On the MWR Labs website you will discover a wealth of exciting and interesting information from the world of Information Security including an insight into the security research activities being undertaken by the MWR team. You will find updates from the current research projects as well as the white papers, tools and advisories that have been published. You should also find news articles and other items of interest about the latest happenings in the IT security industry. So whether your interest is the latest developments with respect to security testing or the research being conducted into a specific technology, there should be something within MWR Labs of interest.


  1. November 24, 2015
    Yale Home System (Europe) Man in the Middle Command Execution Vulnerability
  2. August 17, 2015
    Microsoft Office CTaskSymbol Use-After-Free Vulnerability
  3. August 13, 2015
    Sandbox bypass through Google Admin WebView
  4. July 23, 2015
    Samsung S5 Arbitary File Retrieval during SBeam Transfer


  1. November 11, 2015
    EMV Protocol Fuzzer
  2. September 30, 2015
    Active Directory: Users in Nested Groups Reconnaissance
  3. September 30, 2015
    Memory Allocation: How injecting into your own tools might help you compromise a Windows domain
  4. September 30, 2015
    Mass HTTP Enumeration with Metasploit


  1. October 16, 2015
    Journey Into Hunting The Attackers
  2. July 03, 2015
    Understanding the Microsoft Office 2013 Protected-View Sandbox
  3. June 05, 2015
    Why Bother Assessing Popular Software?
  4. March 06, 2015
    Watch You Lookin' At?

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.

MWR Labs Twitter: