GitHub

PHP Cookie Stealer

The PHP cookie stealer is a tool that can be used in penetration testing and XSS attacks to steal browser cookies from victims. The tool works by setting up a server that listens for incoming requests ...
Security Boulevard

Session-Based Authentication vs Token-Based Authentication: Key Differences Explained

Ever tried to untangle a giant ball of yarn that’s been soaked in glue? That is basically what happens when you try to scale a monolithic auth system for a modern b2c app. When you got everything—user ...
Security Boulevard

Stop Leaking API Keys: The Backend for Frontend (BFF) Pattern Explained

TL;DR: Frontend applications (SPAs, mobile apps, desktop clients) cannot securely store secrets: any embedded API key is extractable by users and attackers. The Backend for Frontend (BFF) pattern ...