The Journey
Cyber Security
Cyber Security
  • Chapter 1: Setting up Debian
    • Make User Sudoer
    • Change SSH Keys
    • Add Kali Repositories
    • Bidirectional Clipboard
    • Create Flameshot Keybind
    • Install Peek and add keybind
    • Customizing Looks and Feels
    • Disable Suspend/Hibernation
    • Add Min/Max buttons to Windows
    • Install and Configure ZSH for Terminal Syntax Highlighting
  • Chapter 2: Bug Bounty Basics
    • Web Requests
      • HTTP Fundamentals
        • HTTP
        • URL
        • HTTP Flow
        • cURL
        • HTTPS
        • HTTPS Flow
        • cURL for HTTPS
        • HTTP Request
        • HTTP Response
        • HTTP Headers
        • More cURL
        • Browser DevTools
      • HTTP Methods
  • Cheat Sheets
    • cURL / DevTools
Powered by GitBook
On this page
  1. Chapter 2: Bug Bounty Basics
  2. Web Requests
  3. HTTP Fundamentals

HTTPS

PreviouscURLNextHTTPS Flow

Last updated 3 years ago

Hypertext Transfer Protocol Secure

HTTPS mitigates the simplicity of a MitM attack that can occur on HTTP. This is because all communications are sent encrypted.

HTTPS is the mainstream for all websites and HTTP is being phased out.

HTTPS Overview

Check out the difference between a login request between HTTP and HTTPS

In HTTP the login credentials are clearly visible. Not so much with HTTPS.

One caveat of HTTPS is that if the request goes through an unencrypted DNS then the site visited may still be visible. This can be mitigated by using an encrypted DNS (ex: 8.8.8.8, 1.2.3.4) or use a VPN. This way you can be sure all traffic is encrypted.

HTTP
HTTPS