Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16573
HistoryApr 05, 2007 - 12:00 a.m.

CYBSEC Release: SAP Security - Paper & Tool release

2007-04-0500:00:00
vulners.com
15
JSON

I am proud to announce the release of a White-paper and an open-source tool, both addressing security of SAP R/3 systems.
The paper describes vulnerabilities discovered in the SAP RFC interface implementation and library, as well as some attacks that can be performed over
SAP systems.
The tool, sapyto (v0.93), is the first public framework for carrying out Penetration Tests over SAP R/3 deployments. It is shipped with many plugins
to test for vulnerabilities discovered in our research and also launch different types of attacks.

You can find these resources at the following links:

    . Paper: http://www.cybsec.com/upload/CYBSEC-Whitepaper-Exploiting_SAP_Internals.pdf
    . sapyto: http://www.cybsec.com/vuln/tools/sapyto.tgz

Don't hesitate to send me any comments/suggestions!

Best Regards,

Mariano Nunez Di Croce

CYBSEC S.A. Security Systems
Email: [email protected]
Tel/Fax: (54-11) 4371-4444
Web: http://www.cybsec.com
PGP: http://www.cybsec.com/pgp/mnunez.txt

JSON