Syhunt Hybrid and Community 6.9.3 extends its TypeScript analysis, accelerates SAST and more
New Code Checks & Improvements
- Greatly extended and improved TypeScript checks and analysis.
- Added Affected Variable(s) to vulnerability properties dialog and report, and improved variable usage analysis.
- Added list of unsupported files to coverage section in report.
Huntpad 2.0 - The Bug Hunter's Notepad
Other Improvements and Changes
- Improved Syhunt Dynamic spidering - Improved JS analysis, improved JS string handling and improved form handling of forms with multiple submission methods. Improved JS parser loading under Linux.
- Faster Dynamic scans - Faster unvalidated redirect and OAST checks and faster CWE Top 25 and OWASP Top 10 scans.
- Added the Application Scan (Server-Side Focused) hunt method, which allows to scan for server-side vulnerabilities only.
- Added unique check ID for checks in Dynamic and Code check base.
- Added ISO/IEC 27001 compliance report.
- Added detection of new Node.js-based web backdoors and fixed a false positive case of JS shell.
- Improved Issue Tracker integration - Allow comma-separated emails in To field when configuring an email-based issue tracker. Fixed: scheduled scan report not being emailed under two specific circumstances.
- Improved incremental cache history loading.
- Fixed: session and report display of hunt method name of a scan started by Syhunt Code.
- Fixed: IP not being properly recognized in web log during web log scan in Syhunt Insight.
- Good bye to 32-bit era - From now on, only the 64-bit version of Syhunt will be available.
We hope you enjoy the new release!