While XSS is usually used for client-side attacks, Mutarrif Defacer uses "stored XSS" to deface specific portals, injecting malicious JavaScript that rewrites the DOM (Document Object Model) of the target site.
Defacer
Put together, “Mutarrif defacer” likely refers to a person using the alias “Mutarrif” who has performed website defacements. mutarrif defacer
The primary weapon in the Mutarrif arsenal is SQL Injection. By targeting outdated Joomla, WordPress, or custom PHP portals, Mutarrif extracts admin credentials directly from the database.
Methods for tracking defacers
Case study: “Mutarrif”
Motivations
Limitations
Conclusion
