diff --git a/Cookies/README.md b/Cookies/README.md
new file mode 100644
index 0000000..e18a468
--- /dev/null
+++ b/Cookies/README.md
@@ -0,0 +1,41 @@
+## Cookies
+
+- Data sent to the client side from the server and stored on the client side
+- To use Cookies in ExpressJS we use a library called cookie-parser
+- To create a cookie I must set a route for it
+
+```js
+var ckpars = require("cookie-parser");
+var app = require("express");
+app.get("/", function(request, response){
+    response.cookie("name","express").send("cookie-set");
+});
+
+app.listen(3000);
+
+```
+
+
+### How To Add Cookies with an expiration date
+```js
+var ckpars = require("cookie-parser");
+var app = require("express");
+app.get("/", function(request, response){
+    response.cookie(name,"val",{expire: 420000 + Date.now()});//expire 7 mins from now
+});
+
+app.listen(3000);
+```
+
+### How To Delete Existing Cookie
+```js
+var express = require('express');
+var app = express();
+
+app.get('/clear_cookie', function(request, response){
+   response.clearCookie('foo');
+   response.send('cookie foo cleared');
+});
+
+app.listen(3000);
+```
\ No newline at end of file
diff --git a/Sessions/README.md b/Sessions/README.md
new file mode 100644
index 0000000..5d86e46
--- /dev/null
+++ b/Sessions/README.md
@@ -0,0 +1,9 @@
+### Sessions
+
+- Cookies and URL are good ways to transport data in between the frontend and the backend
+- The downside of cookies is that they are read on the frontend which is very dangerous
+- Sessions helps us solve this security flaw and instead of outputing the credentials it gives us just an id
+- This information is stored in the backend and is encrypted
+- Whenever a user hits a certain endpoint it creates the session for the user and gives them a cookie
+- Any proceeding visit of the user will be checked and the user is granted access and a new session is created for him
+-