index.html

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css">
    <title>XSS</title>
</head>
<style>
body {
 margin:0;
 font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Helvetica Neue",Arial,"Noto Sans",sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol","Noto Color Emoji";
 font-size:1rem;
 font-weight:400;
 line-height:1.5;
 color:#fff;
 text-align:left;
 background-color:#1c1e29
}
h2 {
 text-align: center;
}
</style>

<body>
    <br><br>
    
        <h2>Cross-Site-Scripting(XSS)</h2>
        <hr style='background-color:red;'>
         <img src="https://cdn.discordapp.com/attachments/710247222213607481/822451576697913344/Z.png" style="float:left;margin:0px 20px" alt="Carlino" width="300" height="222"> 
        <u><b>Cosa e' un XSS</b></u>
        <ul>
            <li>Teoria sui vari tipi di <b>XSS</b>.</li>
            <li>Lab1 <a href="index.php">Carlino Base</a></li>
            <li>Lab2 <a href="index2.php">Supera il carlino</a></li>
            <li>LAb3 <a href="index3.php">Revenge of the Sith</a></li>
            <li>Lab4 <a href="index4.php">La vendetta di Chrome</a></li>
            <li>Lab5 <a href="index5.php">Jason Bourne e' qui</a></li>
        </ul>
        <p>Il Cross Site Scripting,conosciuto anche come XSS, e' una vulnerabilita' di tipo web, che permette ad un attaccante di injectare del codice malevolo (javascript) in una pagina.<br> 
           Puo consetire di bypassare la SOP (Same origin policy che sostanzialmente serve per differenziare siti l'uno dall'altro).</p>
        <hr>
        <br> 
    
     
     <br>
     <hr>
    <script src="https://code.jquery.com/jquery-3.4.1.slim.min.js"></script>
    <script src="https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js"></script>
    <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js"></script>
</body>

</html>