Rules of Hacked Website Portfolio

Blog 17 Sep 2021
SentryPage follows some rules that were applied in a website that contains hackers' portfolios. How the rules work will be explained below.
banner image

Nowadays there are several websites that positioned themselves as a 'place to publish hacker's results'. Technically, the website works by archiving the hacked website. But not the actual one, just the 'mirror' of a hacked website.

Some hacked website archives have some rules that need to be obeyed by defacers. So their hacking result is able to be presented on these vandalism portfolio websites.

FYI, these hacked website archives didn't produce the hacked notification, hence they cannot be responsible for such content. Furthermore, hacked website archives disclaim that they are not related at all with the defacement itself.

On our side, benefiting from the abovementioned rules, we design and develop SentryPage to analyze unintended changes on your webpage.

Zone-xsec.com

Here are some facts about zone-xsec.com

  • Zone-xsec.com is a hacked website archive enabling defacers to upload their hacked website to be seen by the public.
  • The 'mirrors' of hacked websites were either collected online from public sources or directly notified anonymously to zone-xsec.com.
  • Zone-xsec.com has an archive feature so that their 'mirror' hacked result will still be there even though the 'vandalism' in the victimized webpage has already been removed.
  • Zone-xsec.com in here have some rule for defacing a website. The examples of rules can be seen here https://zone-xsec.com/notify.
  • If the result doesn’t match with the particular rules, it will be judged as 'invalid' and will not be counted. Hence, it will not be published on this website.
  • Based on that rule, one of the rules of the defacement result must contain the keyword defacement element “hacked by”. Otherwise, it will be invalid and will not be counted.

How SentryPage response the 'rules'

"Hacked by" is an attack signature, and SentryPage was designed and built based on such an attack signature. By having this feature, SentryPage is able to monitor and recognize the defacement of the website in the zonex-xsec.com