Tutorial
If you are just getting started with LAPSE, the following steps are recommended:
1. Open LAPSE views in Eclipse
Click Windows | Show view | Other in Eclipse workbench:
Select all LAPSE views and open them. Also open all projects that you want to scan for vulnerabilities. Make sure that the projects you are interested in are properly configured and compile. Compilation errors will preclude LAPSE from finding all potential vulnerabilities.
2. Vulnerability Source View
Find vulnerability sources by clicking on the little error icon 
in the source view:
click on the image to see more
3. Vulnerability Sink View
Find vulnerability sinks by clicking on the little error icon in the sink view:
click on the image to see more
4. Provenance Tracker View
Highlight a particular variable for which you want to find out where it comes from. Click on the lookup icon 
in the provenance tracker view to initiate backward propagation search.
Perform backward propagation from vulnerability sinks to find unsanitized source-sink paths. The screenshot below shows how the value of variable
appOid propagates from the result of a call to commands.get(2) as well as an array element args[1]. As with the source and
sink views, clicking on individual lines will take you to the relevant place in the application code.
