Presentation by Ian deVilliers at 44Con in 2011.
This presentation is about the protocol used by SAP GUI and how it makes SAP applications vulnerable to attack. SApCap and SAPProx , tools developed by the presenter are discussed. SAPProx is a SAP GUI proxy tool. SApCap is a packet sniffer,decompressor and protocol analysis tool for SAP GUI. A few practical SAP app attacks are discussed.