RESPONSE: Syhunt Hybrid already detects the Fastjson, Spring4Shell & Log4Shell RCE vulnerabilities Learn more

Syhunt License Options

The Syhunt scanner comes in many editions, each targeted at a different set of needs. All licenses include 1 seat and 1 to 3 years of technical support, upgrades and vulnerability updates.

Product NameProduct CodeTypes of TestingNo. of Targets
Syhunt Hybrid InfinityHYB-INF-CNL Unlimited targets with:
No language restriction for DAST/SAST/MAST
DWET limited to one domain
Syhunt Hybrid DiamondHYB-DIA-UNL Unlimited targets with:
Three (3) language restriction for DAST/SAST.
DWET limited to one domain
Syhunt Hybrid Platinum PlusHYB-PLS-UNL Unlimited targets with:
Three (3) language restriction for DAST/SAST
Syhunt Hybrid PlatinumHYB-PLA-UNL Unlimited targets with:
Three (3) language restriction for DAST/SAST
Syhunt Hybrid OneHYB-STD-WLC
HYB-ONE-DOM
One (1) Domain target with:
Three (3) language restriction for DAST/SAST
Surface-to-dark web leak monitoring
Syhunt Breach FiveBRE-005-DOM Five (5) Domain targets with:
Surface-to-dark web leak monitoring
Three (3) language and 45-day restriction for DAST/SAST
Syhunt Breach ThreeBRE-003-DOM Three (3) Domain targets with:
Surface-to-dark web leak monitoring
Three (3) language and 45-day restriction for DAST/SAST
Syhunt Breach OneBRE-ONE-DOM One (1) Domain target with:
Surface-to-dark web leak monitoring
Three (3) language and 45-day restriction for DAST/SAST
Syhunt Dynamic InfinityDYN-INF-CNL Unlimited targets with:
No language restriction for DAST
Syhunt Dynamic AugmentedDYN-AUG-UNL Unlimited targets with:
Three (3) language restriction for DAST
Syhunt Code InfinityCOD-INF-CNL Unlimited targets with:
No language restriction for SAST/MAST
Syhunt Code PlusCOD-PLS-UNL Unlimited targets with:
Three (3) language restriction for SAST
Syhunt Code (Web)COD-WEB-UNL Unlimited targets with:
Three (3) language restriction for SAST
Syhunt MobileCOD-MOB-UNL Unlimited targets with:
No mobile language restriction

Syhunt Hybrid Infinity

Allows to scan both web applications and mobile applications for vulnerabilities and to monitor one (1) domain for surface to dark web leaks. Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. Permission to use Syhunt in consultant services to scan your customers (if applicable) is included.

Product NameSyhunt Hybrid Infinity
SKU/Product CodeHYB-INF-CNL
Types of TestingDAST, OAST, SAST, FAST, MAST & DWET
No. of TargetsUnlimited targets (with DWET only limited to a single domain of your ownership)
Language SupportUnlimited Web languages. Unlimited Mobile languages.
Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Product Datasheet Product Brief

Syhunt Dynamic Infinity

Comes with a wide array of features to detect and help you fix your web application security vulnerabilities with minimal effort. Tests the web application response to thousands of different web attacks often carried by real-world adversaries, including inferential, in-band and out-of-band attacks through Augmented Dynamic Analysis (OAST). This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. Permission to use Syhunt in consultant services to scan your customers (if applicable) is included.

Product NameSyhunt Dynamic Infinity
SKU/Product CodeDYN-INF-CNL
Types of TestingDAST & OAST
No. of TargetsUnlimited
Language SupportPHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Product Brief

Syhunt Code Infinity

Enables developers and QA (Quality Assurance) testers to automatically scan any kind of mobile or web application source code for potential security vulnerabilities. This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. Permission to use Syhunt in consultant services to scan your customers (if applicable) is included.

Product NameSyhunt Code Infinity
SKU/Product CodeCOD-INF-CNL
Types of TestingSAST & MAST
No. of TargetsUnlimited
Language SupportWeb - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Product Datasheet Product Brief

Syhunt Hybrid Diamond

Allows to scan both web applications and mobile applications for vulnerabilities and to monitor one (1) domain for surface to dark web leaks. Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Hybrid Diamond
SKU/Product CodeHYB-DIA-UNL
Types of TestingDAST, OAST, SAST, FAST, MAST & DWET
No. of TargetsUnlimited targets (with DWET only limited to a single domain)
Language SupportRestricted to three (3) Web languages. Unlimited Mobile languages.
Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Product Datasheet Product Brief

Syhunt Hybrid Platinum Plus

Allows to scan both web applications and mobile applications for vulnerabilities. Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Hybrid Platinum Plus
SKU/Product CodeHYB-PLS-UNL
Types of TestingDAST, OAST, SAST & MAST
No. of TargetsUnlimited
Language SupportRestricted to three (3) Web languages. Unlimited Mobile languages. Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Product Datasheet Product Brief

Syhunt Hybrid Platinum

Combines comprehensive static and dynamic security scans to detect vulnerabilities like XSS, File Inclusion, SQL Injection, Command Execution and many more, including inferential, in-band and out-of-band attacks through Hybrid-Augmented Analysis (HAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Hybrid Platinum
SKU/Product CodeHYB-PLA-UNL
Types of TestingDAST, OAST & SAST
No. of TargetsUnlimited
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Product Brief (Platinum & Standard)

Syhunt Dynamic Augmented

Comes with a wide array of features to detect and help you fix your web application security vulnerabilities with minimal effort. Tests the web application response to thousands of different web attacks often carried by real-world adversaries, including inferential, in-band and out-of-band attacks through Augmented Dynamic Analysis (OAST). This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Dynamic Augmented
SKU/Product CodeDYN-AUG-UNL
Types of TestingDAST & OAST
No. of TargetsUnlimited
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Product Brief

Syhunt Code Plus

Enables developers and QA (Quality Assurance) testers to automatically scan any kind of mobile or web application source code for potential security vulnerabilities. This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Code Plus
SKU/Product CodeCOD-PLS-UNL
Types of TestingSAST & MAST
No. of TargetsUnlimited
Language SupportWeb - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Product Datasheet Product Brief

Syhunt Code (Web)

Enables web developers and QA (Quality Assurance) testers to automatically scan any kind of web application source code for potential security vulnerabilities This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Code (Web)
SKU/Product CodeCOD-WEB-UNL
Types of TestingSAST
No. of TargetsUnlimited
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Datasheet

Syhunt Mobile

Enables publishers, developers and QA testers to automatically scan Android and iOS mobile apps for the OWASP Mobile Top 10 and other vulnerabilities. Find the vulnerable portions of the code in minutes and patch them before making app updates available to users. This license covers multiple supported languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times.

Product NameSyhunt Mobile
SKU/Product CodeCOD-MOB-UNL
Types of TestingMAST
No. of TargetsUnlimited
Language SupportJava (Android), Swift, Objective-C, C, C+ & JavaScript, including Node.js
Product Datasheet Datasheet

Syhunt Breach Five

Allows to monitor five (5) domains for surface to dark web leaks. Includes additional capabilities with some restrictions: its DAST & SAST capabilities are only available during the first 45 days of the year. If there is a need for regular (365-day) DAST/SAST scanning and integration, the HYB-DIA-UNL license is recommended instead of this one.

Product NameSyhunt Breach Five
SKU/Product CodeBRE-005-DOM
Types of TestingDAST, OAST, SAST, DWET & FAST
No. of TargetsWildcard (domain target 5, scored targets 25)
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Datasheet

Syhunt Breach Three

Allows to monitor three (3) domains for surface to dark web leaks. Includes additional capabilities with some restrictions: its DAST & SAST capabilities are only available during the first 45 days of the year. If there is a need for regular (365-day) DAST/SAST scanning and integration, the HYB-DIA-UNL license is recommended instead of this one.

Product NameSyhunt Breach Three
SKU/Product CodeBRE-003-DOM
Types of TestingDAST, OAST, SAST, DWET & FAST
No. of TargetsWildcard (domain target 3, scored targets 15)
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Datasheet

Syhunt Hybrid One

Allows to scan web applications for vulnerabilities and to monitor one (1) domain for surface to dark web leaks. This license is restricted to three (3) Web languages and allows to scan a wildcard target (a domain and its subdomains), which can be scanned for an unlimited number of times.

Product NameSyhunt Hybrid One
SKU/Product CodeHYB-ONE-DOM
Types of TestingDAST, OAST, SAST, DWET & FAST
No. of TargetsWildcard (domain target 1, scored targets 10)
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Datasheet

Syhunt Breach One

Allows to monitor one (1) domain for surface to dark web leaks. Includes additional capabilities with some restrictions: its DAST & SAST capabilities are only available during the first 45 days of the year. If there is a need for regular (365-day) DAST/SAST scanning and integration, the HYB-ONE-DOM license is recommended instead of this one.

Product NameSyhunt Breach One
SKU/Product CodeBRE-ONE-DOM
Types of TestingDAST, OAST, SAST, DWET & FAST
No. of TargetsWildcard (domain target 1, scored targets 10)
Language SupportThree (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Product Datasheet Datasheet

Target Types

Targets supported by a product license can be:

  • Unlimited target: This license is restricted to three (3) Web languages and allows to scan unlimited targets, which can be scanned for an unlimited number of times. For DAST, the license allows to scan multiple domains and all its subdomains. For SAST, any GIT URL can be scanned.
  • Domain target: This license allows to scan a domain target, which can be scanned for an unlimited number of times.
    • This license is restricted to three (3) Web languages and allows to scan a wildcard target (a domain and its subdomains), which can be scanned for an unlimited number of times. For DAST, the license allows to scan a single domain and all its subdomains. For the same target, you can optionally have a development domain and a production domain. For SAST, multiple repositories can be scanned within a single GIT user in a single source code control domain.
    • For DWET, the license allows to scan a single domain, or a limited number of domains as described in the license terms, including their subdomains. Each domain authorization come with the right to check the breaches and score of the authorized domain and its subdomains, and include the right to check the score between 1 to 25 third-party domain(s) or subdomain(s) as described in the license terms.
    • Restrictions apply to governamental domains breach checking and scoring: each governamental subdomain checked count as an additional domain, requiring a separate domain license.
    • Restrictions apply to third-party domain scoring: each third-party domain or subdomain checked count as an additional scored domain. Third-party domains that are governamental or military cannot be scored as explained in the Syhunt Score terms. Third-party score query does not include access to compromised data that relates to queried domains.
    • In the case of the bulk discount (from 25 domains onwards), each domain will include a maximum of 2 scored targets per domain. This means that if the user licensed 25 domains, the user can check the score of up to 50 domains: 25 authorized domains and 25 third-party domains. If needed, this number can be increased by purchasing a Breach Score extension license.
Target CodeNo. of TargetsNo. of LanguagesExamples
CNLUnlimited targets (with consultant usage permission)All supported languages, including:
Web - PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Scan URL:
www.mydomain1.com
www.mydomain2.com
Scan Code:
anygit.com/anyuser/anyproject.git
UNLUnlimited targetsWeb - Three (3) languages, selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python & Ruby
Mobile - All supported languages, including Java, Swift, Objective-C, C, C+ & JavaScript, including Node.js
Scan URL:
www.mydomain1.com
www.mydomain2.com
Scan Code:
anygit.com/anyuser/anyproject.git
DOMDomain (Wildcard) target
*.mydomain.com
mygit.com/user/*.git
Three (3) supported languages.
Selectable between PHP, classic ASP, ASP.NET, Java, Node.js, Lua, Perl, Python or Ruby
Scan URL:
mydomain.com
www.mydomain.com
subdomain1.mydomain.com
subdomain2.mydomain.com
Scan Code:
mygit.com/user/project1.git
mygit.com/user/project2git
mygit.com/user/project3.git

Types of Testing

SASTStatic analysis of the security of a web application's source code
MASTStatic analysis of the security of a mobile application's source code (Android & iOS) and Android APK file
DASTDynamic analysis of the security of a web application security with deep crawling and parameter injection
OASTAugmented dynamic analysis of the security of a web application security with out-of-band (OOB) techniques
HASTHybrid-Augmented analysis of the security of web applications, on which the results of the static analysis are automatically used to enhance its augmented dynamic analysis
DWETSurface to dark web exposure analysis of Internet domains
FASTForensic analysis of the security of a web application through the analysis of web server log files

License Models, Terms & Conditions

CodePeriodSKU Example
1YRSubscription valid for a one (1) year period.HYB-PLS-UNL-1YR
2YRSubscription valid for a two (2) year period.HYB-PLS-UNL-2YR
3YRSubscription valid for a three (3) year period.HYB-PLS-UNL-3YR
PERPerpetual
Perpetual license valid for lifetime, with an annual renewal cost for software maintenance.
HYB-PLS-UNL-PER
  1. A yearly subscription license (1YR, 2YR or 3YR) grants the user with a valid license key for the product for a limited period. When the period expires, the user needs to purchase a new license key in order to continue using Syhunt. A subcription license comes with 1 to 3 years of software maintenance. Upon expiration of the limited period, if the subscription is not renewed, the Syhunt license shall automatically become disabled.
  2. A perpetual license grants the user with a valid license key for the product for an indefinite period. This lifetime license key will be valid only for the productís version that was ordered. The perpetual license comes with 1 year of software maintenance from date of purchase.
  3. Software maintenance - a yearly support plan based on annual renewals that grants the user the right to product updates, tech support and integration with its online services, such as Syhunt's OAST service Syhunt Signal. The product update right means that the user is entitled to new version and updates of the software for free during the period of the maintenance plan, which is effective for a period up until one year, after which the user needs to extend it. The user is encouraged to purchase maintenance annually with no lapse.
  4. Syhunt's End User License Agreement (EULA) apply as well to any of the licenses above. The EULA must be accepted prior to installing and running the software.
  5. Syhunt is licensed per seat - a seat is a device, as explained below.

Seats & Integrations

  1. Syhunt is licensed per device, whether physical or virtual, and not per user. Each virtual machine on the same host PC needs it's own license for Syhunt.
  2. Each license allows installation on 1 device.
  3. If a Jenkins agent or Jenkins server, or GitLab runner agent, is installed and configured on this device, they can integrate and interoperate with the installed, licensed copy of Syhunt, allowing Syhunt to be called from within pipeline scripts, as documented in our integrations documentation.
  4. Due to the availability of Syhunt for Linux and macOS, the Syhunt license that allows to install Syhunt into a single device now allows two devices during the first 90 days, as long as the first device is a Windows machine and the second device a Linux or macOS machine. After the initial 90 day period, you need to select between the Windows, Linux or macOS version of Syhunt, which must be used on a single device.
  5. If you have a license with permission for multiple devices or if you purchase additional licenses of Syhunt to be installed on additional devices, when installing Syhunt on such additional devices, it will be necessary to select between the Windows, Linux or macOS version of Syhunt.