The Hypertext Transfer Protocol (HTTP) might just be the most common application-level protocol out there these days.

A minimal HTTP request

Minimal request HTTP request

GET / HTTP/1.1
host: something
 

(Note the blank line at the end.)

Link to original

HTTP headers

Common HTTP headers

HTTP headers are (relatively) arbitrary. Common/Important ones to watch out for:

  • Server — Web server information (Apache, NGINX, etc.); useful for recon.
  • True-Client-IP — Override the client IP address (direct connections to servers).
  • X-Forwarded-For — Override the client IP address (connections forwarded through proxies).
  • X-Powered-By — Added by some application engines to advertise themselves; useful for recon.
  • Content-Type — Specifies the body content; normally only set by the client for POST/PATCH requests (for example, form data uses application/x-www-form-urlencoded.
  • Content-Length — The length of the body in bytes (which is just characters for ASCII) for POST requests.

There are other headers (for example, Cookie), obviously. Arbitrary additional (non-standard) headers should be X-prefixed, though there’s technically nothing stopping anyone from ignoring this convention/standard.

Link to original