[<prev] [next>] [day] [month] [year] [list]
Message-ID: <493FCE90.6070001@cybsec.com>
Date: Wed, 10 Dec 2008 12:13:36 -0200
From: Mariano Nuñez Di Croce <mnunez@...sec.com>
To: full-disclosure@...ts.grok.org.uk
Subject: CYBSEC News - New sapyto release (v0.98)
Hello list,
I'm glad to let you know that a new version of sapyto, the SAP Penetration Testing Framework, is available.
You can download it by accessing the following link: http://www.cybsec.com/EN/research/sapyto.php
News in this version:
---------------------
This version is mainly a complete re-design of sapyto's core and architecture to support future releases. Some of the new features now available are:
. Target configuration is now based on "connectors", which represent different ways to communicate with SAP services and components. This makes the
framework extensible to handle new types of connections to SAP platforms.
. Plugins are now divided in three categories:
. Discovery: Try to discover new targets from the configured/already-discovered ones.
. Audit: Perform some kind of vulnerability check over configured targets.
. Exploit: Are used as proofs of concept for discovered vulnerabilities.
. Exploit plugins now generate shells and/or sapytoAgent objects.
. New plugins!: User account bruteforcing, client enumeration, SAProuter assessment, and more...
. Plugin-developer interface drastically simplified and improved.
. New command switches to allow the configuration of targets/scripts/output independently.
. Installation process and general documentation improved.
. Many (*many*) bugs fixed. :P
Enjoy!
Cheers,
--
-----------------------------------------
Mariano Nuñez Di Croce
CYBSEC S.A. Security Systems
Email: mnunez@...sec.com
Tel/Fax: (54-11) 4371-4444
Web: http://www.cybsec.com
PGP: http://www.cybsec.com/pgp/mnunez.txt
-----------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists