Security Basics mailing list archives
Onapsis Research Labs: Onapsis Bizploit - The opensource ERP Penetration Testing framework
From: Onapsis Research Labs <research () onapsis com>
Date: Tue, 01 Jun 2010 11:31:36 -0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear colleague, We are proud to announce the release of Onapsis Bizploit, the first opensource ERP Penetration Testing framework. Presented at the renowned HITB Dubai security conference, Bizploit is expected to provide the security community with a basic framework to support the discovery, exploration, vulnerability assessment and exploitation of ERP systems. The term "ERP Security" has been so far understood by most of the IT Security and Auditing industries as a synonym of “Segregation of Duties”. While this aspect is absolutely important for the overall security of the Organization's core business platforms, there are many other threats that are still overlooked and imply much higher levels of risk. Onapsis Bizploit is designed as an academic proof-of-concept that will help the general community to illustrate and understand this kind of risks. Currently Onapsis Bizploit provides all the features available in the sapyto GPL project, plus several new plugins and connectors focused in the security of SAP business platforms. Updates for other popular ERPs are to be released in the short term. Your can download the software freely from http://www.onapsis.com Best regards, - -------------------------------------------- The Onapsis Research Labs Team Onapsis S.R.L Email: research () onapsis com Web: www.onapsis.com PGP: http://www.onapsis.com/pgp/research.asc - -------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkwFGcgACgkQz3i6WNVBcDX8ywCg3Uy+DlXlNV+CWB5gjK9nLwFC pocAoJ2EE6ai9GOcg9l4VDzz18XV1CvA =3zxt -----END PGP SIGNATURE----- ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Onapsis Research Labs: Onapsis Bizploit - The opensource ERP Penetration Testing framework Onapsis Research Labs (Jun 01)