Skip to main content
Sigvex

Exploit Lab

Landing page for the Exploit Lab — look up a capsule by fingerprint, manage tenant scope, and browse capsule lists.

What it is

The Exploit Lab landing page. It exposes a capsule lookup form, a tenant form for fallback tenant scoping, a tenant capsule list, a per-browser recent list, and a Capabilities panel summarising the five Lab endpoints (Run exploit, Simulate governance compromise, Forge ZK proof, Cross-runtime admin impact, Suggest attack paths, Fetch capsule).

Why it exists

Capsules are sealed records of an exploit path run against a fork runtime. They are produced by the Lab API; this page is the portal entry point for working with them — opening a capsule by fingerprint, scoping to a tenant, and seeing what has recently been sealed.

Who uses it

  • Auditor — opens the capsule attached to a finding to reproduce an exploit.
  • Researcher — reviews tenant-scoped capsules and the Lab’s capabilities.

How to open it

  1. Sidebar → Red Team → Exploit Lab.
  2. Direct URL — /exploit-lab.

Using the page

  1. Open a capsule — paste a fingerprint and submit to open /exploit-capsule?fp=<fingerprint>.
  2. Capsules in your tenant — server-scoped list of capsules sealed under the current tenant. The tenant is derived server-side from your signed-in identity (JWT) — there is no client-supplied tenant input. Use Refresh to re-fetch.
  3. Recently viewed in this browser — client-side list of capsules opened in the current browser. Use Clear to reset the list.
  4. Capabilities — reference panel listing the five Lab endpoints.

Inputs and outputs

Input Source Required
Fingerprint Lookup form yes for Open capsule
Output Format Destination
Capsule detail page URL /exploit-capsule?fp=…

Controls reference

  • Open capsule — opens the capsule by fingerprint.
  • Refresh — refreshes the tenant capsule list.
  • Clear — clears the per-browser recent list.

Limits

  • Requires a signed-in account for the tenant-scoped endpoints.
  • Tenant scoping is enforced server-side; cross-tenant reads return 404 indistinguishably.
  • The recent list is stored per-browser and does not sync across devices.

Troubleshooting

Symptom or error Cause Action
Inline error after Open capsule Fingerprint does not resolve or is not in this tenant Verify the fingerprint and, if needed, set the correct tenant.
Tenant list says “Loading…” Fetch in flight or no tenant configured Set a tenant or sign in.
Recent list empty No capsules opened in this browser yet Open a capsule via the lookup form.