The tools that can be used to simplify the procedures of penetration testing and security assessments of ERP systems will soon appear on this page.
ERPScan Pentesting Tool
ERPScan Pentesting Tool is a freeware tool that is intended for penetration testers and security officers to test SAP systems using Black Box testing methodologies. It means that you do not need to know any information about the target system or have a legal account in it. All the information will be collected by ERPScan Pentesting Tool.
Visit websiteERPScan WEBXML Checker
ERPScan WEBXML checker is a freeware tool that is intended for checking security configuration of SAP J2EE applications by scanning a WEB.XML file. It is intended to checking WEB.XML files for different vulnerabilities and misconfigurations like Verb Tampering, Invoker servlet bypass and other misconfigurations. Detailed information about that vulnerabilities can be found in whitepaper “Architecture and program vulnerabilities in SAP’s J2EE engine” presented at BlackHat conference.
Visit websiteSapsploit
Coming soon.
