Networking Fundamentals · beginner · ~12 min
Read an HTTP request/response and explain what TLS adds underneath HTTPS.
HTTP is text request/response over port 80; HTTPS is HTTP inside TLS over 443. Status codes group 2xx/3xx/4xx/5xx. TLS adds confidentiality, integrity, and server authentication.
Web and API pentesting is fundamentally about crafting and reading HTTP. Status codes and headers reveal behaviour and bugs, while TLS certificates both protect traffic and leak recon (SANs, issuer, expiry).
Request line + headers + body. Blank line separates headers from body. Status classes. 2xx ok, 3xx redirect, 4xx client error, 5xx server error. TLS guarantees. Confidentiality, integrity, authentication via certificate chain. Cert as recon. SAN hostnames and issuer details.
HTTP is the request/response protocol of the web (port 80). HTTPS is the same protocol wrapped in TLS for encryption (port 443).
GET /index.html HTTP/1.1
Host: example.com
User-Agent: curl/8.0
Accept: */*
A blank line ends the headers; a body (if any) follows. The response mirrors it:
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1256
<html>...</html>
TLS gives three things: confidentiality (encryption), integrity (tamper detection), and authentication (the server's certificate proves identity). A TLS handshake negotiates a cipher, validates the certificate chain, and derives session keys before any HTTP flows. The certificate also leaks useful recon: hostnames in the SAN field, the issuer, validity dates.
Web app testing is reading and manipulating these requests/responses. Headers, status codes, and cookies are where most web vulnerabilities surface, and TLS misconfigurations (weak ciphers, expired or mismatched certs) are findings in their own right.
HTTP is the web's text protocol; HTTPS is HTTP over TLS. Master reading requests, responses, and status codes — and know that TLS provides encryption, integrity, and identity while its certificates double as a recon source.