TASK 1 REPORT

RESEARCH
# Web application fundamentals
Web applications are software programs that run on a web server and are accessed through a web
browser. They differ from desktop applications in that they don't require installation on a user's device,
as they operate entirely online.

Here are some of the fundamental concepts of web applications:

Client-Server Architecture
- Client: This is typically the web browser that interacts with the web application. It sends requests and
receives responses.

- Server: The server hosts the web application, processes client requests, and sends back the necessary
data (HTML, CSS, JavaScript, JSON, etc.).

HTTP/HTTPS Protocol
- Web applications communicate over the web using the HTTP (Hypertext Transfer Protocol) or HTTPS
(HTTP Secure) protocol. Requests are sent from the client to the server, and responses are returned from
the server to the client.

Front-end vs. Back-end

- Front-end: This is the part of the web application that users interact with directly. It involves
technologies like:

- HTML (HyperText Markup Language): The structure of web pages.

- CSS (Cascading Style Sheets): The design and layout.

- JavaScript: Adds interactivity and dynamic behavior.

- Back-end: This is the server-side of the application, where business logic, databases, and server-side
scripts are managed. Technologies include:
 - Server-side languages: PHP, Python, Ruby, Node.js, etc.

- Databases: MySQL, PostgreSQL, MongoDB, etc.

Databases
- Web applications often need to store and retrieve data. Databases help manage this data.

- Relational Databases (SQL): Structured data using tables (e.g., MySQL, PostgreSQL).

- NoSQL Databases: Unstructured or semi-structured data (e.g., MongoDB, CouchDB).

APIs (Application Programming Interfaces)

- Web applications often rely on APIs to communicate between the client and the server or with
external services. APIs use protocols like REST (Representational State Transfer) or GraphQL to
send/receive data, usually in formats like JSON or XML.

Authentication & Authorization

- Authentication: Verifying the identity of a user (e.g., through a username/password).

- Authorization: Granting access to different parts of the application based on the user's role.

Session Management
- Web applications need to manage user sessions to maintain state between requests (HTTP is
stateless). Sessions are managed using cookies, local storage, or server-side session handling.

Responsive Design
- Modern web applications are designed to work across different devices and screen sizes, using
responsive design techniques such as CSS media queries, flexible grids, and frameworks like Bootstrap.

Security Considerations
- Web applications must handle threats like:
 - Cross-Site Scripting (XSS): Injecting malicious scripts into web pages.

- Cross-Site Request Forgery (CSRF): Trick users into performing actions without their consent.

- SQL Injection: Manipulating database queries by injecting harmful SQL code.

Frameworks and Libraries

- Many modern web applications use frameworks and libraries to speed up development:

- Front-end: React, Angular, Vue.js

- Back-end: Django (Python), Laravel (PHP), Express (Node.js)

- Full-stack: MERN (MongoDB, Express, React, Node.js), LAMP (Linux, Apache, MySQL, PHP)

# What is a web application

A web application is a software program that runs on a web server and is accessed through a web
browser. Unlike desktop applications, it doesn’t need to be installed on a device. Web applications allow
users to interact with the software over the internet, using technologies like HTML, CSS, JavaScript for
the front-end, and server-side languages with databases for the back-end. Examples include online email
services, social media platforms, and e-commerce sites.

# What are the components of a Web application

The components of a web application can vary depending on its complexity and specific requirements,
but here are some common elements:

Client-Side Components:
HTML (Hypertext Markup Language): Defines the structure and content of the web page, including
elements like headings, paragraphs, images, and links.

CSS (Cascading Style Sheets): Styles the appearance of the web page, controlling elements like colors,
fonts, layout, and spacing.

JavaScript: Adds interactivity and dynamic behavior to the web page, enabling features like form
validation, animations, and real-time updates.
Server-Side Components:
Server: A physical or virtual machine that runs the web application and serves its content to clients.

Programming Language: The language used to develop the server-side logic of the application, such as
PHP, Python, Ruby, Java, or Node.js.

Framework: A collection of tools and libraries that simplify the development process and provide
common functionalities, such as Laravel, Django, Ruby on Rails, Spring, or Express.

Database: A system for storing and organizing data used by the web application, such as MySQL,
PostgreSQL, MongoDB, or Oracle.

Web Server: Software that handles incoming requests from clients and sends the appropriate response,
such as Apache, Nginx, or IIS.

Additional Components:
APIs (Application Programming Interfaces): Allow different software components to communicate and
exchange data.

Libraries: Collections of pre-written code that can be used to perform specific tasks, such as jQuery,
Bootstrap, or React.

Content Management System (CMS): A software application that allows users to create, manage, and
publish content on a website, such as WordPress, Drupal, or Joomla.

Deployment Tools: Tools used to deploy the web application to a production environment, such as
Docker, Kubernetes, or AWS.

These components work together to create a functional and user-friendly web application. The specific
technologies and tools used will depend on the project's requirements, development team's
preferences, and other factors.

# How do web application works ? architecture protocols types

and protocols

How Web Applications Work: A Breakdown

Web applications are software programs that run on a web server and can be accessed through a web
browser. They interact with users via a graphical user interface (GUI) and typically involve a client-server
architecture.

Architecture
The basic architecture of a web application involves:

Client: This is usually a web browser (e.g., Chrome, Firefox, Safari) that sends requests to the server.

Server: This is a computer that processes requests from clients and sends responses.

Network: This is the communication channel between the client and server, typically the internet.

Protocols
HTTP (Hypertext Transfer Protocol) is the primary protocol used for communication between web
browsers and web servers. It defines how data is exchanged between the two. Other protocols that
might be involved include:

HTTPS (Hypertext Transfer Protocol Secure): A secure version of HTTP that uses encryption to protect
data transmitted between the client and server.

FTP (File Transfer Protocol): Used for transferring files between computers.

SMTP (Simple Mail Transfer Protocol): Used for sending emails.

Types of Web Applications

Web applications can be broadly categorized into:

Static Websites: These websites have fixed content that doesn't change dynamically. They are typically
created using HTML, CSS, and JavaScript.

Dynamic Websites: These websites can generate content on-the-fly based on user interactions or data
changes. They often use server-side programming languages like PHP, Python, or Ruby.

Single-Page Applications (SPAs): These applications load a single HTML page and then update the
content dynamically using JavaScript and APIs. Examples include Gmail and Facebook.

How It Works: A Simplified Example

User enters a URL in their web browser.

The browser sends an HTTP request to the web server.

The server processes the request, fetches the necessary data from a database (if applicable), and
generates an HTML page.

The server sends the HTML page back to the browser.

The browser renders the HTML page, displaying the content to the user.
# Here are the screenshots for the tryhackme room labs which I have
completed

Section 1
How The Web Works
(1)
(2)
(3)
(4)
Section 2
Introduction to Web Hacking

(1)

In section 2 except this lab all labs need premium account

Section 3
Burp Suite
(1)

In section 3 except this lab all labs need premium account

Section 4
Web Hacking Fundamentals

(1)
(2)
(3)

In this section 4 some labs were repeated same as above and

some need premium account

 SUBMITTED BY = ANURAG SONI (anuraggx)