{"id":20484406,"url":"https://github.com/sap-samples/security-services-tools","last_synced_at":"2025-08-20T14:31:19.261Z","repository":{"id":48305632,"uuid":"516444827","full_name":"SAP-samples/security-services-tools","owner":"SAP-samples","description":"If you use security-related services and tools such as EWA, SOS, System Recommendations, Configuration Validation, or a security dashboard in SAP Solution Manager, the ABAP reports in this repository can help with further analysis and development.","archived":false,"fork":false,"pushed_at":"2024-11-14T09:46:06.000Z","size":576,"stargazers_count":48,"open_issues_count":8,"forks_count":10,"subscribers_count":21,"default_branch":"main","last_synced_at":"2024-12-10T11:53:29.240Z","etag":null,"topics":["configuration-validation","configval","earlywatch-alert","ewa","sample","sample-code","security-dashboard","security-optimization-service","sos","sysrec","system-recommentations"],"latest_commit_sha":null,"homepage":"","language":"ABAP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SAP-samples.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-21T16:26:34.000Z","updated_at":"2024-11-14T09:46:11.000Z","dependencies_parsed_at":"2024-02-05T17:29:40.617Z","dependency_job_id":"ec137576-f475-43e7-8052-e5ec0aa9f525","html_url":"https://github.com/SAP-samples/security-services-tools","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP-samples%2Fsecurity-services-tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP-samples%2Fsecurity-services-tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP-samples%2Fsecurity-services-tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SAP-samples%2Fsecurity-services-tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SAP-samples","download_url":"https://codeload.github.com/SAP-samples/security-services-tools/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230431100,"owners_count":18224655,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["configuration-validation","configval","earlywatch-alert","ewa","sample","sample-code","security-dashboard","security-optimization-service","sos","sysrec","system-recommentations"],"created_at":"2024-11-15T16:22:09.995Z","updated_at":"2025-08-20T14:31:19.252Z","avatar_url":"https://github.com/SAP-samples.png","language":"ABAP","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![REUSE status](https://api.reuse.software/badge/github.com/SAP-samples/security-services-tools)](https://api.reuse.software/info/github.com/SAP-samples/security-services-tools)\n# Security Services Tools\n\n## Description\n\nYou are using security relates services and tools like the EWA, SOS, System Recommendations, Configuration Validation or a Security Dashboard in the SAP Solution Manager. You want to dig deeper into these topics and want to build own reporting capabilities on top. In this case you can use the ABAP reports in this repository as a starting point for further analysis and development.\n\n## Basis\n\n- Report [`ZSHOW_BG_JOB_USER`](/ABAP/basis/zshow_bg_job_user.prog.abap)  \nShow user type of background job steps  \n\n- Report [`ZSHOW_INSTALLED_COMPS`](/ABAP/basis/zshow_installed_comps.prog.abap)  \nShow installed software components and verify the age of the support packages  \n\n- Report [`ZRFC_STATRECS_SUMMARY`](/ABAP/basis/zrfc_statrecs_summary.prog.abap)  \nShow Workload Statistic of RFC calls  \nSee blog [How to get RFC call traces to build authorizations for S_RFC for free!](https://community.sap.com/t5/application-development-blog-posts/how-to-get-rfc-call-traces-to-build-authorizations-for-s-rfc-for-free/ba-p/12900590)  \nStandard transaction `STRFCTRACE` can replace this Z-report partially (see note [2080378](https://me.sap.com/notes/2080378))  \nUpdated 18.01.2023 Tooltip for column Logon Procedure (trusted, basic, no user)  \nUpdated 14.09.2023 Show SNC status of outgoing destinations  \nUpdated 15.09.2023 Show http connections, too  \nUpdated 16.06.2025 Option to show entries with different local and remote users only  \n\n- Report [`ZSM04000_SNC`](/ABAP/basis/zsm04000_snc.prog.abap)  \nShow SNC status of active users on current application server  \nSee blog [Report ZSM04000_SNC – Show SNC status of current user sessions](https://community.sap.com/t5/application-development-blog-posts/report-zsm04000-snc-zrsusr000-620-show-snc-status-of-current-user-sessions/ba-p/13027982)  \nYou can use the Z-reports from note [748424](https://me.sap.com/notes/748424) - Evaluation of SAP GUI versions and patches  \nUpdated 09.05.2023 Tooltip for column Logon Procedure (trusted, basic, no user)  \n\n- Report [`ZCLEANUP_PASSWORD_HASH_VALUESX`](/ABAP/basis/zcleanup_password_hash_valuesx.prog.abap)  \nRemove all weak password hash values in user master data, change documents and password history  \nSee blog [Remove weak password hash values](https://community.sap.com/t5/application-development-blog-posts/report-zcleanup-password-hash-valuesx-remove-weak-password-hash-values/ba-p/13525553)  \nUpdated 22.12.2022  \n\n- Report [`ZSHOW_SECPOL`](/ABAP/basis/zshow_secpol.prog.abap)  \nShow security policy attributes (SECPOL) and compare them with the default values  \nSee blog [Show overview about security policies (SECPOL)](https://community.sap.com/t5/application-development-blog-posts/show-overview-about-security-policies-secpol/ba-p/13535999)  \nUpdated 19.10.2022 Selection mode: single cell  \nUpdated 05.02.2024 Extension to 40 columns  \nUpdated 29.07.2024 Replace CALL 'C_SAPGPARAM' with CL_SPFL_PROFILE_PARAMETER (note [3334028](https://me.sap.com/notes/3334028))  \n\n- Report [`ZSECPOL_API`](/ABAP/basis/zsecpol_api.prog.abap)  \nExample for using the API to manage security policies (SECPOL)  \nCreated 01.07.2024 New  \n\n- Report [`ZSPFRECOMMENDED`](/ABAP/basis/zspfrecommended.prog.abap)  \nShow recommended profile parameter values according to the secure-by-default project of S/4HANA  \nSee corresponding chapter at [SAP Secure By Default for S/4HANA on-premise 2022](https://help.sap.com/docs/SUPPORT_CONTENT/security/3362974695.html)  \nUpdated 19.04.2023 Show long lines in a textedit control; Change recommendation for rdisp/gui_auto_logout from 1H to 3600  \nUpdated 15.11.2023 Parameter added for S/4HANA 2023  \nUpdated 17.01.2025 Parameter added for new entries in ECS note [3250501](https://me.sap.com/notes/3250501) version 27 from 17.01.2025  \nUpdated 20.02.2025 Use different colors; Exception for rdisp/TRACE_HIDE_SEC_DATA  \nUpdated 14.05.2025 Parameter added for S/4HANA 2023; Compare recommended value with actual unsubstituted value  \nUpdated 03.07.2025 Changed value for parameter ssl/ciphersuites in S/4HANA 2025  \n\n- Report [`ZSHOW_GWMON_LOG`](/ABAP/basis/zshow_gwmon_log.prog.abap)  \nShow settings, and log and trace files of the RFC gateway  \nUpdated 31.01.2023  \n\n- Report [`ZRSPFPAR_DYNAMIC_CD`](/ABAP/basis/zrspfpar_dynamic_cd.prog.abap)  \nShow history of dynamic profile parameters  \nUpdated 29.03.2023 Show all instance specific change documents (and the changing client if available depending on the release)  \n\n- Report [`ZSUSR_SNC_GUIFLAG`](/ABAP/basis/zsusr_snc_guiflag.prog.abap)  \nSet/unset the SNC GUIFLAG of users which permits/disallows password based logon instead of using single sign-on  \nNew 14.09.2023  \nUpdated 15.09.2023 Refactored for using an interactive ALV  \n\n- Report [`ZRSAU_API_GET_LOG_DATA`](/ABAP/basis/zrsau_api_get_log_data.prog.abap)  \nShow usage of RFC function RSAU_API_GET_LOG_DATA to get event from the Security Audit Log  \nThe report requires SAP_BASIS 7.50 as well as note [3054326](https://me.sap.com/notes/3054326) - API for remote reading of audit logs as of 7.50  \n12.03.2024 Initial version  \n08.07.2024 Improved robustness for older releases or support packages  \n\n- Report [`ZBNAME_RESTRICT`](/ABAP/basis/zbname_restrict.prog.abap)  \nCheck user names concerning parameter `BNAME_RESTRICT` in table `PRGN_CUST`  \nsee [`Note 1731549`](https://me.sap.com/notes/1731549)  \nor [`Online Help`](https://help.sap.com/docs/ABAP_PLATFORM_NEW/c6e6d078ab99452db94ed7b3b7bbcccf/8a922c9d7bca45c9b29bff3c59b344df.html)  \n\n- Report [`ZSHOW_UCON_RFC_DATA`](/ABAP/basis/zshow_ucon_rfc_data.prog.prog.abap)  \nMaintain UCON settings for RFC functions similar like transaction `UCONCOCKPIT`.  \nThe report shows additional selections and information about:  \nFunction groups  \nPackages  \nSoftware components  \nSwitched components  \nBlocklist for S/4HANA   \nAuthorizations of the called user  \nNew 26.04.2024  \nUpdated 14.06.2024  \n\n- Report [`ZSICFCHK`](/ABAP/basis/zsicfchk.prog.abap)  \nShow public ICF services and services with logon data  \nThis is an extended version of standard report RSICFCHK  \n23.09.2021 Initial version  \n\n- Report [`ZUSER_ADDR_CD`](/ABAP/basis/zuser_addr_cd.prog.abap)  \nShow change documents for address data of users  \nThese change documents are not yet integrated into transaction SUIM report RSUSR100N.  \nChange documents with empty old and new value are omitted.  \nLimitations:  \nThe change documents for the corresponding business partner are slightly different.  \nChange documents of deleted users are not shown.  \nInstead of reading table USR21, the report may should get the change documents for address assignments.  \n20.01.2025 Initial version  \n\n- Report [`ZTOUCH_PROJVIEW_DEP_PROGS`](/ABAP/basis/ztouch_projview_dep_progs.prog.abap)  \nThis is an extended version of the report provided by notes 3565944, 3577258 about a Memory Corruption vulnerability  \n16.04.2025 Initial version  \n\n- Report [`ZSHOW_DUMP_RFC_NO_AUTHORITY`](/ABAP/basis/zshow_dump_rfc_no_authority.prog.abap)  \nShow dumps for runtime error RFC_NO_AUTHORITY  \nThis report is useful for troubleshooting missing authorizations for S_RFC, especially concerting SAP security note [3600840](https://me.sap.com/notes/notes/3600840)  \n08.07.2025 Initial version  \n09.07.2025 Slightly optimized  \n\n- Report [`ZSAP4ME_NOTE_SEARCH`](/ABAP/basis/zsap4me_note_search.prog.abap)  \nConstruct an URL to search for notes in the SAP Support Portal.  \nThe expert search for notes in the SAP Support Portal uses a new URL pattern since July 2025. This report constructs such URLs. Most selection fields are supported, including for example \"Support Packages, greater than\". Using this selection you can find ABAP correction notes, security notes, performance notes, etc. which most likely can be implemented in the system using the note assistant, transaction SNOTE.  \nThe value help for Software Components and Support Packages show the currently installed software units.  \nBefore calling the default browser, you get a popup showing the constructed URL.  \n20.07.2025 Initial version  \n\n## SAP Solution Manager (SolMan)\n\n### Security Optimization Service\n\n- Report [`ZSOS_OVERVIEW`](/ABAP/solman/zsos_overview.prog.abap)  \nShow overview about results from the Security Optimization Service  \nSee blog [Show the results of the Security Optimization Service](https://community.sap.com/t5/technology-blogs-by-sap/show-the-results-of-the-security-optimization-service/ba-p/13532666)  \nUpdated 30.05.2023 Show user count for SOS, too  \nUpdated 04.09.2023 Process not only GSS SOS but normal SOS as well  \n\n### System Recommendations\n\n- Report [`ZSYSREC_NOTELIST_72_SP08`](/ABAP/solman/zsysrec_notelist_72_sp08.prog.abap)  \nShow results from application System Recommendations  \nSee blog [Report ZSYSREC_NOTELIST – Show results of System Recommendation](https://community.sap.com/t5/application-development-blog-posts/report-zsysrec-notelist-show-results-of-system-recommendation/ba-p/13006390)  \nUpdated 18.04.2023 Solved error which was introduced in recent update from February 2023  \nUpdated 28.03.2024 Opion to restrict the size of the header (important for backgroud processing)  \n\n- Report [`ZCHECK_NOTE_2934135`](/ABAP/solman/zcheck_note_2934135.prog.abap)  \nCheck the implementation status of note [2934135](https://me.sap.com/notes/2934135) for connected Java systems  \nSee note [2953257](https://me.sap.com/notes/notes/2953257)  \nUpdated 28.08.2020  \n\n- Report [`ZCHECK_NOTE_3089413`](/ABAP/solman/zcheck_note_3089413.prog.abap)  \nCheck the implementation status of note [3089413](https://me.sap.com/notes/3089413) for connected ABAP systems  \nSee Security Notes Webinar [2023-02](https://help.sap.com/docs/SUPPORT_CONTENT/security/3362974335.html)  \nUpdated 28.03.2023 New check about generic authorizations for S_RFCACL (configuration in CCDB needed)  \nUpdated 29.06.2023 Updated Kernel prerequisites as described in note 3224161  \nUpdated 29.06.2023 Updated Note prerequisites for note 3287611 v9  \nUpdated 06.07.2023 Typo in text corrected  \nUpdated 08.09.2023 Extended syntax check  \n\n### Configuration Validation\n\n- Report [`ZSHOW_CCDB_CUSTOMIZING`](/ABAP/solman/zshow_ccdb_customizing.prog.abap)  \nShow Store Customization of CCDB  \nUpdated 19.04.2023 Corrections for showing only systems which use a specific customizing  \nUpdated 08.09.2023 Extended syntax check  \n\n- Report [`ZDIAGCV_TSCUS_HDR`](/ABAP/solman/zdiagcv_tscus_hdr.prog.abap)  \nMaintain descriptions of Target Systems of application Configuration Validation  \nSee ZIP archive [Security Baseline Template](https://support.sap.com/content/dam/support/en_us/library/ssp/offerings-and-programs/support-services/sap-security-optimization-services-portfolio/Security_Baseline_Template_V2.zip)  \nUpdated 02.09.2022  \nUpdated 25.03.2024 Selection by description added  \n\n- Report [`ZDSH_BUILDER_SHOW`](/ABAP/solman/zdsh_builder_show.prog.abap)  \nShow Dashboard Builder definitions  \nSee see ZIP archive [Security Baseline Template](https://support.sap.com/content/dam/support/en_us/library/ssp/offerings-and-programs/support-services/sap-security-optimization-services-portfolio/Security_Baseline_Template_V2.zip)  \nUpdated 29.07.2022  \n\n- Report [`ZDIAGST_GET_STORES`](/ABAP/solman/zdiagst_get_stores.prog.abap)  \nShow Configuration Stores  \n\n- Report [`ZSHOW_KERNEL_STORES`](/ABAP/solman/zshow_kernel_stores.prog.abap)  \nShow ABAP release, Kernel patch level and version of the CommonCryptoLib using the configuration stores SAP_KERNEL and CRYPTOLIB  \n\n## SAP Focused Run (FRUN)\n\n### Configuration \u0026 Security Analysis\n\n- Report [`ZCCDB_GET_STORES`](/ABAP/frun/zccdb_get_stores.prog.abap)  \nShow configuration stores and content  \nNew 27.01.2023  \nUpdated 21.05.2024 Enhance robustness if case of no data  \n\n- Report [`ZSHOW_TARGET_SYSTEM`](/ABAP/frun/zshow_target_system.prog.abap)  \nShow CSA target systems (policies)  \nUpdated 27.04.2023 Show button to call CSA policy management  \n\n- Report [`ZSHOW_COMPOSITE_POLICIES`](/ABAP/frun/zshow_composite_policies.prog.abap)  \nShow CSA Composite policies  \nNew 27.04.2023  \nUpdated 22.02.2025 Value help added  \n\n- Report [`ZCHECK_NOTE_3089413_FRUN`](/ABAP/frun/zcheck_note_3089413_frun.prog.abap)  \nCheck the implementation status of note [3089413](https://me.sap.com/notes/3089413) for connected ABAP systems.  \nYou find a corresponding FRUN policy on page [3089413.xml](/FRUN_Policies/Note_3089413.xml).  \nSee Security Notes Webinar [2023-02](https://help.sap.com/docs/SUPPORT_CONTENT/security/3362974335.html)  \nUpdated 13.03.2023 Updated note 3287611, new note 3304520  \nUpdated 10.07.2023 Updated Kernel prerequisites as described in note 3224161  \nUpdated 10.07.2023 Updated Note prerequisites for note 3287611 v9   \n\n- FRUN Policies for specific Security Notes  \nNote [3089413](https://me.sap.com/notes/3089413) - [CVE-2023-0014] Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform: [Note_3089413.xml](/FRUN_Policies/Note_3089413.xml)  \nNote [3594142](https://me.sap.com/notes/3594142) - [CVE-2025-31324] Missing Authorization check in SAP NetWeaver (Visual Composer development server): [Note_33594142.xml](/FRUN_Policies/Note_3594142.xml)  \nNote [3604119](https://me.sap.com/notes/3604119) - [CVE-2025-42999] Insecure Deserialization in SAP NetWeaver (Visual Composer development server): [Note_33604119.xml](/FRUN_Policies/Note_3604119.xml)  \nInstead of uploading the individual policy files for note [3594142](https://me.sap.com/notes/3594142) and [3604119](https://me.sap.com/notes/3604119) you can use following composite policy container: [CsaCont-SecNote_VCFRAMEWORK-[0000]](/FRUN_Policies/CsaCont-SecNote_VCFRAMEWORK-[0000].xml)  \n\n## Requirements\nNone\n\n## Download and Installation\nUse the raw view to copy \u0026 paste the source code of the reports into a custom program.  \n\nYou can use [abapGit](https://github.com/abapGit/abapGit) to load the compleate package from branch `abapGit` into an SAP Solution Manager. In any other system you might want to use the function 'Advanced -\u003e Selective Pull' to get only the basis objects.  \n\n## Known Issues\nNo known issues.\n\n## How to obtain support\n[Create an issue](https://github.com/SAP-samples/security-services-tools/issues) in this repository if you find a bug, have a request or a suggestion about the content.  \n\n[Start a discussion](https://github.com/SAP-samples/security-services-tools/discussions) in this repository if you have questions about the content.\n\n[Ask the SAP security community](https://answers.sap.com/tags/49511061904067247446167091106425) in case of other topics concerning security.\n\u003c!--- https://answers.sap.com/questions/ask.html?additionalTagId=49511061904067247446167091106425 ---\u003e\n\n## Contributing\nIf you wish to contribute code, offer fixes or improvements, please send a pull request. Due to legal reasons, contributors will be asked to accept a DCO when they create the first pull request to this project. This happens in an automated fashion during the submission process. SAP uses [the standard DCO text of the Linux Foundation](https://developercertificate.org/).\n\n## License\nCopyright (c) 2023 SAP SE or an SAP affiliate company. All rights reserved. This project is licensed under the Apache Software License, version 2.0 except as noted otherwise in the [LICENSE](LICENSE) file.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsap-samples%2Fsecurity-services-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsap-samples%2Fsecurity-services-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsap-samples%2Fsecurity-services-tools/lists"}