WELCOME TO MWR LABS

On the MWR Labs website you will discover a wealth of exciting and interesting information from the world of Information Security including an insight into the security research activities being undertaken by the MWR team. You will find updates from the current research projects as well as the white papers, tools and advisories that have been published. You should also find news articles and other items of interest about the latest happenings in the IT security industry. So whether your interest is the latest developments with respect to security testing or the research being conducted into a specific technology, there should be something within MWR Labs of interest.

Advisories

  1. March 10, 2014
    Paypal Remote Code Execution
  2. January 31, 2014
    Cray Aprun/Apinit Privilege Escalation
  3. November 29, 2013
    Umbraco CMS TemplateService Remote Code Execution
  4. September 24, 2013
    WebView addJavascriptInterface Remote Code Execution

/var/log/messages

  1. April 11, 2014
    Laravel cookie forgery, decryption, and RCE
  2. April 11, 2014
    WordPress auth cookie forgery
  3. April 08, 2014
    HackFu Challenge 2014
  4. December 20, 2013
    HackFu 2013: The Movie

Publications

  1. April 14, 2014
    Windows Phone 8 Application Security Whitepaper Syscan 2014
  2. April 14, 2014
    Windows Phone 8 Application Security Slides Syscan 2014
  3. December 20, 2013
    Hack the Gibson - Deepsec Edition
  4. September 18, 2013
    Hack the Gibson - 44CON


drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.


MWR Labs Twitter: