Why choose MOGWAI LABS?

MOGWAI LABS is a "no fluff" company. We focus on vulnerabilities that matter, use attack techniques that work, and provide solutions that scale.

We want to support your organization by improving its resilience against technically highly-skilled attackers, transferring our knowledge and experience. If you want to work with a small and agile team of security experts, MOGWAI LABS is for you.

Blog and side projects

Latest updates, tools and ideas from our internal research projects.

Attacking RMI based JMX services

An attack primer on how to hack into RMI based JMX services


Attacking Java RMI services after JEP 290

An attack primer on how to attack Java RMI services using Java deserialization


Repacking iOS applications

A quick and easy guide for binary patching and repacking iOS apps during security audits



Merge jar files to simplify remote debugging of closed source java applications


Vulnerability spotlight: CVE-2016-5072

Analysis of a vulnerability in the open source shop system OXID


Static JWT signing Key in dotCMS

Please let me sign that for you