WELCOME TO MWR LABS

On the MWR Labs website you will discover a wealth of exciting and interesting information from the world of Information Security including an insight into the security research activities being undertaken by the MWR team. You will find updates from the current research projects as well as the white papers, tools and advisories that have been published. You should also find news articles and other items of interest about the latest happenings in the IT security industry. So whether your interest is the latest developments with respect to security testing or the research being conducted into a specific technology, there should be something within MWR Labs of interest.

Advisories

  1. January 15, 2016
    Trend Micro Threat Intelligence Manager Arbitrary Local File Disclosure
  2. January 15, 2016
    Trend Micro Threat Intelligence Manager Partial Authentication Bypass
  3. January 15, 2016
    Trend Micro Threat Intelligence Manager Arbitrary Code Execution
  4. November 24, 2015
    Yale Home System (Europe) Man in the Middle Command Execution Vulnerability

/var/log/messages

  1. November 11, 2015
    EMV Protocol Fuzzer
  2. September 30, 2015
    Active Directory: Users in Nested Groups Reconnaissance
  3. September 30, 2015
    Memory Allocation: How injecting into your own tools might help you compromise a Windows domain
  4. September 30, 2015
    Mass HTTP Enumeration with Metasploit

Publications

  1. December 10, 2015
    Warranty Void If Label Removed: Attacking MPLS Networks
  2. October 16, 2015
    Journey Into Hunting The Attackers
  3. July 03, 2015
    Understanding the Microsoft Office 2013 Protected-View Sandbox
  4. June 05, 2015
    Why Bother Assessing Popular Software?


drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.


MWR Labs Twitter: