Products

Syhunt Code

Dive into your source code and locate flaws

Revolutionize your web application security with Syhunt Code's cutting-edge technology. Automatically scan any type of web application source code for potential vulnerabilities with ease and pinpoint the exact lines of code that require patching.

Accelerate your development and quality assurance processes, while ensuring the highest level of security for your web applications. Trust Syhunt Code to keep you ahead of the curve and protect your web applications from potential threats.

Available for on-premises deployment for businesses using Windows, macOS and Linux.

View Product Brief View Datasheet

Syhunt Code in Numbers

Outline

Vulnerabilities Detected    2203+

Vulnerability Categories Covered    48+

Know Our Features

Features

Vulnerability Scanner

Syhunt Code has been especially designed to scan web applications for various types of issues, such as Cross-Site Scripting (XSS), File Inclusion, SQL Injection, Remote Command Execution and weak validation. By automating the process of reviewing the web application's code, Syhunt's code scanning functionality can make the life of QA testers easier, helping them quickly find and eliminate security vulnerabilities from web applications.

Deep Diving Tool

Syhunt Code allows you to go over every detail of the app to find vulnerabilities. By identifying key areas of the code, such as key HTML tags, JavaScript, XHR requests, entry points and interesting keywords, Syhunt Code can also help auditors perform code reviews better, faster and more efficiently.

Hybrid Scanner Integration

When used from within Syhunt Hybrid, Syhunt Code can also perform source code scans that are complementary to its dynamic scans. Syhunt Hybrid scans your application's source code first, then tries to remotely confirm its flaws. Supported languages include ASP, Java, JS, Lua, Perl, PHP, Python & Ruby.

Learn more



Integrations with other systems

Syhunt Code integrates with Gitlab and Jenkins for Continuous Integration (CI), JIRA, GitHub and GitLab for issue tracking, Imperva SecureSphere and F5 BIG-IP Application Security Manager (ASM) for virtual vulnerability patching, and more.

Learn more

CVSS Support

Syhunt Code comes with full support for the Common Vulnerability Scoring System, an industry standard designed to convey vulnerability severity and help determine urgency and priority of response. When a report is generated, vulnerabilities are sorted by default based on their CVSS3 score.

Learn more

MEAN Stack Coverage

Syhunt Code analyzes the source code of web applications built using the MEAN stack - this includes a large number of vulnerability checks tailored for MongoDB, Express.js, Angular (v2 and higher), AngularJS, Node.js, Koa.js, jQuery, client-side and server-side JavaScript.

Learn more

Configuration Hardening

Syhunt Code also evaluates security threats and identifies appropriate countermeasures at the web server configuration stage, providing extra protection against web hacking techniques and the highest levels of application security.

Audit & inspect web apps faster and deeper

Supported Languages

C# (Blazor, Razor Pages, ASP.NET Core MVC, ASP.NET Web Forms)
ASP Classic (VBScript & JavaScript)
Dart
Java (JEE / JSP)
JavaScript (Client and Server-Side, Node.js, Angular, AngularJS, Express.js & Koa.js)
Kotlin (Ktor)
Lua (ngx_lua, mod_lua, CGILua & Lua Pages)
Object Pascal (Delphi XE and older, Lazarus & DWS)
Perl (Mojolicious, PSGI/Plack & CGI
PHP
Python (CGI, Django, mod_python & WSGI)
Ruby (Rails & ERB)
TypeScript (Client and Server-Side, Node.js & Angular)
VB (VB.Net, ASP.NET Web Forms)

Check for all kinds of vulnerabilities

CheckCWE
Command ExecutionCWE-78
SQL InjectionCWE-89
SQL Injection (Functional)
SQL Injection (Object-Oriented)
SQL Injection (Hibernate/HQL)
File InclusionCWE-98
Local File Inclusion
Remote File Inclusion
Cross-Site Scripting (XSS)CWE-79
Weak XSS ValidationCWE-79
Hidden Entry Points
Web-Backdoors
Debug Parameters
NoSQL Injection 
Unvalidated RedirectsCWE-601
Arbitrary File ManipulationCWE-73
HTTP Response SplittingCWE-113
LDAP InjectionCWE-90
XML External Entity (XXE) InjectionCWE-827
XPath InjectionCWE-643
Server-Side Request ForgeryCWE-918
Log ForgingCWE-117
Information DisclosureCWE-497
Common Form Weaknesses 
Weak Password Hashing 

Testimonials

Syhunt has been a key tool in performing vulnerability scanning on our web applications and APIs, both in terms of efficiency and accuracy. We recently expanded our use of Syhunt to include direct scans of our source code repositories, allowing development to identify security opportunities before releasing new versions. This integration strengthens our secure development workflow, facilitating the identification and mitigation of vulnerabilities early in the software lifecycle.

Alberto Bustamante, Sales Manager, Cybersofb, Mexico

We have used Syhunt for years because it`s been the best web app security assessment tool out there. Rapidly updated to cover new vulnerabilities as they arise and very easy to use. more

Robert Davies, CEO, Stealth-ISS

More Quotes

Buy Product

Syhunt Code runs under any modern 64-bit Linux, macOS or Windows version, including Windows 10 and 11 (Specs)

Contact Us

Contact