Onapsis Bizploit v1.50 – SAP Penetration Testing Framework


Onapsis Bizploit is an SAP penetration testing framework to assist security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized SAP security assessment. The framework currently ships with many plugins to assess the security of SAP Business Platforms. Additional plugins are available for broader platform support including Oracle.

Onapsis Bizploit v1.50 - SAP Penetration Testing Framework

Nowadays, most organizations which use SAP are going beyond the simple definition of SAP roles and profiles. They have incorporated the technical layer of their SAP platform into their regular risk assessment processes, in order to address the increased threat of cyber-attacks to their business-critical systems.


With Bizploit, you can perform basic analysis of some of the existing technical vulnerabilities affecting your SAP systems, which often pose critical risks to the integrity of the entire platform.

New in v1.50

  • New exploits for Management Console.
  • New modules for SAProuter.
  • New modules for remote execution of RFC Functions.
  • Module to detect the CTC Verb Tampering vulnerability.
  • Several bug fixes.

You can download Bizploit here (requires registration):

Windows
Linux

Or read more here.

Posted in: Database Hacking, Hacking Tools


Latest Posts:


Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.


Comments are closed.