Security Basics
[Onapsis Research Labs] New Onapsis Bizploit release Sep 27 2012 01:51PM
Onapsis Research Labs (research onapsis com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear colleague,

We?re happy to announce the release of a new version of Onapsis Bizploit - the open-source ERP Penetration Testing framework.
Bizploit is a free command-line application to perform proof-of-concept penetration tests of the technical layer of SAP platforms.

Nowadays, most organizations which use SAP are going beyond the simple definition of SAP roles and profiles. They have incorporated the technical
layer of their SAP platform into their regular risk assessment processes, in order to address the increased threat of cyber-attacks to their
business-critical systems.

With Bizploit, you can perform basic analysis of some of the existing technical vulnerabilities affecting your SAP systems, which often pose critical
risks to the integrity of the entire platform.

Some new features in this new version (1.50-rc1):
- - New exploits for Management Console.
- - New modules for SAProuter.
- - New modules for remote execution of RFC Functions.
- - Module to detect the CTC Verb Tampering vulnerability.
- - Several bug fixes.

You can download the new version from Onapsis? web site at http://www.onapsis.com/bizploit

We hope you enjoy it!
We would love to get your feedback on how you are using Bizploit. Don't hesitate to write us at bizploit (at) onapsis (dot) com [email concealed]!

Kindest regards,

P.S: Follow us on Twitter (@onapsis) to stay updated on the latest SAP & ERP security research!

- --
- -------------------------------
The Onapsis Research Labs Team
Onapsis, Inc.

Email: research (at) onapsis (dot) com [email concealed]
Tel: +1 (617) 342 7434
Web: www.onapsis.com
Twitter: @onapsis
- -------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAlBkWeUACgkQz3i6WNVBcDWzZwCg2bUjRypOKLO8Wo8wIy8EPekY
7+0AnjyearnP9FdSMu72fbGfytgvHGFh
=raEA
-----END PGP SIGNATURE-----

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus