Sboxr captures every step involved in the journey of potentially untrusted data from the Source to the Sink that causes Code Evaluation. This section gives you details of each of these steps.

The location of the code that is responsible for each of these steps is also captured and can be seen by the user.

All the information shown here is actual run-time data. This information is useful for:

• Determining if a particular event is actually exploitable

• Determining how and where to apply the mitigation if this event is exploitable