sapyto v0.98 Released – SAP Penetration Testing Framework Tool

The New Acunetix V12 Engine


sapyto is the first SAP Penetration Testing Framework, sapyto provides support to information security professionals in SAP platform discovery, investigation and exploitation activities.

sapyto is periodically updated with the outcome of the deep research on the various security aspects in SAP systems.

Although sapyto is a versatile and powerful tool, it is of major importance for it to be used by consultants who are highly skilled and specialized in its usage, preventing any interference with your organization’s usual SAP operation.

New in This Version

This version is mainly a complete re-design of sapyto’s core and architecture to support future releases. Some of the new features now available are:

  • Target configuration is now based on “connectors”, which represent different ways to communicate with SAP services and components. This makes the
    framework extensible to handle new types of connections to SAP platforms.
  • Plugins are now divided in three categories: Discovery, Audit & Exploit.
  • Exploit plugins now generate shells and/or sapytoAgent objects.
  • New plugins!: User account bruteforcing, client enumeration, SAProuter assessment, and more…
  • Plugin-developer interface drastically simplified and improved.
  • New command switches to allow the configuration of targets/scripts/output independently.
  • Installation process and general documentation improved.

You can download sapyto v0.98 here (you may have to fill in a form):

sapyto Public Edition (v0.98)

Or read more here.

Posted in: Database Hacking, Hacking Tools


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


Comments are closed.