How to recognize persistent XSS and non-persistent XSS ???

Unless and untill you put in some code and try to check you won’t be able to know if its vulnerable or not. I am no expert on this but I think thats how you will have to find out.

https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29#Stored_and_Reflected_XSS_Attacks

But what I want to know is whether we can use these two types of attacks (stored and reflected) at any site vulnerable to XSS?
Or there is a way to check if it is stored XSS attack or if it is reflected XSS attack that matches the vulnerable site concerned ???

No, reflected and stored are two different types of XSS vulnerability

ok thank you for the reply but I really need a clear explanation:

1 - When to use Stored XSS to attack a vulnerable site XSS ???
2 - When to use XSS reflected to attack a vulnerable site XSS ???

You know the type of XSS vulnerability when you attack it
For example if this forum is vulnerable to stored xss, you can do what you want just by injecting some code
But with xss reflected you can’t do that, you can ( example ) do some social engineering to someone and let him click on your script to steal his cookie ( for example, you can do a lot of other things )

Yes I know but I want to know how to tell if a site is vulnerable to XSS Stored ???

How to know if the site concerned XSS vulnerability Stored ???

Do some test, attack the site and you’ll see if it’s a stored or not

And that is exactly what I said before you need to insert some code and check which one works and then you will know which of the XSS method you can use.

Ok but I would ask the site vulnerable to XSS in question has no contact form or comment form, how is it possible to inject code to see if it is vulnerable to XSS Stored for example ???

I note that this website has only forms Registered since and also has the identification form (form username and password). So is it possible to inject JavaScript code in the identification forms or in the forms Registered also if the site has no contact form or comment form ???

Thank you to answer me please.

So, I have understood in your message that you want to hack a website using a XSS but you don’t know what is a XSS, how it works, which code to inject in which cases.
Search on google how to do, you’ll find it !

Ok . First, thank you for answering me, but I want to stress that I do not want to hack an online site; I have myself a site localhost with which I exercise in learning how XSS attacks.

Now, I admit that searches made on Google are not explicit enough that I understand very well the operation of XSS is why I register on this forum to learn better.

I note that this website (site localhost) has only forms Registered since and also has the identification form (form username and password). So is it possible to inject JavaScript code in the identification forms or in the forms Registered also if the site has no contact form or no comment form ???

Or is it really possible to inject JavaScript code on the site concerned XSS simply through the web browser as shown in the video below ???

Is it really possible to inject JavaScript code on the site concerned XSS simply through the web browser as shown in the video below ???

Can we attack a vulnerable site XSS stored via the browser ???

The thing is not if you can do that using the browser because you have to use the browser to inject some codes
And if there is just html on your website, you can’t do some attacks
Btw, owasp may help you

ok great thank you.