“Practical SAP Pentesting” from Nullcon Goa 2014

This workshop was focused on basics and advanced areas of technical aspects of SAP security. Understanding the architecture of typical SAP system and focuses on every component that can be attacked with live demo and hands-on exercises Covering areas such as SAP Gateway, Message server, RFC security, ITS, ABAP code vulnerabilities, JAVA-engine attacks, Authorizations, Database security, SAPGUI security and many others will be described.

Full text of the presentation could be found here