Ignacio Favro

Ignacio Favro is a Senior Security Researcher at Onapsis, where he specializes in identifying and mitigating vulnerabilities in business-critical applications. With a background in computer science and extensive experience in cybersecurity, Ignacio plays a pivotal role in advancing the security research efforts of Onapsis. His contributions focus on safeguarding enterprise systems, including SAP, by uncovering risks and developing strategies to enhance cyber resilience.

Upcoming Live Webinars

How to Detect and Fix the SAP NetWeaver Zero-Day: A Technical Recap

In Episode 1 of our new docuseries, Hacking & Defending SAP Applications Live, Onapsis researchers Ignacio Favro and Fabian Hagg analyzed the first mass-exploited SAP zero-day (CVE-2025-31324 and CVE-2025-42999). Sophisticated threat actors leveraged this previously unknown flaw to compromise hundreds of SAP customers. This article serves as a practitioner’s recap of that session, breaking down…

Learn More

Hash Cracking and the SAP Landscape

Last Updated: 12/19/2025 Introduction to Hash Cracking The Bottom Line: SAP systems frequently prioritize backward compatibility, leading to the storage of weak, easily crackable password hashes (such as MD5-based CODVN B) alongside stronger modern standards. Attackers exploit this by extracting these legacy hashes from database tables like USR02 and USH02 to compromise user credentials—even if…

Learn More

SAP Security & Compliance Evaluation

Securing Your Future: Preparing for a Successful SAP RISE Transformation

SAP Cyber Attack Compromises Global Manufacturer

Hacking & Defending SAP Applications – Live

10 Reasons Why More Companies Choose Onapsis