Why choose MOGWAI LABS?

MOGWAI LABS is a "no fluff" company. We focus on vulnerabilities that matter, use attack techniques that work, and provide solutions that scale.

We want to support your organization by improving its resilience against technically highly-skilled attackers, transferring our knowledge and experience. If you want to work with a small and agile team of security experts, MOGWAI LABS is the partner of your choice.

Blog and side projects

Latest updates, tools and ideas from our internal research projects.

An Trinhs RMI Registry Bypass

A closer look at the RMI Registry whitelist bypass gadget from An Trinhs Blackhat Europe 2019 presentation


(Ab)using Linux SNMP for RCE

How to use a SNMP write community to gain (remote) code execution as root on Linux systems


Attacking RMI based JMX services

An attack primer on how to hack into RMI based JMX services


Attacking Java RMI services after JEP 290

An attack primer on how to attack Java RMI services using Java deserialization


Repacking iOS applications

A quick and easy guide for binary patching and repacking iOS apps during security audits



Merge jar files to simplify remote debugging of closed source java applications