Sboxr captures all the DOM Communication performed by an application. It monitors the following communication channels:

• Ajax calls, this includes XMLHttpRequest and fetch API use

• Cross-window messages sent via postMessage API

• WebSocket communication

Sboxr then processes the data sent in these communication channels and identifies all the data leaked by the site on the client-side.

The following options exist for viewing the data leaked:

• Sensitive Data Leaked

• Data leaked via Communication channels

• Data leaked via Referrer headers

• All Data leaked via Communication channels

• All Data leaked via Referrer headers