Ignore Rules

The information in this document applies to version 6.9.14 of Syhunt Hybrid.

Examples:

  • rule:path=*,checkid=C-1603659845-9557 would prevent any vulnerability with the unique check ID C-1603659845-9557 from being reported.
  • rule:path=*,name=XSS would prevent any vulnerability with XSS in the title from being reported
  • rule:path=/demo/*,name=XSS would prevent any vulnerability with a path starting with /demo/ and XSS in the title from being reported
  • rule:path=*,"name=Web Technology Disclosure" would prevent any vulnerability with Web Technology Disclosure in the title from being reported

SAST Examples:

  • rule:path=/demo.php,lines=10 would prevent any vulnerability in line 10 from being reported
  • rule:path=/demo.php,"lines=10,11" would prevent any vulnerability in lines 10 and 11 from being reported

The following parameters can be used as part of a rule:

  • path (required) - a wildcard text (which can contain the special characters ? and *) that will be matched against the affected path
  • checkid - an ID that will be matched against the vulnerability check ID
  • name - a text that will be matched against the vulnerability title
  • params - a param name that will be matched against the affected param(s). If multiple params are provided, they must be separated by comma.
  • risk - a risk that will be matched against the vulnerability risk (can be low, medium, high or info)
  • module - a module name that will be matched against the module that detected the vulnerability (can be dyn or code). If omitted, the rule will work for both Dynamic and Code vulnerabilities
  • lines - a number or numbers that will be matched against the affected source code line(s). If multiple lines are provided, they must be separated by comma.
  • cve - a CVE ID that will be matched against the vulnerability's CVE references
  • cwe - a CWE number that will be matched against the vulnerability's CWE references

Global Rule Creation

You can also create a global rule that applies to all dynamic or code scans:

  1. Go to the Dynamic Preferences screen ( -> Preferences -> Dynamic Preferences) or go to the Code Preferences screen ( -> Preferences -> Code Preferences).
  2. Go to the Advanced tab and click the Vulnerabilities... button
  3. Click the plus button and add using the input dialog a new rule.

Contact Us

Contact