HomeResearchFree Solutions

Onapsis Latest Publications


SAP Security In-Depth Vol.4

Read Case Study


Westinghouse Electric

Free Solutions


In this section you will find different solutions developed by the Onapsis Research Labs that are provided free-of-charge to the general community.


  • Onapsis Bizploit

    Bizploit is the first Opensource ERP Penetration Testing framework. Developed by the Onapsis Research Labs, Bizploit assists security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests.

    Currently, Bizploit is shipped with many plugins to assess the security of SAP business platforms. Plugins for other popular ERPs will be included in the short term.


    Download Bizploit v1.50-rc1 for Windows Download Bizploit v1.50-rc1 for Linux
  • Onapsis Integrity Analyzer for SAP

    This solution was developed to help SAP's customers protect their systems from unauthorized modifications of ABAP programs in their SAP platforms. If undetected, these modifications can be used to inject backdoors and rootkits in an SAP system, which would enable attackers to manipulate critical business processes and steal sensitive information remotely.


    Download Integrity Analyzer for SAP (Oracle databases)

    Make sure to read the product's User Guide in the "doc" folder, to understand the necessary installation requirements.

Upcoming Advisories

The following list provides information about the upcoming Security Advisories discovered by the Onapsis Research Labs and their estimated date of release:

  • xx-2014: SAP Business Objects
  • xx-2014: SAP Business Objects
  • xx-2014: SAP Business Objects
  • xx-2014: SAP Business Objects
  • xx-2014: SAP Netweaver ABAP
  • xx-2014: SAP Netweaver ABAP
  • xx-2014: SAP Netweaver ABAP
  • xx-2014:SAP Enterprise Portal
  • xx-2014:SAP J2EE Engine
  • xx-2014:SAP WebAS
  • xx-2014:SAP HANA
  • xx-2014:SAP HANA
  • xx-2014:SAP HANA
  • xx-2014:SAP HANA
  • xx-2014:Peoplesoft
  • xx-2014:Peoplesoft
  • xx-2014:Peoplesoft
  • xx-2014:Peoplesoft