Web applications employ a myriad of different technologies to implement their functionality. This article contains a short primer on the key technologies that you are likely to encounter when attacking web applications. We shall examine the HTTP protocol, the technologies commonly employed on the server and client sides, and the encoding schemes used to represent data in different situations. These technologies are in general easy to understand, and a grasp of their relevant features is key to performing effective attacks against web applications.
If you are already familiar with the key technologies used in web applications, you can quickly skim through this article to confirm that there is nothing new in here for you. If you are still learning how web applications work, you should read this primer before continuing to the later article on specific vulnerabilities. For further reading on any of the areas covered, I recommended HTTP: The Definitive Guide by David Gourley and Brian Totty (O’Reilly, 2002).
The HTTP Protocol
NEXT is..The HTTP Protocol……..