On the MWR Labs website you will discover a wealth of exciting and interesting information from the world of Information Security including an insight into the security research activities being undertaken by the MWR team. You will find updates from the current research projects as well as the white papers, tools and advisories that have been published. You should also find news articles and other items of interest about the latest happenings in the IT security industry. So whether your interest is the latest developments with respect to security testing or the research being conducted into a specific technology, there should be something within MWR Labs of interest.


  1. August 17, 2015
    Microsoft Office CTaskSymbol Use-After-Free Vulnerability
  2. August 13, 2015
    Sandbox bypass through Google Admin WebView
  3. July 23, 2015
    Samsung S5 Arbitary File Retrieval during SBeam Transfer
  4. July 17, 2015
    JavaScript Privilege Escalation in Adobe Reader


  1. September 30, 2015
    Active Directory: Users in Nested Groups Reconnaissance
  2. September 30, 2015
    Memory Allocation: How injecting into your own tools might help you compromise a Windows domain
  3. September 30, 2015
    Mass HTTP Enumeration with Metasploit
  4. September 25, 2015
    A Practical Guide to Cracking Password Hashes


  1. July 03, 2015
    Understanding the Microsoft Office 2013 Protected-View Sandbox
  2. June 05, 2015
    Why Bother Assessing Popular Software?
  3. March 06, 2015
    Watch You Lookin' At?
  4. October 31, 2014
    Windows Services – All roads lead to SYSTEM

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.

MWR Labs Twitter: