https://github.com/noraj/xss-classification-model

:speech_balloon: XSS classification model - Types of Cross-Site Scripting
https://github.com/noraj/xss-classification-model

classification-model cross-site-scripting xss xss-classification-model

Last synced: 27 days ago
JSON representation

:speech_balloon: XSS classification model - Types of Cross-Site Scripting

• Host: GitHub
• URL: https://github.com/noraj/xss-classification-model
• Owner: noraj
• License: mit
• Created: 2019-10-30T22:49:55.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2024-03-19T01:42:17.000Z (almost 2 years ago)
• Last Synced: 2025-05-18T20:36:42.250Z (9 months ago)
• Topics: classification-model, cross-site-scripting, xss, xss-classification-model
• Homepage: https://noraj.github.io/XSS-classification-model/
• Size: 779 KB
• Stars: 6
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# XSS classification model

## Types of Cross-Site Scripting

[[Website]](https://noraj.github.io/XSS-classification-model/)

![](docs/preview-full.png)

![](docs/preview-simplified.png)

### References

Presentation slideshow (English):

[![](https://img.shields.io/badge/pdf-offline-red)](https://raw.githubusercontent.com/noraj/XSS-classification-model-slideshow/master/docs/XSS_classification_model-Alexandre_ZANNI.pdf)

[![](https://img.shields.io/badge/html-online-green)](https://noraj.github.io/XSS-classification-model-slideshow/)

[![](https://img.shields.io/badge/markdown-source-blue)](https://github.com/noraj/XSS-classification-model-slideshow/blob/master/docs/prez.md?plain=1)

Presentation video (French):

[![](https://img.shields.io/badge/video-YouTube-red)](https://youtu.be/a0KUWOfXC_I)

[![](https://img.shields.io/badge/video-Odysee-green)](https://odysee.com/@noraj:e/classification-XSS:3)

[![](https://img.shields.io/badge/video-Playeur-blue)](https://playeur.com/v/nChVYAfcQru)

Resources:

- [OWASP - Types of Cross-Site Scripting](https://www.owasp.org/index.php/Types_of_Cross-Site_Scripting)

- [Wikipedia - Cross-site scripting](https://en.wikipedia.org/wiki/Cross-site_scripting)

- [ASafety - [PoC-XSS] Leveraging Self-XSS via WYSINWYC](https://www.asafety.fr/en/vuln-exploit-poc/poc-xss-elever-et-exploiter-une-self-xss-via-wysinwyc/), especially this [picture](https://www.asafety.fr/wp-content/uploads/Self-XSS_Reflected_DOM-based-768x768.png)

- [Acunetix - Universal Cross-site Scripting (UXSS): The Making of a Vulnerability](https://www.acunetix.com/blog/articles/universal-cross-site-scripting-uxss/)

### Made with

- [Chart.js](https://www.chartjs.org/)

- [chartjs-plugin-labels](https://github.com/emn178/chartjs-plugin-labels)

### Display

The display is better on a high-resolution screen, and the chart will

probably not render at all on most smartphones.