GitHub

PHP Cookie Stealer

The PHP cookie stealer is a tool that can be used in penetration testing and XSS attacks to steal browser cookies from victims. The tool works by setting up a server that listens for incoming requests ...
Security Boulevard

Session-Based Authentication vs Token-Based Authentication: Key Differences Explained

Ever tried to untangle a giant ball of yarn that’s been soaked in glue? That is basically what happens when you try to scale a monolithic auth system for a modern b2c app. When you got everything—user ...
搜狐

Evilginx幽灵现身美国高校:一场绕过MFA的“中间人”钓鱼风暴,给 ...

2025年,当全球高校正陆续开启秋季学期之际,一则来自美国网络安全公司Infoblox的报告却在国际安全圈掀起波澜:一场持续近八个月、针对至少18所美国顶尖高校的协同钓鱼攻击被曝光。攻击者利用开源工具Evilginx,巧妙绕过多因素认证(MFA),成功窃取大量师生 ...
Security Boulevard

Stop Leaking API Keys: The Backend for Frontend (BFF) Pattern Explained

TL;DR: Frontend applications (SPAs, mobile apps, desktop clients) cannot securely store secrets: any embedded API key is extractable by users and attackers. The Backend for Frontend (BFF) pattern ...
IEEE

A new partitioning based algorithm for document clustering

Abstract: Document clustering is one of the key problems in text mining and information retrieval area. It groups text documents in a way that maximizes the similarity within clusters and minimizes ...
搜狐

爬虫里总是用到的Cookie是什么?

我们在讲到 Python 爬虫案例时,经常会遇到一个东西:Cookie。它总是能在我们抓不到数据的时候发挥奇效。但是其原理以及如何设置,没有做过web的同学大概并不非常清楚,那么今天就带大家详细了解下 Cookie 相关的知识! 一、诞生背景 绝大多数网站都是通过HTTP ...