We have recently developed several Metasploit auxiliary and exploitation modules to assist consultants in assessing SAP systems.
Dave has also delivered a presentation “SAP Slapping (a pentesters guide)” at CRESTCon and BSides London where some of these modules were demonstrated.
We plan to submit these modules to the Metasploit Framework; however until this process is complete the modules will be available here. We have not yet finished all of the modules that we plan to write, so stay tuned for future updates.
Read the blog post for more information.