How To Recover When Your Website Got Hacked


The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don’t know what to do, or even where to start.

How To Recover When Your Website Got Hacked

Acunetix has come out with a very useful post with a checklist of actions to take and items to prepare to help you triage and react in the event of a compromise on one of your servers or websites.

When addressing such an event, it can be helpful to have a short checklist of tasks to perform in your recovery process. Doing the right things in the right order will be key to maximise your chances of successful and complete recovery, as well as mitigation of future events.

Preparation tasks – These make NO CHANGES to your website or any related or underlying components at all.
Action tasks – Things you need to do, with the obvious initial focus being blocking further access to any malicious actors.

Website Got Hacked Checklist

The list looks like this to deal with when your website got hacked:

  • PREPARE: Reaction plan
  • PREPARE: Battle sheet
  • ACTION: Take your system offline
  • PREPARE: Clone your system to a testbed or staging server
  • PREPARE: Scan your website for vulnerabilities; identify/confirm intrusion point
  • ACTION: Fix the vulnerability
  • ACTION: Bring the fixed version of the site back online with a clean OS/Web Server
  • PREPARE: Monitor your new and improved website
  • PREPARE: Make a Reaction Plan for FUTURE events.

The guide has a combination of basic forensics, proactive prevention moving forwards and general good sense when dealing with a compromise in terms of best practice.

Read the full post with details here:

How to Recover from a Hacked Website Event

Posted in: Countermeasures


Latest Posts:


SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.


Comments are closed.