SyHunt Hybrid

Syhunt is a hybrid web application security scanner designed fortesting mobile and web applications written in a variety of languages.Syhunt combines dynamic and static testing approaches, performing over 1500 checks, proactively defending websites against security threats and quickly finding existing vulnerabilities before the hackers.

Syhunt Dynamic comes with a wide array of features to detect and help you fix your web application security vulnerabilities with minimal effort. Simply enter a start URL and get detailed vulnerability information right away.

Syhunt Dynamic is composed by a deep crawler able to fully map a website structure and an automated injector able to adapt, mutate, analyze and test the web application response to thousands of different web attacks often carried by real-world adversaries.

Dynamic Application Security Testing (DAST)

  • 800+dynamic web application security checks in over 70 categories of web attacks.
  • Scans any kind of live web application, especially webapplications written in ASP.NET (C# & VB.Net), Java (JEE/ JSP), JavaScript, Node.js, Lua, Perl, PHP, Python & Ruby
  • Able to perform a complete penetration test of the webapplication layer.
  • Deep crawling (spidering), complete and automatedwebsite structure mapping, locating entry points (all links,forms and XHR requests) with HTML5 and JS support.
  • Optimized for testing websites using a variety offrameworks running under a variety of servers (Apache,Tomcat, IIS, Nginx, and so on) and platforms (Windows,Unix, and other systems).

Syhunt Mobile enables publishers, developers and QA testers to automatically scan Android and iOS mobile apps for the OWASP Mobile Top 10 and other vulnerabilities. Find the vulnerable portions of the code in minutes and patch them before making app updates available to users.

Syhunt Code enables web developers and QA (Quality Assurance) testers to automatically scan any kind of web application source code for potential security vulnerabilities. Pin point with this tool the exact lines of the code that need to be patched.

Mobile & Web Secure Code Testing (SAST)

  • 700+source checks, covering over 30 types of security vulnerabilities for Mobile & Web Applications
  • Secure Code Testing for Web applications written in ASP.Net, Java JEE / JSP,JavaScript, Lua, Perl, PHP, Python & TypeScript, finding OWASP Top 10 vulnerabilities and more.
  • Mobile applications(Android & iOS) written in Java,Objective-C, C, C++ & Swift, finding OWASP Mobile Top 10 vulnerabilities and more
  • Supports applications that use MongoDB, Express.js,Angular, AngularJS, Node.js & Koa