Bizploit stands out as the very first Opensource ERP Penetration Screening framework. Formulated by the Onapsis Look for Labs, Bizploit assists security professionals during the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests.

This tool was presented at the recently concluded Hack In The Box – Dubai. Infact, we had written about a similar open source project Sapyto. Bizploit currently supports all the features that are included in Sapyto and also some more! So, if you find Sapyto less attractive, give Bizploit a try!


Currently, Bizploit is shipped with many plugins to assess the security of SAP business platforms. Plugins for other popular ERPs will be included in the short term.

This solution was developed to help SAP’s customers protect their systems from unauthorized modifications of ABAP programs in their SAP platforms.

If undetected, these modifications can be applied to inject Backdoors in an SAP system, which would enable attackers to manipulate significant corporation processes and steal sensitive facts remotely. It has two versions – Windows and Linux.

Download Bizploit v1.0 here (Windows) Onapsis and here (Linux) Onapsis