Syhunt now supports ASP.NET, Perl, PHP, Python, Java, JS and Lua code
It was only last month that we announced the addition of SAST (static application security testing) for Java to Syhunt, but good news, we have a new update to share today which brings SAST for Node.js based web applications. Syhunt 6.2 is able to scan the source code of Node.js web applications for security vulnerabilities with coverage for the Express and Koa frameworks. Because Syhunt was already able to dynamically test Node.js and MongoDB based web apps for vulnerabilities, this update makes Syhunt an ideal tool for both penetration testing and code review (DAST and SAST) of web apps built using the MEAN stack - MongoDB, Express.js, AngularJS & Node.js.
Code Checks for Node.js (Stable)
Syhunt 6.2 adds security code checks targeting Node.js web apps, covering:
- Cross-Site Scripting (XSS)
- SQL Injection
- Code Injection
- Unvalidated Redirect
- File Manipulation
- Command Execution
- HTTP Header Injection
- Log Forging
- Server-Side Request Forgery
- Input filtering/validation analysis
Note: Checks above in gray color are only available in the professional editions of Syhunt.
We hope you enjoy the new release!