Why choose MOGWAI LABS?

MOGWAI LABS is a "no fluff" company. We focus on vulnerabilities that matter, use attack techniques that work, and provide solutions that scale.

We want to support your organization by improving its resilience against technically highly-skilled attackers, transferring our knowledge and experience. If you want to work with a small and agile team of security experts, MOGWAI LABS is for you.

Blog and side projects

Latest updates, tools and ideas from our internal research projects.

(Ab)using Linux SNMP for RCE

How to use a SNMP write community to gain (remote) code execution as root on Linux systems

More

Attacking RMI based JMX services

An attack primer on how to hack into RMI based JMX services

More

Attacking Java RMI services after JEP 290

An attack primer on how to attack Java RMI services using Java deserialization

More

Repacking iOS applications

A quick and easy guide for binary patching and repacking iOS apps during security audits

More

jarjarbigs

Merge jar files to simplify remote debugging of closed source java applications

More

Vulnerability spotlight: CVE-2016-5072

Analysis of a vulnerability in the open source shop system OXID

More