HTTP (Hypertext Transfer Protocol) is an application-level protocol used to access World Wide Web resources. The communication consists of a client requests from a server where the server processes the request and sends back a response. HTTP uses port 80 by default but is configurable.
URL Structure
A URL (Uniform Resource Locator) specifies the resource location and how to access it.
- Scheme: Identifies the protocol (
http://,https://). - User Info: Optional credentials (
admin:password@). - Host: Specifies the hostname or IP (
inlanefreight.com). - Port: Defaults to 80 for
httpand 443 forhttps(:80). - Path: The file or folder being accessed (
/dashboard.php). - Query String: Parameters and values (
?login=true). - Fragments: Client-side sections within the resource (
#status).
HTTP Request Flow
- DNS Resolution:
- Resolves the domain (e.g.,
inlanefreight.com) to an IP address. - Checks
/etc/hostslocally first, then queries DNS servers.
- Resolves the domain (e.g.,
- GET Request:
- Browser sends a request to the server’s root
/path. - Server responds with an index file (e.g.,
index.html) and a status code (e.g.,200 OK).
- Browser sends a request to the server’s root
Using cURL
cURL is a command-line tool for sending HTTP requests, often used in automation and web penetration testing.
curl <url> <- raw HTML code
curl -O inlanefreight.com/index.html <- saves the file
curl -s -O inlanefreight.com/index.html <- supresses status info| Flag | Description |
|---|---|
-d, --data | HTTP POST data |
-i, --include | Include response headers in the output |
-o, --output <file> | Write to file instead of standard output |
-O, --remote-name | Save output with the remote file’s name |
-s, --silent | Enable silent mode |
-u, --user | Use username and password for authentication (<user>:<password>) |
-A, --user-agent | Specify a custom User-Agent |
-v, --verbose | Enable verbose mode for detailed operation logs |