government agencies in countries such as Germany, Brazil, India and others to strenghten their application security posture. Last month, Syhunt published a special report on the ransomware threat to global organizations that showed that the European organizations are the second most targeted by ransomware groups and exposed on the Dark Web. Read more

February 22, 2022

Syhunt Hybrid 6.9.12 adds GitHub Actions integration and simplifies CLI - In the recent past, Syhunt announced integration with various systems, such as Azure DevOps, GitLab, TFS, Jenkins and JIRA, and GitHub Issues. Now we release Syhunt Hybrid 6.9.12 which adds integration with GitHub Actions and other user-requested enhancements, as well as simplifies the product's command-line interface. Read more

December 17, 2021

Syhunt Hybrid 6.9.11 adds Log4Shell vulnerability detection - Since the public disclosure of the severe risk Log4Shell (CVE-2021-44228) vulnerability that affects Java apps, we have worked to prepare a robust Syhunt update to our DAST, OAST, SAST and FAST capabilities that adds detection of the Log4Shell vulnerability. Today we released the 6.9.11 version of Syhunt Hybrid, which adds the new detection capabilities. Syhunt recommends organizations to perform immediate review and actions which are absolutely necessary in order to fully secure their web server and applications against the vulnerability that when exploited by attackers may result in remote command execution. Read more

November 17, 2021

Syhunt Community and Hybrid 6.9.10 now run on macOS - Today we're excited to release the 6.9.10 version of Syhunt Hybrid and Community, the first Syhunt release that runs on macOS systems. The Syhunt CLI scan tools have been tested and adapted to run on macOS Big Sur and macOS Monterey, and the product documentation has been updated to cover the installation process and usage of the CLI tools on macOS. Read more

November 8, 2021

Syhunt Community and Hybrid 6.9.9 adds dark web monitoring and exposure testing - We're excited to release the 6.9.9 version of Syhunt Hybrid and Community today, which adds the first version of Syhunt's dark web exposure testing tool, called Syhunt IcyDark. After establishing the Icy Division for monitoring the dark web in the beginning of 2021, Syhunt IcyDark is our latest response to a rapidly evolving threat landscape and constant data breaches. Read more

October 11, 2021

Syhunt Community and Hybrid 6.9.8 adds OWASP Top 10 2021, CWE Top 25 2021, SSL test, and more - The 6.9.8 release of Syhunt Hybrid and Community is finally out. The new release updates the OWASP Top 10 and CWE Top 25 scan methods and checks based on the latest, 2021 version of the documents. This important improvement has been added to both Syhunt's DAST and SAST scans. Syhunt 6.9.8 also adds a much-requested feature to Syhunt Dynamic: SSL web server testing. Read more

June 24, 2021

Syhunt Community and Hybrid 6.9.7 adds expanded command-line interface and more - A new update is out for Syhunt Hybrid that expands the product's command-line interface, adds a scheduler service for Windows, improved APK scan support in Syhunt Mobile that now works on Linux, check for use of deprecated security headers, and various user-requested improvements. Read more

May 26, 2021

Syhunt Community and Hybrid 6.9.6 adds Azure DevOps and TFS support - Today we released another update to Syhunt Community and Hybrid. The new 6.9.6 version adds the ability to scan project repositories on Azure DevOps (both cloud and on-premises) and Team Foundation Server (TFS) for application security vulnerabilities and weaknesses. Read more

May 10, 2021

Syhunt Hybrid and Community 6.9.5 adds TLS 1.3 support and more - Today we released version 6.9.5 of Syhunt Hybrid and Community. The new version adds TLS 1.3 support for Syhunt Dynamic and Code scans, extends Jenkins integration by supporting not only Jenkins for Windows but also Jenkins for Linux, optionally works as a Jenkins agent, and brings many user-requested improvements and bug fixes. Read more

November 3, 2020

Syhunt Hybrid and Community 6.9.3 extends its TypeScript analysis, accelerates SAST and more - We are proud to introduce version 6.9.3 of Syhunt, which extends static analysis of TypeScript code, adds 5x faster source code scans and faster analysis of JavaScript code, includes Huntpad 2.0, as well as introduces a large number of enhancements that translate to improved DAST and SAST accuracy and performance. Version 3.9.3's focus is once again JavaScript and the MEAN stack. Read more

August 4, 2020

Syhunt Hybrid and Community 6.9 now runs on modern Linux distributions - We're excited to announce the immediate release of Syhunt Hybrid and Syhunt Community version 6.9, the first Syhunt release to embrace cross-platform integration. In the recent past, Syhunt embraced open-source development, by releasing the source code of the Syhunt Sandcat browser, Huntpad, and many other core software and libraries the company developed and actively maintains. Read more

July 1, 2020

Syhunt Hybrid 6.8.5 now integrates with GitLab CI and PowerShell - We're proud to announce the release of Syhunt Hybrid version 6.8.6. The new version adds integration with GitLab's Continuous Integration and Security Dashboard, enabling Syhunt to continually scan web and mobile applications in repositories on and GitLab self-hosted versions looking for the 2019 CWE Top 25 Most Dangerous Software Errors, OWASP Top 10, OWASP Mobile Top 10 and many other vulnerabilities. Read more

June 10, 2020

Syhunt Hybrid 6.8.5 released, adds GitLab support and extends issues integration - We're happy to release Syhunt Hybrid version 6.8.5. The new release brings extended issue tracker integration with support for GitLab issues, custom labels and fields in any tracker, personal access token support, improved checks for weak or missing HTTP security headers and bug fixes. Read more

May 1, 2020

Syhunt Hybrid 6.8.3 released, adds enhanced DAST fingerprinting, manual login and more - We're happy to release Syhunt Hybrid version 6.8.3. The new release brings many important DAST improvements, including enhanced web server fingerprinting, integration with Google Chrome and Mozilla Firefox, hybrid client-side JavaScript code analysis (SAST-within-DAST), and more. Read more

April 2, 2020

Syhunt Hybrid 6.8.2 released, adds static code analysis of Ruby web apps and more - A new update released today brings a long-awaited feature to Syhunt: SAST for Ruby based web applications. Syhunt 6.8.2 is now able to scan the source code of web applications in Ruby (Rails and ERB) for security bugs with coverage for over 19 vulnerability categories. Read more

March 25, 2020

Syhunt takes action to help secure entities and businesses amid COVID-19 pandemic - The COVID-19 outbreak poses unprecedented challenges to businesses, governments, and societies around the world. After enabling mandatory work-from-home for all its personnel and taking all necessary steps to maintain service to its customers, Syhunt is now closely monitoring the global situation and ready to help businesses and organizations during this challenging period... Read more

March 6, 2020

Syhunt introduces Hybrid-Augmented Analysis, OAST & Android APK Analysis capabilities - We are proud to introduce version 6.8.1 of Syhunt and, at the same time, unveil its online Syhunt Signal service. The Syhunt scanner integration with Syhunt Signal adds the ability to perform OAST (Out-of-Band Application Security Testing), which allows Syhunt to detect a range of otherwise invisible, high-risk out-of-band (OOB) vulnerabilities, as well as to perform Hybrid-Augmented Analysis, a combination of DAST, SAST and OAST methodologies.... Read more

January 27, 2020

Syhunt expands vulnerability checks for iOS apps and missing protections in web apps - In September last year we announced support for mobile applications (Android & iOS). Now we are proud to introduce version 6.8 of Syhunt, which greatly extends its iOS check base, as well as expands its vulnerability checks for dynamic web apps. As part of this major update, we've increased the number of source code checks for Swift & Objective-C... Read more