OverviewERPScan's SAP Pentesting Tool is a freeware tool that is intended for penetration testers and security officers for vulnerability assessment of SAP systems using Black Box testing methodologies. It means that you do not need to know any information about the target system or have a legal account in it. All the information will be collected by SAP Pentesting tool.
Updated release 0.6 from 01.10.2012
- Total 31 modules
- 18 Information gathering
- 3 Command execution
- 8 Aux
- 4 DoS
- Exploit for Verb Tampering (add user and add role)
- P4 password decryptor plugin
- ~40 default public ICM pages scan
FeaturesUsing ERPScan's SAP Pentesting Tool you can:
- Obtain information using information disclosure vulnerability;
- Exploit potential vulnerabilities;
- Collect business critical data or the data for conducting other attacks.