Hijack AJAX headers with the dev console
A lot of important stuff is passed around in HTTP headers. Things like credentials, auth tokens, and other API information. For the most part, these are invisible to the user. They act as the common glue that binds a session together.
I wrote earlier on how to intercept the responses of AJAX calls by using JavaScript's dynamic and prototypical language features. In a way, it is more useful to know how to read and write to these requests before they are sent. It's a great way to get at info that is dug deep in a script somewhere that is set once and never called again.