lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 10 Dec 2008 12:13:36 -0200
From: Mariano Nuñez Di Croce <mnunez@...sec.com>
To: full-disclosure@...ts.grok.org.uk
Subject: CYBSEC News - New sapyto release (v0.98)

Hello list,

I'm glad to let you know that a new version of sapyto, the SAP Penetration Testing Framework, is available.

You can download it by accessing the following link: http://www.cybsec.com/EN/research/sapyto.php

News in this version:
---------------------

This version is mainly a complete re-design of sapyto's core and architecture to support future releases. Some of the new features now available are:

. Target configuration is now based on "connectors", which represent different ways to communicate with SAP services and components. This makes the
framework extensible to handle new types of connections to SAP platforms.

. Plugins are now divided in three categories:
	. Discovery: Try to discover new targets from the configured/already-discovered ones.
	. Audit: Perform some kind of vulnerability check over configured targets.
	. Exploit: Are used as proofs of concept for discovered vulnerabilities.

. Exploit plugins now generate shells and/or sapytoAgent objects.

. New plugins!: User account bruteforcing, client enumeration, SAProuter assessment, and more...

. Plugin-developer interface drastically simplified and improved.

. New command switches to allow the configuration of targets/scripts/output independently.

. Installation process and general documentation improved.

. Many (*many*) bugs fixed. :P


Enjoy!
Cheers,

-- 
-----------------------------------------
Mariano Nuñez Di Croce

CYBSEC S.A. Security Systems
Email: mnunez@...sec.com
Tel/Fax: (54-11) 4371-4444
Web: http://www.cybsec.com
PGP: http://www.cybsec.com/pgp/mnunez.txt
-----------------------------------------


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ