Dissecting web applications
To see what's going on "under the hood" in a web application you can use tools built in to modern browsers or configure your browser to use a local proxy application that records all traffic flowing to and from a web server. Here's a quick introduction and some helpful links on the way.
Intercepting proxies
There are several applications around that will function as a local proxy and capture alle the requests sent to and from a website. Here are two of the most popular ones:
- Fiddler (requires .NET framework).
- Burp Suite (requires Java).
Browser developer tools
Modern browser include tools helpful to develop and/or debug a website, they'll show you what's going on under the hood.
- Opera: Press Ctrl+Shift+i, go to "Network" and select a request the see more details.
- IE: Press F12, go to "Network" and "Start capturing" to record raw HTTP requests/responses.
- Chrome: Press F12 and just click on a request from the list to see its details.
- Firefox: Press Ctrl+Shift+k, and select a request the see more details.
- Safari: There's actually a whole process to enable developer tools, see this guide.