On the MWR Labs website you will discover a wealth of exciting and interesting information from the world of Information Security including an insight into the security research activities being undertaken by the MWR team. You will find updates from the current research projects as well as the white papers, tools and advisories that have been published. You should also find news articles and other items of interest about the latest happenings in the IT security industry. So whether your interest is the latest developments with respect to security testing or the research being conducted into a specific technology, there should be something within MWR Labs of interest.


  1. March 06, 2015
    Apache ActiveMQ and ActiveMQ Apollo XML External Entity Data Parsing
  2. March 06, 2015
    Apache ActiveMQ LDAP Wildcard Interpretation
  3. February 06, 2015
    Apache Qpid Authentication Bypass
  4. February 06, 2015
    Apache Qpid Denial of Service


  1. March 27, 2015
    Disgusting Code: GeoIP lookups in Excel
  2. March 20, 2015
    GitLab User Enumeration
  3. March 16, 2015
    HackFu Challenge 2015
  4. February 13, 2015
    Practically Exploiting MS15-014 and MS15-011


  1. March 06, 2015
    Watch You Lookin' At?
  2. October 31, 2014
    Windows Services – All roads lead to SYSTEM
  3. June 12, 2014
    Native Bridge's Over Troubled Water
  4. June 12, 2014
    Fracking With Hybrid Mobile Applications

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.

MWR Labs Twitter: