Route Zero: Security Tools, Tips & Recs

  • APPRENTICE – DOM XSS in document.write sink using source location.search

    When we open the lab, the first thing we see is the following webpage: Hay una barra de búsqueda, por lo que vamos a probar a simplemente buscar algo: When we perform a search and then right-click to inspect the source code of the element containing our search term, we… Continue ⇢

  • APPRENTICE – Stored XSS into HTML context with nothing encoded

    To solve the lab, we need to execute the alert function within a post comment. When we open the lab, the first step is to navigate to any post: Inside the post, we find the following: As we can see, there is an option to leave a comment with several… Continue ⇢

  • APPRENTICE – XSS into HTML context with nothing encoded

    To solve the lab, we need to perform a Cross-site Scripting (XSS) attack that triggers an alert function. When we enter the lab, we see a search field: Let’s start by searching for any arbitrary text: If we look closely, the search term is reflected on the page. Therefore, we… Continue ⇢

  • PRACTITIONER- Authentication bypass via unverified signature

    First, start the lab.Once it is running, go to “My Account” and log in using the credentials provided in the lab description: Now that we are authenticated, if we inspect our cookies we can see a cookie named session, which is a JWT: If we copy this value and paste… Continue ⇢

  • APPRENTICE – authentication bypass via flawed signature verification

    First, start the lab. Once it is up and running, navigate to “My Account” and log in using the credentials provided in the lab description: After logging in—whether with Burp Suite, the browser’s developer tools, or in this case the Cookie Editor extension—we can see that a JWT has been… Continue ⇢

  • PRACTITIONER – JWT authentication bypass via weak signing key

    First of all, start the lab: Once the lab is running, navigate to “My Account” and log in using the credentials provided in the description: Next, log in using the lab-provided credentials wiener:peter. ChatGPT dijo: Once logged in—whether using Burp Suite, the browser’s developer tools, or in this case the… Continue ⇢

  • XML Dropper

    The ESET team has detected malicious campaigns in Colombia that leverage SVG files to distribute malware without requiring external connections, while simulating legitimate processes. From ESET Latin America’s research team, in recent weeks we have closely monitored campaigns that reflect an evolution in malware distribution strategies across Latin America, with… Continue ⇢

  • Analysis of CVE-2025-8088

    Security researchers have discovered that the WinRAR vulnerability CVE-2025-8088 was actively exploited as a zero-day in targeted phishing campaigns to deliver the RomCom malware. This path traversal flaw affects the Windows version of WinRAR and allows attackers to execute arbitrary code through specially crafted archive files. According to the official… Continue ⇢

  • Buffer Overflow Fundamentals

    Before diving into Buffer Overflow exploitation, it’s important to first understand what actually happens when we execute this type of attack. To do so, let’s start with the fundamentals. Table of Contents: Introduction The CPU (Central Processing Unit) is the core component of a computer responsible for executing machine code.… Continue ⇢