 Hello, hi, everyone. I'm Sanjay Gupta. I welcome you on Sanjay Gupta Tech School. I have Sumit with me So like today we are going to have day seven of cybersecurity bootcamp. So I hope From last session Whatever Sumit explained to you like you need to install and set up some accounts. So you have done those things So over to you Sumit. So just confirm If they have any questions regarding previous sessions, otherwise you can proceed further Over to you Sumit Hello, welcome again on this cyber security bootcamp. So this is Desi one and I welcome you all in the cyber security bootcamp. My name is Sumit jen so I'm a ethical hacker and cyber security expert previously working in scenic red team and pentabag red team member Apart from that, I am working as a senior security specialist at gto networks. I have 10 plus years experience in the cyber security domain Previously, I'm working as a guest instructor at cgts And right now I'm helping the students pressure and professionals to build their career on cyber security domain and related fields So you can like Subscribe and follow and share our youtube channels where I'm regularly creating content related to cyber security. You can join the sanjay gupta tech school YouTube channel as well, please share and review or feedback about our bootcamp How you want to Proceed what are you learning? So the feedback is important. You can follow Me on these other platforms as well You can follow me on linkedin twitter and you can join the telegram group. The links are available in the video description So previously we talked about how to install burbsuit. So you install this burbsuit tool in your operating system and Captured all the traffic the browser your browser is generating So tell me in the comments if you are having any problem related to installing or config configing the these tools so I have a cushion by jen How can get your certificate joined from today? So jen are are you asking about the burbsuit certificate or any other certificate? Please clarify If you are asking about the burbsuit certificate, you can get it from here Click on proxy and click on import export c a certificate Export the certificate in c er d r format save the certificate and then import in your browser the browser we will be using is firefox So you can get the settings in firefox settings section where you can search the certifications and then import this certificate So I hope everyone installed this software. So let's move on According to our session tracker Today we will be learning how these sttp request and response works how to read these messages basically our communication is Doing two-way communication is doing in the form of request and response So how this request works and how response works How these request and response contains some headers and how to read out So let's first capture a request. So this is my domain and I install I open The foxy proxy and then open the burbsuit interceptor so I can get the request from the google Simply refresh this space and then I will get the response from the google Here is the response from google and you can see there are multiple headers in it. So let's read one by one Apart from that, let's check out Its response as well. So here is the request and If I send this request into the repeater tab using this function send to repeater and then click on repeater Send this request to get a response and here is the response I'm getting from the google. So what are those these headers and what they contains what they means So first we will read about how request header work and then how response header work What are the what are other headers the response request response message contains and what are the headers request message contains What are the changes we use and Some headers related to the security called security headers. So what are those headers? So we will learn about in today's session Simply request and response headers. So we have multiple headers our request Is started with this section This is our request. So our first letter is contained by this. This is known as sttp method So here I am getting a sttp method is called post and then a url And then a sttp version. So our first line contains three values one is sttp method I'm talking about Only request the sttp request right now. I'm talking about sttp request So in sttp request our first line contains three values first one is sttp method The second is the url. We are we are visiting Or path we are visiting The third is sttp version. So in request These have some values. These have some uh So what are what are what is sttp method? So basically sttp method Is this get method and post method. So if our request generated get method So that method means we are only retrieving the data. We are connecting from the website and containing some data And if we can if we are getting our request in post method, so We are outsourcing some data and we have we have some data in our message body as well. So this is our headers So if I talk about sttp headers So our get header is our get method is designed to retrieve the resources It can be used to send parameters to the requested resources in the url query string So if if a get method is generated only you can retrieve some resources But if post method is generated it generate it contains some message in the body section as well So if you are getting this message You have some message in the body section as well. But in this post request the message is displayed here So it doesn't contain any message and if we are getting some get request like this This is a get request. So get request is used to retrieve some resources But in the post request we get some data as well So you can clearly see the get request Have some less headers, but post request some more headers or and these are called headers Host header the cookie header user agent header accept header accept language accept encoding referer origin sac fetch sac fetch mode sac fetch the site content length and These are request headers and as well as in the response part We have also have some headers like content type content security policy cross-horizon opener policy report to date server content length accesses protection x-frame options and else svc So all these headers have some meaning and all these headers have contained some values in it So we have to read about we have to read about all the request headers as well as the response headers So what are these headers means? So the server header Contains a banner indicating the web server software being used So if in a server header, you are getting a web server information So in this option you are getting this is the web server name google is using is called ZWS So in the server header, we are getting the web server name what it Then set cookie header issues The browser's further cookies. This is a submitted back in the cookies header of subsequent request to the server So basically when we first Generated request via the browser a cookie header will supply it back to the server and then server respond back with the set cookie header So you can see in the burp suit There is a cookie header and it contains some cookie values as well in the rest request and In the response you get set cookie You get set cookie header According to the cookie So basically set cookie headers Joe set cookie headers issues by the server and cookie header is issued by the browser The pragma header Instruct the browser not to store response in its cache So if a server don't want to store their response in the browser cache memory It generates the pragma header The expire header indicates that the response contained response contained expire in the past and therefore should not be cached So the expire if you if a server are using expire header So your response will not cached in the browser memory and it will be expire automatically So all the sttp response contains a message body following the blank line after the headers The contain type header indicates that the body of the message Contains an stml document. So with basically Content type shows how our data is retrieved in stml format in json format in image format In pdf format in php format or any other format we are using so in contain type We have the format information. So In this request, you can see The contain type is text html Right and in this request Content type is also text stml. So basically in the request and response Messages we have a multiple headers and all these headers contains some valuable information Like user agent header contains the information about your browser and your operating system So right now it is displayed that I have using mozilla 5.0 Macintosh my intel mac os and the firefox version number is 112 In the language section except language it is displayed that the website contains contains is showing English us the united state english and the raffer and the original header contain the url I am Making the request and in the host header is also Showing the url. I'm connected to In the response there is a header called date So date header contains the date today's date the Which I'm making the request so tuesday may 9 23 and the time It is in gmt format. So you get the time and it can it also have some headers as well Which is called security headers. So in the response, we have several Security headers who protect all this response data So these headers are known as security headers x access protection x-frame options and we have some more security headers as well. We will talk about it in in few seconds So let's read about some more headers. So some some headers are general headers So these are some general headers like connection connection tells that the other end of communication Whether it should be closed by the tcp connection after the s ttp transmission has completed or kept it open for further messages So basically connection is like something when you you want to connect a target when you're connecting a target So it tells that the other end of communication. It should close the tcp communication The content encoding it specifies what kind of encoding is being used for the content in the message body Such as ggb, dflit. These are some encoding techniques. So basically what encoding technique server is using The value will be set in the content encoding header The content length specifies the length of the message body. So in the message in the request the amount of Data size is Derived by the content length. So if we have 2000 bytes of data, it will be displayed in the content length header Content type specifies the types of content obtained in the message body such as text xtml for html document Such as image slash png or jpg Or gif for image type format and if you are using some PHP data and if you are using some json data So it will be set as application slash php The transfer encoding te Specifies any encoding that was performed on the message body to felicitate the transfer over sttp So you can see in the response here is te header is set Like this trailers. So this is a encoding type the browser is using to send the message over the Our domain Moving on we have some request headers like accept these these headers generates only in the request part So accept header tell the server what kinds of content the client is willing to accept such as image type Office document formats and so on so accept Accept header will be tell the server that our browser what type of content our browser wants or our client wants if we Upload an image then the accept is set as image type Then accept encoding it will tell the server what kind of content encoding the client is willing to accept So basically these header is Sat by the your browser. So your browser is Instructing your server instructing your domain that what kind of encoding i am willing to accept Then authorization authorization submits credential to the server for one of the built-in sttp authentication type so if you are if you are logging a login panel and if you are If you are capturing the request of a login panel These authorization header will be set and it will contain the credential you are providing. So if you are Putting your id and your email or your username and your password. So it will be sent by this header The cookie header the cookie submits cookie to the server than the server previously used So basically cookie header is used to submit cookies to the server and server is reply back with the set cookie header The host header Specifies the host name that append in the full url being requested So it will it will shows our full url that we are connecting to Then we have if modified since So this header specifies when the browser last received the requested resource If the resource has not changed since the last time The server may instruct the client to use its cached copy Using a response with a status code three or four. So basically when a when when we are visiting a website again and again And the content is not modified since the last time we are visiting the Visiting the content. So this header will be set and we are getting our response from the cache memory We have in our browser If none match This header specifies entity tag, which is an identifier denoting the contents of the message body The browser submits the entity tag that the server issued with the requested resource when it was lost last received So it will be Checking your cache memory for the entity tag. And if this is fine, you will get this header in your request Origin header Origin is used in the cross domain as x request to indicate the form of this which the request is Originated. So if you are If you are connecting a domain and if you are getting a request from the sub domain So the origin header is set where you are getting your original Response where you are getting your original response. The response url is set in the origin header therefore Specifies the url from which the current request is originated So referer header will be set if your current url you want to get the response from So if your current request is originated from which url, you will get these url in referer User agent header provides information about the browser or any other client software that generated the request So if you are generating a request with help with the help of browser with the help of any other client software like Chrome and safari or A microsoft a's or brave browser and any other client Softwares. So these information will be travel travel with This user agent header So all these are known as request header And if we talked about the response header, we have some response headers as well So request headers generated in the request message and the Response header is generated in the response message So in the response header, we have first header is access control allow origin This header indicate where the resource can be retrieved via cross domain as x request So basically if your content is traveling in the cross domain, so you are getting The values in the access control allow origin cache control basically cache control caching your Your response to your browser. So if we don't want to cache our response To into your browser. So we generate we add a value in this header like no cache So if we add this value in the cache header cache control header, so our response will be not Saved by the browser e tag e tag specifies an entity tag client can submit the identifier A future request for the same resource So if we visit a target again and again, so it will be shared with the e tag expire Tells the browser for how long the content of the message body are valid So if you are using a banking website, the expired time should be Very low because it will end your session in a short frame of time if you are inactive on the website so For this function the expire tag expire header is responsible because the expire header will tell the browser How long the content of the message body are valid? So if you are logging a website if you are in a website and you are Visiting a profile page, but you are inactive and Then your expider header values will tell the browser how long the content will In how long the content of the message body will expire in a time Location this location is used in the redirection responses. So when we are getting our resources from a A different location in redirection location So we have a location header to tell the browser from which we are getting our response Then pragma passes our caching directories to the browser Server I already told you it provides information about the web server Set cookie it issues cookie to the browser and it will be submit back to the server in subsequent requests So when a browser generated a cookie header in the response server generated a set cookie header Triple w authenticate is used to response that have a 401 status code So we have we need to read about the is these status code as well So what are those status code? So the status code are a visit number It will tell our browser that out what the server is telling responses X-frame option these headers known as security header and indicates whether and how the current response may load it in the browser iFrame so in html we have a tag Called iFrame So if you want to load our response in iFrame tag And if you don't want to load our response in iFrame tag, so we use this header x-frame options So in this request and in this response we have multiple headers that will tells our browser that How this request or how this response works? How are the Our content so let me show you if we get some Login request as well So for logging request I need to go to my browser and logging some website So let's use this website for demonstration purpose So here is a login panel and i'm about to Catching the response from a login page So giving here a dummy content This is my own email or this is a text Email address i'm using and giving some passwords dummy passwords like this And i'm about to Capture this request generated by the browser. So let's turn on our proxy And submit this Content and let's go back to our So my browser is generating more traffic. That's why i'm getting all these requests You can see this data is traveled So basically it will generate by the post header and then all this header all these data Will be traveled with the our request if we Get if we send this request to repeater and check what are the response of this request you can get event is submitted So basically post request contains some data and our glad request doesn't contain a data And our data. So basically Your message is displayed here Your message is displayed here in this section your message displayed. So in our post Post request we have some data like this But in our get request we don't have any data So get and post method will widely used in our traffic There are some others some other sttp method as well Like this This is our some other sttp methods as well so head Head functions in the same way as a get request Except that the server should not return a message body in its response The server should return the same headers that would return in the corresponding get request We have trace sttp method as well trace is designed for diagnostic purposes So if we are diagnosing our domain we use trace sttp method So trace is designed for diagnostic purpose the server should return in the response body The exempt content of the request message is received. We have another sttp method which is called option Option ask the server to report the sttp that are available for particular resources and put Put attempts to upload the specified resource to the server and we if we are uploading some content on the On the domain. So we get put request. We get our data in the put request So these are the some request And response headers you need to learn about it. You need to remember it how These header works what are these headers means and what are the values these header contain Because it is important when you are attacking a web application via the bop suit You need to specify some values in the Rest sttp request and in the sttp response So you need to modify the sttp request like this and you need to modify the sttp response As well. So you need to understand what this request means what types of data our request contains What type of data our response contains what headers your request message is using what headers your response message is using And what are the values your headers are headers is using what we can add if we want to add extra headers what are those extra headers as well. So you need to learn about it. You need to Remember it you need to remember all these headers What it you can find these These this document in our section tracker, sir will be Attached a link to this document If you have any question regarding that you can ask in the Comment section. So I am waiting some I am waiting for some messages Yeah, guys, if you have any question you can ask Book name. So love joe sing is asked book name love joe sing. This is a web application hackers handbook This book name is web application hackers handbook. So I don't see any more patients. So let's move on now We need to learn about all these security headers So for that we have a website which will which will display all the security headers your Website is using So let's turn off our browser about proxy. So we will load So we have a website called security headers dot com Using this website you can check your domain are using which of the security headers So if you are putting a domain name in this search section and scan the domain name You will get all the security headers websites are using So here in the header section, you will get All these headers these headers are known as security headers. So in the green section That means the websites our website is using these headers And if this is in red section the website is not using this header You can learn about it more here. What are those? Header means so these are known as security headers basically this will provide Some security to your request and response and your data that containing in the response body So the server URL or domain name or the sub domains are frequently using These security headers to provide an extra layer to your messages So basically we have These six types of six or seven security headers One is x content type option One is x accesses protection. One is x frame options Strict transport security cross-horizon opener policy permissions policy content security policy So you can read about it all this information like What is report to report to enables the reporting API? This allows a website to collect reports from the browser about various errors that may occur You can sign up for a free account to own report. You are I to collect these reports And then content security policy known as csp as well Is an effective measure to protect your site from accesses attacks. So basically this is a web This is a application attack known as cross site scripting If you are if you if your website is not handling Zava script properly then this attack will occur and this header will Protect your site from this attack Permission policy is Allows a site to control which features or API can be used in the browser So if you don't if you if you don't want to If you don't want to tell the browser which of the features and api the browser will use so we will add this permission policy Cross-horizon opener policy allows a site to obtain to cross-horizon isolation in the browser x content types option if you don't want to Allowed some types of content in our browser. We use this x content types option like if we In a profile upload section. We don't want to Upload a PDF document or zip file or an audio or video We strictly want to upload an image file. So we use this x content type options x accesses protection this header will also protect our application for the x accesses attack x frame option this will this will tell our browser that Our site will be not framed. So basically it will restrict our site to getting in the iframe An hsds stick transport security Is an excellent feature to support your site and basically if we are adding this sttp st stts a strict transport security header then our domain is strictly visited by sttps not sttp We are strictly getting our traffic from hypertrex transfer protocol secure not in the sttp protocol So these are some headers. These are some security headers and In the previously I told about all the request and response headers So tomorrow we will be learning about how to use the github So you need to go to github and create an account. So I will tell you how to create an account Let me log out my account So this is github you can go to in sign up section and put your mail address And can create your account. This is a free service. You can create an account With your with the help of your email You can specify your password and your github account is ready So we need this account for our tomorrow session. So you can create and one more You can create the account here as well. So shodan is a computer search engine. We can search computers All over the world using this service and you can also click on sign up and create an account For this you can specify which the what is the username of your account? You can also log in with your google account So it will Automatically logged in with your google account and you can log in with your microsoft account as well Also, you need to create an account on this service as well Here you can find the register section And you can register yourself with the help of your email address You can put your first name last name You can use some organization name email password confirm password Agree and then capture and then create my account For the organization name, you can put test and for the phone number You can put your phone number select the country from this drop-down menu connect Make an account on this website as well hunter.how You can find the sign-in option here Click on this and you can log in with your google account So all these accounts are important for tomorrow's session We will be talking about how to use google docs and how to Exiltate the data how to how to Find sensitive data using these services So, I think there are two questions Yes, I'm seeing So Anil Kumar is asking what is what are the main use of bob software? So Anil basically bob is for capturing all the traffic your browser is generating Then we can modify or we can see what is the server is Generating what are the server messages? What are the server responses? So basically bob is a monitoring tool as well as a scanning or monitoring or attacking tool So using this software we can attack in application. We can modify some requests We can modify some responses. We can watch out in real time. What our application behave? What is our application behavior? Your other question is repeat the book name. So book name is web application handbook And if you want to buy the book you can purchase it here web application It is available on amazon and flipkart as well hackers Handbooks You can find in the amazon section This is the book name that application hackers handbook How can resolve missing header? So if you are If you are a developer and operating a site you can add these these headers in your Website setting website dns setting. So when your website is generating the traffic it will contain these errors Love those thing is asking when I activate the proxy my browser Won't not work. Can you help me to solve the problem on telegram? So When you are open a proxy your traffic is redirected to the bob So you will you will not getting any response in the browser. So if you want to Browse some other website you you will you need to turn off the proxy first After turning off the proxy you can visit the websites you want But if you are turning on the proxy all the traffic is redirected to your bob software So you won't be able to browse any other application or the Current application you are about to capturing the request So you need to turn off the proxy and you also need to turn off the interceptor in the bob software as well Both the proxy settings will be off. Then you are able to Communicate with other websites But if you are both options can be on that all the traffic will be redirected to your bob suit So I think there is no other questions So thank you guys for this Over to you sir Yeah, thank you sumit for this wonderful session. So I think lots of technical knowledge you shared And maybe tomorrow's session will be more practical oriented. So guys will be enjoying that and those who have joined this session for the first time and if you want to watch all Days recordings. So they are available in a session tracker. So that session tracker is actually available in the description of this video and You can follow sumit's youtube channel as well the cyber security zone. So in that channel you you can find videos Based on specific topics, right? So in this live session like it is on day basis, but if you want to see Specific topic so you can follow him and he's creating lots of content On regular basis. So if you want to master your skills in cyber security domain So just follow that and you will get to know each and every details day by day Okay with this note. So I just want to thank sumit. So he's paying some time and sharing his Lots of knowledge with you guys. So please support and share this channel like Cyber security zone with other folks as well who are cyber security and enthusiast So thank you for joining this session. Thank you so much for delivering the content Uh, yeah, so there is a question from jyoti. So do we need to use all of the All of them which you showed in the session. So I think yes So for tomorrow's session like whatever account sumit told you you need to create So if you create those accounts, so that will be good Okay, guys. Thank you. See you tomorrow same time Thank you guys