SAP systems are deeply embedded in large organizations, yet offensive security
tooling and methodology for auditing them remain underdeveloped. This talk
focuses on two critical areas where security assessments often fall short: the
complexity of SAP’s authorization system and the under-documented logon ticket
mechanism used for authentication.
Based on research conducted at Synacktiv, this presentation will introduce new
open-source tools designed to improve both auditing efficiency and
post-exploitation capabilities in SAP environments. Attendees will learn practical
methods to systematically analyze granular authorizations for privilege escalation
paths, and how SAP logon tickets can be abused to impersonate users or pivot across
trusted systems.
Video demos will showcase both tools in action, with a practical, attacker-focused
perspective aimed at bridging the current gap in SAP offensive security.
