invist

Oh wait, what did we find wrapping up? 🦏😁

We could waffle on about our distinctive service portfolios. We could brag about the perks we provide. We could present you with our outstanding team. But you know what? Apply if you can! apply-if-you-can.com

@frycos/searching-for-deserialization-protection-bypasses-in-microsoft-exchange-cve-2022-21969-bfa38f63a62d" target="_blank" rel="nofollow noopener">medium.com/@frycos/search… Blog post published with my special guest "Microsoft Exchange (CVE-2022-21969)"

Here is an idea to identify running beacons: 1. Beacons ThreadState often is: DelayExecution 2. Calltrace to NtDelayExecution includes unknown regions Works also fine against beacons sitting in file backed memory github.com/thefLink/Hunt-…

It seems that there is a lot confusion about the log4j JNDI injection vulnerability (CVE 2021-44228). In our latest blog post we provide additional background fundamentals about JNDI and JNDI exploitation (and a lot of links): mogwailabs.de/en/blog/2021/1…

@chybeta @ptswarm It works in latest firefox version.

RCCMD is a service that lets you systematically shut down critical systems in the event of a power outage. In our latest blogpost we show how systems can be compromised via this service: mogwailabs.de/en/blog/2020/0…

We just pushed a new MJET version with two small features that might be handy if you are dealing with some unusual targets. github.com/mogwailabs/mje…

github.com/thefLink/C-To-… Some examples on how to create complex PIC which uses syscalls in pure C. One can use any shellcode loader/injector to execute complex PIC and use encoders to break signatures.

@frycos @steventseeley Personally would also go with goharbor.io . If you don't need a full feature regsitry you can also serve the images via a webserver (docker save |bzip2 > s.bz2 ) and restore them via cat s.bz2 | bunzip2 | docker load. Hacky way but simple & ro

@steventseeley @invist

What are my options for a private docker registry that allows me to give users read access only?

Once upon a time there was a #Sophos XG Firewall N-day that had @ramoliks and @niph_ dig deep until they got RCE, a 0-day and a comprehensive blog post. #CVE-2020-12271 #CVE-2020-15504 codewhitesec.blogspot.com/2020/07/sophos…

SAP has released security updates for a critical vulnerability in NetWeaver AS Java. Patch ASAP! Read our Activity Alert at go.usa.gov/xfTCB for more information. #Cyber #Cybersecurity #InfoSec

github.com/MegadodoPublic… This is some pretty cool PHP deserializiation stuff.

It is now official, @olekmirosh and yours truly will be presenting at @BlackHatEvents one more time! 🎉 #room-for-escape-scribbling-outside-the-lines-of-template-security-20292" target="_blank" rel="nofollow noopener">blackhat.com/us-20/briefing…

MOGWAI LABS was founded 2 years ago. Due to Covid19, we will have no party. However, I booked several DJs to create some mixes instead. Starting with DJ Crypt from the Famous Deck Team who is showing his turntable skillz with this fine hiphop mix. Enjoy :) soundcloud.com/dj-crypt/2-yea…

Our beta release of ATT&CK with sub-techniques is now live! We’ve just posted a blog post by @stromcoffee with links to all of the new resources and advice on how to leverage them (medium.com/mitre-attack/a…). You can also check out the new site itself at attack.mitre.org/beta/.

We have published a new report: Fox Kitten - Widespread Iranian Espionage-Offensive Campaign. clearskysec.com/fox-kitten/ #APT34 #APT33 #APT39

In our latest blog post, we take a closer look at @_tint0 s RMIRegistry Bypass gadget mogwailabs.de/blog/2020/02/a…

Despite being 2020-01-11, I think @cyb3rops just won the PR of the year award! github.com/projectzeroind…

Oh look, we now have a „careers“ section on our homepage mogwailabs.de/careers/