Maybe I am being cynical here, but I would still say that its very rare that SAP comes up with something that reduces the daily drudgery we go through as security consultants. Today I discovered something from my colleagues that is really one of the best things I have seen in a very long time. SAP has come up with a new and improved version of the standard security trace ST01. The new transaction can be launched by using the tcode “STAUTHTRACE”. Continue reading “STAUTHTRACE”


Its quite common in the SAP world that one transaction calls another via different menu options. At the code level this is often implemented via the ABAP construct “CALL TRANSACTION”. We know that to start a transaction from menu or typing via the command window, a S_TCODE check is performed at the SAP kernel level. However whether a S_TCODE check is performed for the CALL TRANSACTION statement can be controlled by us through the SE97 tcode. Its not often that we need to mess with the SE97 settings but its good to know about the option is available if needed. Continue reading “SE97 and TCDCOUPLES”