1 00:00:00,060 --> 00:00:00,930 Welcome back, everyone. 2 00:00:00,960 --> 00:00:08,280 This is fresh and this session is about going back to Inglewood SCDP. 3 00:00:09,030 --> 00:00:17,110 I know you have got a got in basic idea about what's what SCDP is, but this is very clear your mind 4 00:00:17,110 --> 00:00:21,480 and will make you understand what all happening behind the scene. 5 00:00:21,720 --> 00:00:22,050 All right. 6 00:00:22,050 --> 00:00:23,010 So let's get started. 7 00:00:23,830 --> 00:00:32,190 OK, for this to understand, if you remember correctly, I talked about I talked about I relate everything 8 00:00:32,190 --> 00:00:40,560 related to how the browser and how the interaction between the browser and the web server happens back 9 00:00:40,560 --> 00:00:41,000 and forth. 10 00:00:41,010 --> 00:00:41,310 Right. 11 00:00:41,880 --> 00:00:44,230 So for that to test, we need a browser. 12 00:00:44,300 --> 00:00:49,650 OK, and you don't have to go anywhere as well and pick up our favorite browser. 13 00:00:49,650 --> 00:00:50,340 That's Chrome. 14 00:00:50,460 --> 00:00:54,420 OK, so let me go there and we'll make use of Chrome browser. 15 00:00:55,350 --> 00:01:06,450 And let's say you go to any any random site, try to go to any random site I'll make use of. 16 00:01:10,090 --> 00:01:14,150 This will be our testing website to our decision, OK? 17 00:01:14,530 --> 00:01:21,040 This is a demo site, and what do you need to do is while testing any site, maybe it's Google or anything, 18 00:01:21,550 --> 00:01:22,480 just go there. 19 00:01:22,960 --> 00:01:27,460 You will find an option in more tools and developer tools. 20 00:01:28,010 --> 00:01:30,470 OK, so now what next? 21 00:01:30,730 --> 00:01:35,850 You have to select the network, keep it all OK. 22 00:01:36,460 --> 00:01:40,630 And now once it is done, then you have you can select any pages. 23 00:01:40,640 --> 00:01:44,280 Let's say I go to any section over there, OK. 24 00:01:44,830 --> 00:01:48,350 And I selected I click on one of the buttons. 25 00:01:48,350 --> 00:01:48,680 So there. 26 00:01:48,910 --> 00:01:56,210 OK, now the moment you do that, there are multiple request has been sent to the web server. 27 00:01:56,470 --> 00:02:01,410 OK, now you can select any of this request resource. 28 00:02:01,810 --> 00:02:09,820 OK, and the moment you select any one of them, you get all the daps open up sync headers, preview 29 00:02:09,820 --> 00:02:12,790 response initiator timings, cookies, --. 30 00:02:12,840 --> 00:02:13,220 Sorry. 31 00:02:13,570 --> 00:02:19,300 At this moment we are interested about headers of the EDP. 32 00:02:20,020 --> 00:02:20,920 So remember this. 33 00:02:21,520 --> 00:02:28,780 Whatever you are exchanging across this session while you are communicating to the web server, remember 34 00:02:28,810 --> 00:02:34,090 it's all SCDP and all caddy's should be request and the response. 35 00:02:34,320 --> 00:02:34,620 Right. 36 00:02:35,020 --> 00:02:41,720 So this header will give you an idea about board response header and request kind of. 37 00:02:41,830 --> 00:02:42,490 Do you see this? 38 00:02:42,820 --> 00:02:48,970 There are there are basically four parts of general response header requested. 39 00:02:48,970 --> 00:02:51,460 It will first talk about the request header. 40 00:02:51,520 --> 00:02:54,510 What we just requested, we requested for this. 41 00:02:54,580 --> 00:02:55,360 What was that? 42 00:02:55,450 --> 00:02:59,280 The postal tab under the demo test fired off that. 43 00:02:59,290 --> 00:02:59,550 Right. 44 00:03:00,010 --> 00:03:02,890 So let's open the request header. 45 00:03:03,040 --> 00:03:07,500 And you see, this is what has been requested. 46 00:03:07,660 --> 00:03:15,220 This is the request you are that the site requested for the first site is the demo test fire department. 47 00:03:15,220 --> 00:03:16,150 This is what it is. 48 00:03:16,540 --> 00:03:18,340 And that has been requested. 49 00:03:18,910 --> 00:03:21,640 And you can even see the resource. 50 00:03:21,790 --> 00:03:25,330 You can get the idea about what encoding has been used. 51 00:03:25,690 --> 00:03:28,780 This is all about the request header. 52 00:03:28,990 --> 00:03:36,640 OK, and when you look at the response that came back, you get the idea what all it is, right? 53 00:03:36,970 --> 00:03:38,560 You get the idea about it. 54 00:03:38,560 --> 00:03:40,900 Is the response coming back from the server side. 55 00:03:41,200 --> 00:03:47,380 And when you look at the general tab, that's where the things become even more and more simpler, because 56 00:03:47,380 --> 00:03:52,390 this is where the overview of the entire session basically happened. 57 00:03:52,390 --> 00:03:55,600 What is the or what is the basic stuff request and the response. 58 00:03:55,600 --> 00:03:59,830 If you remember, I talked about in the request, there are multiple methods. 59 00:04:00,550 --> 00:04:02,000 So that is a get request. 60 00:04:02,000 --> 00:04:05,830 There's a post request as a put request and there's a benefit request. 61 00:04:05,950 --> 00:04:07,620 This is all methods. 62 00:04:07,630 --> 00:04:07,900 Right. 63 00:04:08,200 --> 00:04:14,590 And while while we get the response from the Web server, we could have any kind of response code, 64 00:04:14,590 --> 00:04:19,040 which could be a starting from hundreds of years to five, 500 to you, etc.. 65 00:04:19,500 --> 00:04:26,770 So you see, this is our resource that we have asked for, demo test, fire, dot that starts and next 66 00:04:27,130 --> 00:04:29,350 GSB and then Kushima. 67 00:04:29,350 --> 00:04:31,780 That means it's a search query which has been used. 68 00:04:31,780 --> 00:04:34,980 The content is Postum because we click on the person that. 69 00:04:35,020 --> 00:04:35,280 Right. 70 00:04:37,090 --> 00:04:41,400 You see it is a request that means ask for certain resources. 71 00:04:42,040 --> 00:04:47,130 We click on the personnel and we want to get what call resources present on the content. 72 00:04:47,140 --> 00:04:47,380 Right. 73 00:04:47,740 --> 00:04:50,230 And we get the status code as two hundred. 74 00:04:50,230 --> 00:04:53,170 Okay, that means everything is good. 75 00:04:53,350 --> 00:04:56,470 You are ready to receive all the content with it. 76 00:04:56,800 --> 00:04:58,510 The mode address is this. 77 00:04:58,840 --> 00:05:00,310 This is the refresh policy. 78 00:05:00,310 --> 00:05:07,960 I'll talk about all this and the next session and the scatty schoolkids will give you just just for 79 00:05:07,990 --> 00:05:17,230 information is very important to Tukey is important for the website was to remember the identity of 80 00:05:17,230 --> 00:05:17,800 the user. 81 00:05:18,460 --> 00:05:23,650 Nowadays, for all the e-commerce site, -- plays a very, very important role. 82 00:05:23,650 --> 00:05:30,010 So if you remember, if you can if you can recall when you purchase something and let's say you go back, 83 00:05:30,310 --> 00:05:37,000 you have your coffee, you have your lunch and you come back, but you even if you restart your machine, 84 00:05:37,000 --> 00:05:43,120 you still see something in your car that happened because the the the e-commerce side, maybe Amazon 85 00:05:43,330 --> 00:05:45,640 still remember you based on your cookie. 86 00:05:45,880 --> 00:05:48,660 OK, that's what the purpose of Cookie, basically. 87 00:05:49,300 --> 00:05:55,630 And in fact, the system of apps also know about what is the user agent and everything. 88 00:05:55,630 --> 00:06:00,640 And it can also remember what kind of a platform the server is used making use of. 89 00:06:00,940 --> 00:06:04,690 It is a battery or whatever it is you see in the response header. 90 00:06:04,960 --> 00:06:08,380 You even get to know the server which is being built, the Altura. 91 00:06:09,230 --> 00:06:10,810 It is an Apache, right? 92 00:06:10,850 --> 00:06:12,400 So that's specific, it is. 93 00:06:12,830 --> 00:06:16,150 Let's go a bit more detail. 94 00:06:16,340 --> 00:06:20,890 We'll talk about Barb will open up a bulb suite. 95 00:06:21,050 --> 00:06:23,390 This is how you can look into the browser. 96 00:06:25,490 --> 00:06:32,090 You can open up Boxwood, which is being used for Web application, testing, application, security 97 00:06:32,090 --> 00:06:33,830 testing and penetration testing as well. 98 00:06:34,220 --> 00:06:38,120 If you even open ended, you get the idea about how this works. 99 00:06:38,450 --> 00:06:40,170 It is nothing but a proxy. 100 00:06:40,460 --> 00:06:46,990 So all the request that goes to the Web server first goes it all goes through the proxy. 101 00:06:47,330 --> 00:06:53,050 So if the proxy allows the traffic, it goes it will be allowed and sent to the Web server. 102 00:06:53,100 --> 00:06:57,190 If a discard, it won't be it won't be going to the Web servers. 103 00:06:57,260 --> 00:06:57,560 Right. 104 00:06:57,590 --> 00:07:04,070 So that means everything that now goes directly from your Web server to the from your Web browser to 105 00:07:04,070 --> 00:07:06,530 the Web server now will be going through the proxy. 106 00:07:06,530 --> 00:07:07,400 And this proxy is. 107 00:07:07,400 --> 00:07:15,220 But it will be having a very detailed solutions in between, you know, in between the section. 108 00:07:15,860 --> 00:07:18,790 But for now, I wanted to show you how this all works. 109 00:07:19,220 --> 00:07:21,080 So for this, what you can do is 110 00:07:23,990 --> 00:07:31,800 for this we can usually keep it off and I can just turn it on. 111 00:07:32,510 --> 00:07:33,110 Let me. 112 00:07:36,330 --> 00:07:37,680 Go to any of the site. 113 00:07:40,660 --> 00:07:41,710 Let me keep it off. 114 00:07:42,040 --> 00:07:43,150 Open the browser. 115 00:07:44,380 --> 00:07:44,780 OK. 116 00:07:44,990 --> 00:07:50,410 Now, the moment I start the intercept, whatever I type. 117 00:07:55,850 --> 00:08:02,030 We'll be going to the Web where you see the moment I hit Enter the question goes to it, if I forward, 118 00:08:02,030 --> 00:08:03,570 it will be forwarded otherwise. 119 00:08:04,820 --> 00:08:07,820 Now, this is again, another request. 120 00:08:09,500 --> 00:08:11,210 If I thought it would be forwarded. 121 00:08:11,750 --> 00:08:15,640 If it is not, then I could see the request over here. 122 00:08:16,010 --> 00:08:18,210 So this is another request coming in, right. 123 00:08:18,920 --> 00:08:22,510 You can keep sending whatever you would be doing on your browser. 124 00:08:22,970 --> 00:08:24,980 It will be coming to your proxy. 125 00:08:24,980 --> 00:08:28,770 But so it has a request and you see this request. 126 00:08:29,180 --> 00:08:31,970 This is for this close Detmold or Tesfai connection. 127 00:08:31,990 --> 00:08:39,230 Is it was what is the what is the browser agent, the scrutiny and user agent. 128 00:08:39,620 --> 00:08:43,750 This is the type of his agent and everything. 129 00:08:43,970 --> 00:08:46,280 What is that if we have searched through the Google. 130 00:08:46,290 --> 00:08:48,170 So that would be the referral and everything. 131 00:08:48,170 --> 00:08:48,470 Right. 132 00:08:48,950 --> 00:08:52,640 That this is how we understand what all that is happening. 133 00:08:52,970 --> 00:08:55,940 We can even test what would be the response really looks like. 134 00:08:56,780 --> 00:09:01,420 So this is how we analyze the beheader in much more detail. 135 00:09:01,730 --> 00:09:03,580 You can make use of your browser. 136 00:09:03,600 --> 00:09:08,050 You can make use of any proxy, the free proxy as well. 137 00:09:08,060 --> 00:09:10,850 We can make use of of us zap. 138 00:09:11,240 --> 00:09:19,700 We can will be making use of Bubbs to be very specific, will be making this above so it heavily throughout 139 00:09:19,700 --> 00:09:20,300 the session. 140 00:09:20,630 --> 00:09:25,370 And we'll also be making use of that throughout the session as well. 141 00:09:25,730 --> 00:09:28,640 So fasten your seat belt and get ready for this. 142 00:09:28,910 --> 00:09:29,420 Thank you.