SAP Pentesting: From Zero 2 Hero with Metasploit

In this technical webinar for penetration testers, Dave Hartley aka @nmonkee presents a brief overview of how the recent SAP modules he contributed to the Metasploit Framework can be used to go from Zero to Hero and achieve SAPpwnstar status when assessing or encountering SAP systems during engagements. The webcast will provide a very high level overview of common SAP system vulnerabilities and misconfigurations as well as demonstrate how the Metasploit Framework can be leveraged to quickly and easily exploit and compromise misconfigured/vulnerable SAP systems.

The webinar includes a demo.

Participants will learn:

  • What SAP connectors are and how they increase the attack surface
  • How to discover, enumerate, brute force, exploit and gain privilege escalation on both Windows and Linux SAP systems
  • How to address mitigation and remediation

Speakers:

  • Dave Hartley, Principal Security Consultant, MWR InfoSecurity
  • Chris Kirsch, Senior Product Marketing Manager for Metasploit, Rapid7 (Moderator)

Dave is a Principal Security Consultant for MWR InfoSecurity and has been working in the IT Industry since 1998. Dave is a published author and has presented his research at several international respected security conferences such as 44CON, BSides, Sec-T, ZACON, DeepSec, T2 etc. 


Fill out the form below to watch this webcast