What are webpages made of?
Loading some content
Wireshark showing the HTTP requests that load a website (neverssl.com)
For most websites now, these requests will use HTTPS. HTTPS is a secure (encrypted) version of HTTP, it works in more or less the same way. This uses TLS 1.3 (normally) encryption in order to communicate without:
- Other parties being able to read the data
- Other parties being able to modify the data
Imagine if someone could modify a request to your bank to send money to your friend. That'd be disastrous! Also, that communication would lack confidentiality and integrity.
A web server is software that receives and responds to HTTP(S) requests. Popular examples are Apache, Nginx and Microsoft's IIS.
By default, HTTP runs on port 80 and HTTPS runs on port 443.
Many CTFs are based around websites, so it's useful to know that if port 80 is open, there's likely a web server listening that you can attack and exploit.
HTML defines the structure of the page, and the content.
CSS allows you to change how the page looks and make it look fancy.