Singapore Internet Users, Secure Your Routers!

We are currently conducting a study of the routers commonly used by Singapore ISPs. Surprisingly, of the three routers we have been testing so far, we were able to find critical vulnerabilities tha...

Hacking Android Activity Intents

The mobile application shown below is a password manager which helps to manage and store passwords in a secure manner. Details about the app used for this blog post can not be disclosed at this ...

Vantage Point Security Research Roundup - Cisco, Symantec and SysAid

Our team has been hard at work the past couple of months, unearthing more than a dozen of zero day vulnerabilities. As we are responsible researchers only a few of these issues have made it to the ...

The Vantage Point Responsible Disclosure Policy

When it comes to reporting zero day vulnerabilities to vendors there’s no standard that everyone agrees on. One goal when defining a responsible disclosure policy was to facilitate a timely reac...

Improve Web Application Security with Frameworks: A case study

As a penetration tester, I am exposed to every web programming language out there and every common framework that exists for these languages. Especially during security source code reviews, I can o...

How to conveniently export Burp findings to Dradis tables

Reporting for security testing projects can be a cumbersome and mind numbing task especially if you still stick to Word templates and have to dig for vulnerability descriptions in old reports. For ...