'[Full-disclosure] [Onapsis Research Labs] New Onapsis Bizploit release'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] [Onapsis Research Labs] New Onapsis Bizploit release
From:       Onapsis Research Labs <research () onapsis ! com>
Date:       2012-09-27 13:51:11
Message-ID: 506459CF.7060504 () onapsis ! com
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


Dear colleague,

We’re happy to announce the release of a new version of Onapsis Bizploit - the open-source ERP \
Penetration Testing framework. Bizploit is a free command-line application to perform \
proof-of-concept penetration tests of the technical layer of SAP platforms.

Nowadays, most organizations which use SAP are going beyond the simple definition of SAP roles \
and profiles. They have incorporated the technical layer of their SAP platform into their \
regular risk assessment processes, in order to address the increased threat of cyber-attacks to \
their business-critical systems.

With Bizploit, you can perform basic analysis of some of the existing technical vulnerabilities \
affecting your SAP systems, which often pose critical risks to the integrity of the entire \
platform.

Some new features in this new version (1.50-rc1):
- New exploits for Management Console.
- New modules for SAProuter.
- New modules for remote execution of RFC Functions.
- Module to detect the CTC Verb Tampering vulnerability.
- Several bug fixes.

You can download the new version from Onapsis’ web site at http://www.onapsis.com/bizploit

We hope you enjoy it!
We would love to get your feedback on how you are using Bizploit. Don't hesitate to write us at \
bizploit@onapsis.com!

Kindest regards,

P.S: Follow us on Twitter (@onapsis) to stay updated on the latest SAP & ERP security research!

-- 
-------------------------------
The Onapsis Research Labs Team
Onapsis, Inc.

Email: research@onapsis.com
Tel: +1 (617) 342 7434
Web: www.onapsis.com
Twitter: @onapsis
-------------------------------


["signature.asc" (application/pgp-signature)]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic