The information in this document applies to version 6.9.14 of Syhunt Breach.
Table of Contents
Syhunt Breach can help you map data leaks on the surface, deep and dark layers of the web that affect your organization, including file and credential exposures, and allows you to compare the privacy and security score of your Internet domains based on their track record and testing results.
Follow along with this guide to learn how to perform a domain check and generate a security report.
After it finishes loading, you can click Generate a Report to save the results as a HTML report or any other prefered format.
scandark [target] -hm:[a huntmethod]]
// Example:
scandark mydomain.com
Syhunt scandark tool reports are automatically generated and saved unless the -nr parameter is provided. You can also open the session by launching Syhunt and using the Menu -> Past Sessions option.
The following parameters can be provided when calling the scandark tool, all of which are optional:
Parameter | Description | Default Value |
sn:[name] | A session name that must be unique. If omitted, an unique ID will be generated and assigned | auto generated ID |
hm:[name] | the Hunt Method to be used during the scan. If omitted, the default method will be used | darkplus |
nr | Disables the report generation after scanning | |
or | Opens report after generation | |
er | Emails report after generation | |
tk:[trackername] | Sends breaches to a tracker after scanning. Can be combined with the -pfcond parameter | |
tk2:[trackername] | Same as above | |
tk3:[trackername] | Same as above | |
rout:[filename] | Sets the report output filename and report format | Report_[session name].html |
rtpl:[name] | Sets the report template | Standard |
xout:[filename] | Sets the export output filename and report format | Export_[session name].xml |
xout2:[filename] | Sets a second export output filename and report format | Export_[session name].xml |
pfcond:[condition] | Sets a pass/fail condition to be reported | |
nv | Turn off verbose. Error and basic info still gets printed | |
tml:[time] | Sets the maximum scan time limit (eg: 1d, 3h, 2h30m, 50m) | No limit |
about | Displays information on the current version of Syhunt | |
help (or /?) | Displays the list of available parameters |
The Domain preferences screen allows you to assign special properties to a domain which can extend the Dark Web analysis about the domain. If before starting a scan you checked Edit domain preferences before starting scan, the Domain Preferences screen will open.
Under Extended Analysis, click the Properties button. You can now enter one or more property lines. The following is a list of accepted property lines:
creg:[XXNUMBER] | Allows to associate a company registration number with the domain (eg: UK08888880) |
After purchasing a copy of the full-featured Syhunt Breach Scanner, you must select between the online mode or the offline mode:
To protect identified leaked information of its customers, Syhunt adopted various strong security measures including segregating and securing data per domain with unique encryption passphrases. This allows Syhunt to use external cloud partners to store the identified leaked information securely without the risk of exposing any consolidated data leak details of its customers to unauthorized third-parties, such as the list of leaked credentials, file exposure details, leak download addresses among other leak-related details. In addition to file encryption, Syhunt adopts partially masking and bCrypting of leaked passwords with a high cost factor within the encrypted files.
Because the encryption passphrase is different for each domain, you can only download or import dumps related to your authorized Internet domains.
The Syhunt Breach Score is a score of an Internet domain based on publicly available Internet information about its privacy and security track record which is dynamically calculated by the Syhunt Breach software at the end of a Dark Web Scan Plus check. The Breach Score varies from Very Poor to Excellent and takes into account various information from the last 5 up to 15 years.
Today the Breach Score covers over 58 million domains from all over the globe, including regional domains from North America, South America, Europe, Africa, Asia and Oceania, and international domains.
Using the Community version, you can get an idea of what kind of information is being taken into account by Syhunt Breach to calculate the score of your domain or domains. By obtaining a trial copy of the full-featured Syhunt, you can also view the current score of your domain or domains together with limited information about any identified leaks or breaches.
When calculating a score of any domain, the following kind of public information is taken into account by Syhunt Breach:
The professional version of Syhunt Breach allows an user to compare the score of a domain with other subsidiaries of the same company and with third-parties such as partners of an organization.
The Domain preferences screen allows you to assign domains for comparison. If before starting a scan you checked Edit domain preferences before starting scan, the Domain Preferences screen will open.
Under Extended Analysis, click the Domains button. You can now enter one or more domains.
The Syhunt Breach Score is provided “AS IS” and without warranties of any kind either express or implied. For more details, please read the Syhunt EULA.
Due to active targeting by hostile foreign actors, access to the scores of .mil and .gov domains specifically have been restricted to American military and government personnel and require a special license. Country specific .mil and .gov domains also require a special license to calculate and view their scores and detailed leak information.
Before saving a report, you can change the language and add a logo that will be included with any generated reports from now on:
Now when you generate a report, it will contain your organization logo instead of Syhunt's logo.
Syhunt Hybrid (including its Community Edition) can be installed on 64-bit versions of Windows or Linux, but it is able to analyze applications designed for any target platform, including Android, Apple iOS and macOS, BSD, Linux, Windows, Solaris and Unix, independently of the platform it is executed from.
* This does not include the space required to save scan session data, which varies depending on the website or source code being analyzed and the scan frequency.
** Unofficially supported OS: means that while the product has been successfully tested and the installation process has been documented, Syhunt does not provide technical support or assistance for issues related to the product's performance on that particular OS. If you choose to use the product with an OS that is not officially supported, you may encounter compatibility issues, errors, or bugs. Therefore, it is always recommended to use a supported OS to ensure optimal performance and compatibility with the product.
Officially Supported:
Ubuntu Server/Desktop 18.10 and later
CentOS 7.7 and later (Minimal or Everything)
Unofficially (Successfully Tested):
Kali Linux 2019 and later
Parrot OS 4.1, 4.7 and later
Debian 9.11 and later
Linux Mint 19.2 and later
OpenSUSE Leap 15.1 and later
Fedora 32
MX Linux 19.1 and later
KDE Neon 2020.03 and later
Deepin 15.9
Manjaro 19
Arch Linux 2019 and later
Unsupported:
Elementary OS 5.1 (Successfully Tested), 5.0 (Unsupported)
CentOS 6.1 (Successfully Tested)
Solus 4.1 (Unstable)
For additional product documentation, visit syhunt.com/docs