FREE ACCESS & MORE: Syhunt takes action to help secure entities and businesses amid COVID-19 pandemic Read now

Installation Guide

The information in this document applies to version 6.9.1 of Syhunt Hybrid.

Introduction

Released in August 4, 2020 and shipped with a Java installer, Syhunt Hybrid 6.9 is a multi-platform application security scanner that runs on both Windows 64-bit and 64-bit Linux, such as CentOS and Ubuntu Desktop/Server with near zero effort and out-of-the-box on Kali Linux and Parrot Security operating systems. Syhunt Hybrid allows to perform web and mobile application security testing (DAST and SAST) and integrate with a variety of systems for continuous integration and scanning. Syhunt licenses allow you to have access to both the Windows and a Linux version of the product.

Comparison Between Syhunt Versions

 Hybrid for WindowsHybrid for Linux
InterfaceGUI, CLI and RESTCLI and REST
 
Augmented Dynamic Analysis (DAST + OAST)
Web Application Source Code Analysis (SAST)
Mobile Application Source Code Analysis (MAST)
Forensic Analysis (FAST)
Integrations Shell (PowerShell)
Issue Trackers (GitHub, GitLab, JIRA...)
CI/CD Tools (GitLab & Jenkins)
Supported WAFs for Virtual Patching
Shell (Bash)
Issue Trackers (GitHub, GitLab, JIRA...)
CI/CD Tools (GitLab & Jenkins)
Supported WAFs for Virtual Patching
Scan Scheduler Coming in the next update
OSes/Distributions Compatibility Windows 10
Windows 7
Windows Server 2008 to 2019
Officially:
Ubuntu Server/Desktop 18 and later
CentOS 7 and later (Minimal or Everything)
Unofficially (Successfully Tested):
See the list
AvailabilityAvailable Now (Native Win64 Binaries)Check Availability of Native Binaries for your distro
Available Now (Wine-Powered Installation)

Installing Syhunt on Windows

Syhunt Hybrid for Windows (Full Version)

If you are a registered customer: Please follow the initial steps in our welcome guide to download, install and start using the full version of Syhunt Hybrid.

If you are a community (non-registered) user, you can use Syhunt Community:

Syhunt Community for Windows (Free Version)

  1. (Optional) Download and install GIT for Windows (if you have not done so yet) if you plan to scan GIT repositories with Syhunt
  2. Download Syhunt Community (syhunt-community-6.9.4.exe)
  3. After downloading the exe file, double-click its icon to launch it.
  4. You should read carefully the EULA presented to you on installation before accepting it.
  5. It's an easy next-next-finish installation process. When you click Finish, Syhunt will be launched and is ready for use - you should immediately see the Launcher screen.

Syhunt Community ˣ⁶⁴ CLI for Windows (Free Version)

  1. Download Java and install it (if you haven't done so already)
  2. (Optional) Download and install GIT for Windows (if you have not done so yet) if you plan to scan GIT repositories with Syhunt
  3. Download Syhunt Community Core (syhunt-community-6.9.4.jar)
  4. After downloading the jar file, double-click its icon to launch it.
  5. You should read carefully the EULA presented to you on installation before accepting it.
  6. It's an easy next-next-finish installation process. When you click Finish, Syhunt CLI tools are ready for use.

What's next? Read our quick start and integration guides.

Installing Syhunt on Linux

Syhunt Hybrid ˣ⁶⁴ for Linux (Full Version)

If you are a registered customer: Please follow the initial steps in our welcome guide to download, install and start using full version Syhunt Hybrid.

If you are a community (non-registered) user, you can use Syhunt Community:

Syhunt Community ˣ⁶⁴ for Linux (Free Version)

Syhunt Community for Linux is now available for download. This is the Carbon version (Wine-Powered installation of Syhunt), compatible with most 64-bit Linux desktop and servers. Native ELF binaries for Syhunt Community for Linux are in the final stages of development and expected to become available gradually from October 2020 onwards - those will run without the need of having Wine installed and are expected to be available for Ubuntu and CentOS distributions.

Follow the Syhunt installation guide for the Linux distribution you use.

DistributionGuide Difficulty Level
Kali LinuxZero, Out-of-the-box
Parrot OSZero, Out-of-the-box
FedoraVery Easy
MX LinuxVery Easy
Ubuntu Desktop/ServerEasy
CentOS (Everything/Minimal)Easy
DebianEasy
openSUSEEasy
KDE NeonEasy
DeepinEasy
ManjaroEasy
Red Hat Enterprise (RHEL)Easy
Arch LinuxMedium
Linux Mint20: Easy, 19 or later: Medium
Elementary OS5.1: Easy, 5.0: Unsupported
SolusUnsupported (Unstable)

System Requirements

Syhunt Hybrid (including its Community Edition) can be installed on 64-bit Windows or 64-bit Linux, but it is able to analyze applications designed for any target platform, including Android, Apple iOS and MacOS, BSD, Linux, Windows, Solaris and Unix, independently of the platform it is executed from.

  1. 4GB of available RAM (8GB recommended)
  2. 1GB of free disk space*
  3. Internet Connection (recommended for code scans and dynamic scans and some features)
  4. One of the following compatible 64-bit operating systems:
    1. Windows 7, 8 or 10, or Windows Server 2008 to 2019
    2. Ubuntu Server or Desktop 18 or higher
    3. CentOS 7 or 8 (Minimal or Everything)
    4. Any unofficially supported Linux distribution such as the ones listed below.
  5. (Optional) GIT on Linux or GIT for Windows (optional for GIT repository scans)
  6. Java or Java Headless installed on Linux OS
  7. If native binary is not available for your specific Linux distribution yet, Wine64 Stable (3, 4 or 5) is required to be installed.
  8. (Optional) Java 8 or higher (optional for Android APK file scan)

* This does not include the space required to save scan session data, which varies depending on the website or source code being analyzed and the scan frequency.

Compatible Linux Distributions

Officially Supported:
Ubuntu Server/Desktop 18.10 and later
CentOS 7.7 and later (Minimal or Everything)
Unofficially (Successfully Tested):
Kali Linux 2019 and later
Parrot OS 4.1, 4.7 and later
Debian 9.11 and later
Linux Mint 19.2 and later
OpenSUSE Leap 15.1 and later
Fedora 32
MX Linux 19.1 and later
KDE Neon 2020.03 and later
Deepin 15.9
Manjaro 19
Arch Linux 2019 and later
Unsupported:
Elementary OS 5.1 (Successfully Tested), 5.0 (Unsupported)
CentOS 6.1 (Successfully Tested)
Solus 4.1 (Unstable)

Internet Connection Requirements

The machine on which Syhunt is installed must be allowed to open HTTP(S) requests to the following Internet addresses:

DomainPortsFeature
Specific target domain(s)80, 443*The domain hosting the web application or codebase you want to scan
Any or specific asset domain(s)80, 443Optional, if you want externally hosted JavaScript files and assets to be analyzed during DAST or SAST (Recommended)
www.syhunt.com80, 443Required (Assets for HTML/PDF generation, update notification, auto-updating, and more)
signal.syhunt.com80, 443Required during DAST for performing OAST (Important)
fonts.googleapis.com80, 443Required (Assets for HTML/PDF generation - Fonts)
www.google.com443Required (Assets for HTML/PDF generation - Google's JSAPI)
www.gstatic.com443Required (Assets for HTML/PDF generation - Google's JSAPI)

* If your target is using a non-standard port (eg, 8080), or you want to connect to a GIT address using SSH, or other protocols, you need to allow these ports as well.

If you use a personal firewall, you'll just have to let the firewall know that Syhunt is authorized to make connections to the Internet.

Finishing the Installation

  1. Download Syhunt Community or Syhunt Hybrid using a web browser like Chrome or Firefox, wget or curl command.
  2. Run the Syhunt setup application (On Windows and Linux distros the setup will run if you just open the file after giving it the appropriate permission):
    • Hybrid: java -jar syhunt-hybrid-6.9.4.0.jar
    • Community: java -jar syhunt-community-6.9.4.jar
  3. Alternatively, on Linux, if you have binfmt-support installed (sudo apt install binfmt-support, to install it), give the jar file executable permission (chmod a+rx setupfilename.jar or using the file properties of the jar file) and execute it directly:
    • Hybrid: ./syhunt-hybrid-6.9.4.0.jar
    • Community: ./syhunt-community-6.9.4.jar
  4. Read carefully the EULA presented to you on installation before accepting it.

It's an easy next-next-finish installation process. When you click Finish, Syhunt tools are ready for use.

Syhunt will (by default) be installed in /home/[user]/syhunt-hybrid or /home/[user]/syhunt-community

Console mode

Alternatively, if the Syhunt setup is running in console mode:

  1. Give 1 to accept after reading EULA (if you agree with its terms) or 2 to reject it (if you reject the terms, you cannot install and use Syhunt)
  2. Press enter to install using the default installation path
  3. Enter 1 to continue the installation
  4. Enter Y (Yes) to install Syhunt Core
  5. Enter 1 to continue. After that you should see a message saying: console installation done.

What's next? Read our quick start and integration guides.

Updating Syhunt

You can download and install the updates directly from the Syhunt website. If you have Syhunt Hybrid version 6.8.4 or higher, Syhunt will also notify you about new releases both in its Launcher interface and reports.

On Linux, you can use the command scanupdate to check for updates. If updates are available, Syhunt will ask if you want to download and install them. If you call scanupdate auto, Syhunt will check for updates and automatically install them when the command is executed without asking for user confirmation.

There is no need to uninstall Syhunt before installing a new version, unless you are updating Syhunt Community CLI under Windows.

Uninstalling Syhunt

On Windows operating systems, Syhunt creates a uninstall shortcut in the Start Menu under the Syhunt Community or Syhunt Hybrid folder, and an uninstall entry in the Program and Features area of the Windows Control Panel which allow to uninstall Syhunt completely.

On Linux operating systems, go to the directory where you installed Syhunt and execute the command:

java -jar Uninstall.jar