Oh look, we now have a „careers“ section on our homepage mogwailabs.de/careers/

Despite being 2020-01-11, I think Florian Roth ⚡️ just won the PR of the year award! github.com/projectzeroind…

In our latest blog post, we take a closer look at An Trinh s RMIRegistry Bypass gadget mogwailabs.de/blog/2020/02/a…

We have published a new report: Fox Kitten - Widespread Iranian Espionage-Offensive Campaign. clearskysec.com/fox-kitten/ #APT34 #APT33 #APT39

Our beta release of ATT&CK with sub-techniques is now live! We’ve just posted a blog post by Blake Strom with links to all of the new resources and advice on how to leverage them (medium.com/mitre-attack/a…). You can also check out the new site itself at attack.mitre.org/beta/.

MOGWAI LABS was founded 2 years ago. Due to Covid19, we will have no party. However, I booked several DJs to create some mixes instead. Starting with DJ Crypt from the Famous Deck Team who is showing his turntable skillz with this fine hiphop mix. Enjoy :) soundcloud.com/dj-crypt/2-yea…

It is now official, Oleksandr Mirosh and yours truly will be presenting at Black Hat one more time! 🎉 blackhat.com/us-20/briefing…

github.com/MegadodoPublic… This is some pretty cool PHP deserializiation stuff.

SAP has released security updates for a critical vulnerability in NetWeaver AS Java. Patch ASAP! Read our Activity Alert at go.usa.gov/xfTCB for more information. #Cyber #Cybersecurity #InfoSec

Once upon a time there was a #Sophos XG Firewall N-day that had Ramoliks and niph dig deep until they got RCE, a 0-day and a comprehensive blog post. #CVE-2020-12271 #CVE-2020-15504 codewhitesec.blogspot.com/2020/07/sophos…

github.com/thefLink/C-To-… Some examples on how to create complex PIC which uses syscalls in pure C. One can use any shellcode loader/injector to execute complex PIC and use encoders to break signatures.

We just pushed a new MJET version with two small features that might be handy if you are dealing with some unusual targets. github.com/mogwailabs/mje…

RCCMD is a service that lets you systematically shut down critical systems in the event of a power outage. In our latest blogpost we show how systems can be compromised via this service: mogwailabs.de/en/blog/2020/0…

chybeta PT SWARM It works in latest firefox version.

It seems that there is a lot confusion about the log4j JNDI injection vulnerability (CVE 2021-44228). In our latest blog post we provide additional background fundamentals about JNDI and JNDI exploitation (and a lot of links): mogwailabs.de/en/blog/2021/1…

Here is an idea to identify running beacons: 1. Beacons ThreadState often is: DelayExecution 2. Calltrace to NtDelayExecution includes unknown regions Works also fine against beacons sitting in file backed memory github.com/thefLink/Hunt-…

medium.com/@frycos/search… Blog post published with my special guest "Microsoft Exchange (CVE-2022-21969)"

We could waffle on about our distinctive service portfolios. We could brag about the perks we provide. We could present you with our outstanding team. But you know what? Apply if you can! apply-if-you-can.com

Oh wait, what did we find wrapping up? 🦏😁