A full-detail view of a sealed exploit capsule. The page renders
the ExploitCapsuleDetail React component, which reads the
capsule by fingerprint and shows per-step execution, side-effects,
traces, and the reproducer.
Why it exists
The capsule is the reproducible artefact the Lab produces. Teams
need a rich view that can render every step, every state change,
and every trace entry — not just a summary. This page is that
detail view.
Who uses it
Auditor — reviews the full reproducer attached to a finding.
Researcher — studies side-effect traces to understand
exploit behaviour.
How to open it
From /exploit-lab — open a capsule by fingerprint.
Direct URL — /exploit-capsule?fp=<fingerprint>.
Using the page
On load the component reads the fingerprint from the query
string.
If the fingerprint is missing the component shows an empty
state and redirects back to /exploit-lab.
Review the capsule via its verdict header (severity,
exploitability tier, attacker gain), the step timeline (one
expandable block per step with side-effects and call trace),
and the PoC reproducer block.
Inputs and outputs
Input
Source
Required
Capsule fingerprint
Query string ?fp=<fp>
yes
Output
Format
Destination
Capsule detail render
HTML
In-page
Controls reference
All capsule-detail controls are owned by the
ExploitCapsuleDetail component — step expand/collapse and
copy actions for the reproducer.
Limits
Requires a signed-in account.
The page is client-rendered — the fingerprint is read from
window.location.search at mount time.
Cross-tenant capsules return 404 server-side; the page shows
an empty state when the fingerprint cannot be resolved.
Troubleshooting
Symptom or error
Cause
Action
Page redirects to /exploit-lab
Fingerprint missing from the URL
Re-open the capsule via the Exploit Lab landing page.