The 6.9.8 release of Syhunt Hybrid and Community is finally out. The new release updates the OWASP Top 10 and CWE Top 25 scan methods and checks based on the latest, 2021 version of the documents. This important improvement has been added to both Syhunt's DAST and SAST scans. Syhunt 6.9.8 also adds a much-requested feature to Syhunt Dynamic: SSL web server testing. The SSL server test warns about the use of insecure SSL protocol versions and deprecated TLS versions.
Improvements and Changes
- Added checks for deprecated TLS protocol versions and insecure SSL versions.
- Added the OWASP Top 10 2021 compliance checks.
- Added the CWE/SANS Top 25 2021 compliance checks.
- Added new Wordpress-related spidering optimizations.
- Abort dynamic scan if start URL is static asset.
- Updated SSL code and improved TLS 1.3 support.
- Fixed: removed the need of admin permission request from UI (added temporarily after the last update).
- Fixed: update size of Dynamic preferences dialog to fix display issue in some screen resolutions.
- Fixed: reportgl parameter not accessible through REST API.
- API users: If you're using the REST API, remember to update your API key since the last one is now invalid.
We hope you enjoy the new release!