Yeti Recon is your ultimate OSINT toolkit, providing a curated list of the best open-source intelligence resources. From social media analysis to deep web searches, Yeti Recon organizes and categorizes OSINT tools and websites for seamless navigation and efficient investigations.

Cipher Yeti

In the shadowy realm of cyberspace, a mythical entity known as the Cipher Yeti had emerged as the ultimate guardian of digital fortresses. Silent and unseen, the Cipher Yeti prowled the icy peaks of network perimeters, adapting effortlessly to the harshest threats. Its immense strength was unmatched, dismantling even the most persistent adversaries with precision, while its elusiveness left attackers grasping at shadows. Legends whispered of its unpredictable tactics, a ghost in the machine that always stayed one step ahead. Cipher Yeti wasn’t just a defender—he was a mystery, a force of nature, a protector whose very presence made the digital wilderness feel just a little bit safer.

WHOIS TOOLS

CentralOps.net

Domain Dossier by CentralOps.net generates comprehensive reports from public records about domain names and IP addresses, including registrant information, DNS records, traceroute data, and service scans, aiding in problem-solving and cybercrime investigations.

DomainTools.com

DomainTools' Whois Lookup provides detailed profiles of specified domains, including ownership information, IP address history, registration dates, and associated domains, serving as a starting point for various domain investigations.

MxToolbox.com

MxToolbox's Whois Lookup returns WHOIS registration details for domain names, offering information such as registrant data, registration and expiration dates, and DNS hosting details, with direct links to registrars for further information.

https://www.talosintelligence.com/
Talos Intelligence by Cisco provides threat intelligence, malware research, and analysis tools to enhance cybersecurity defenses.

https://dnsdumpster.com/
DNSDumpster is a domain research tool that provides DNS records and helps visualize DNS infrastructure for security investigations.

https://www.digicert.com/help/
DigiCert’s SSL Checker validates the installation and health of SSL certificates on web servers for security assessments.

https://www.abuseipdb.com/
AbuseIPDB is a collaborative project to track malicious IP addresses and report abusive activity globally.

https://www.bigdatacloud.com/insights/tor-exit-nodes
BigDataCloud provides insights into TOR exit nodes, identifying their presence and association with anonymous network traffic.

https://www.joesandbox.com/
Joe Sandbox is a malware analysis service that offers deep behavioral insights into files, URLs, and applications in a controlled environment.

https://www.maltego.com/
A powerful tool for conducting OSINT investigations, enabling visualization and analysis of data relationships.

https://viewdns.info/
A comprehensive site offering various DNS and IP lookup tools for domain analysis and research.

https://threatintelligenceplatform.com/
A platform providing threat intelligence tools for identifying and analyzing cyber threats and vulnerabilities.

https://search.censys.io/
An internet search engine for identifying online devices, services, and vulnerabilities based on open data.

https://app.any.run/
An interactive malware analysis platform for analyzing suspicious files and URLs in a controlled environment.

https://crackstation.net/
A free tool for decrypting hashed passwords using a comprehensive wordlist database.

https://gchq.github.io/CyberChef/
A versatile web-based tool for data transformation and analysis, useful for encryption, encoding, and decoding tasks.

https://useragentstring.com
A resource for parsing and analyzing user agent strings to identify browser and device details.

https://www.shodan.io/
A search engine for discovering internet-connected devices and services, providing insights into exposed systems and potential vulnerabilities.

OSINT TOOLS

https://www.virustotal.com/
VirusTotal is a free online platform that analyzes files and URLs for viruses, worms, trojans, and other malicious content by scanning them with multiple antivirus engines and tools.

https://urlscan.io/
urlscan.io allows users to scan and analyze websites for malicious activity, revealing details about a site's structure, content, and connections.

https://www.exploit-db.com/
Exploit Database is an archive of publicly disclosed vulnerabilities and exploits for penetration testers, researchers, and security professionals.

https://www.hybrid-analysis.com/
Hybrid Analysis is a free malware analysis service that provides detailed dynamic reports on file behavior using sandbox technology.

https://intodns.com/
IntoDNS offers DNS health checks, providing detailed reports about domain name server configurations and potential issues.

https://www.url2png.com/
URL2PNG is an API service that captures full-page screenshots of websites, offering visual snapshots for various use cases.

https://www.ipvoid.com/
IPVoid is an online tool for checking IP addresses for blacklists, geolocation, reputation, and other security-related information.

http://ci-www.threatcrowd.org/
ThreatCrowd is a search engine for discovering information on IPs, domains, and file hashes to identify threats and relationships.

https://www.spamhaus.org/
Spamhaus provides DNS-based threat intelligence, offering services to identify spam, phishing, and other malicious activities.

https://www.urlvoid.com/
URLVoid checks websites for safety, providing insights into reputation, blacklists, and security issues for URLs.

https://builtwith.com/
A website profiler that reveals the technologies and tools used to build and run any given website.

https://wheregoes.com/
A URL redirect tracer for analyzing the full redirection path of a web link.

https://www.social-searcher.com/
A social media search tool for monitoring mentions and analyzing public content across various platforms.

https://www.ssllabs.com/
A site for testing SSL/TLS implementations and identifying weaknesses in HTTPS configurations.

https://securityheaders.com/
A tool for analyzing HTTP security headers and providing recommendations for improving website security.

https://osintframework.com/
A comprehensive framework of categorized OSINT tools and resources for conducting investigations and data gathering.

https://www.robtex.com
A multi-purpose tool for querying DNS, IP, and domain information, including routing and network data.

https://mxtoolbox.com/EmailHeaders.aspx
An email header analyzer for extracting and interpreting information about the origin and routing of emails.

https://www.defense.gov/News/Tag/47488/cyber/
A U.S. Department of Defense site offering official updates and news on cybersecurity initiatives and threats related to national defense.

https://threatpost.com/
A news site providing in-depth coverage of cybersecurity issues, data breaches, and vulnerabilities affecting global organizations.

https://thehackernews.com/
A popular cybersecurity news platform covering hacking, cyber threats, and information security trends.

https://www.securityweek.com/
A comprehensive resource for cybersecurity news, analysis, and insights on technology, enterprise security, and cyber threats.

https://cybernews.com/
An informational site covering cybersecurity trends, VPN reviews, data breaches, and privacy-related topics.

https://www.darkreading.com/
A trusted site for enterprise security professionals, offering news, insights, and analysis on a wide array of cybersecurity topics.

https://research.checkpoint.com/intelligence-reports/Checkpoint Research's page for in-depth intelligence reports on malware, vulnerabilities, and threat actor activity.

https://www.welivesecurity.com/en/
ESET's blog providing cybersecurity news, threat analysis, and insights into the latest digital threats.

https://unit42.paloaltonetworks.com/
Palo Alto Networks' threat intelligence team offering research and analysis on cybersecurity threats and trends.

https://www.recordedfuture.com/blog
Recorded Future's blog featuring intelligence-driven insights on cyber threats, threat actors, and risk mitigation.

https://community.riskiq.com/home
A threat intelligence platform for investigating and analyzing cyber threats, adversaries, and internet-facing assets.

https://www.proofpoint.com/us/blog/threat-insightProofpoint's blog on cyber threat intelligence, covering email security, phishing campaigns, and threat actor behaviors.

https://arstechnica.com/
A technology news site covering cybersecurity, privacy, and broader tech-related developments and innovations.

https://www.bleepingcomputer.com/
A trusted technology and cybersecurity news site offering information on malware, vulnerabilities, data breaches, and security tools, along with forums for troubleshooting tech issues.

https://www.labs.greynoise.io/grimoire/
GreyNoise Grimoire offers research and insights on vulnerabilities, exploits, and threat intelligence.

https://asec.ahnlab.com/en/
AhnLab Security Emergency Response Center's blog covering malware analysis, threat intelligence, and cybersecurity news.

https://blog.talosintelligence.com/
Cisco Talos' blog offering updates on malware, vulnerabilities, and cyber threat research.

https://blogs.jpcert.or.jp/en/
JPCERT/CC's blog sharing cybersecurity alerts, vulnerability analysis, and response strategies.

https://www.wired.com/tag/cybersecurity/
The cybersecurity section of Wired, featuring articles on hacking, cybercrime, and innovative solutions in the tech security world.

https://cyware.com/cyber-security-news-articles
A centralized hub for cybersecurity news, featuring articles, threat intelligence updates, and industry trends.

https://www.reuters.com/technology/cybersecurity/
Reuters' cybersecurity section, providing breaking news and reports on global cybersecurity incidents and policies.

https://www.scmagazine.com/
A cybersecurity resource offering news, expert analysis, and research on information security threats and solutions.

https://www.cisa.gov/news-events/cybersecurity-advisoriesThe official U.S. Cybersecurity and Infrastructure Security Agency (CISA) portal for advisories on vulnerabilities, threat alerts, and mitigation measures.

https://securityaffairs.com/category/security
A cybersecurity blog providing news, analysis, and reports on security threats, vulnerabilities, and breaches.

https://www.cisa.gov/news-events/cybersecurity-advisoriesThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) resource for official advisories on vulnerabilities, threats, and mitigations.

https://www.helpnetsecurity.com/
A cybersecurity news site featuring articles, industry insights, and technical updates on threats and solutions.

https://blog.talosintelligence.com/
Cisco Talos' blog providing updates on threat research, malware analysis, and vulnerability insights.

https://securityaffairs.com/
A cybersecurity-focused site offering news, reports, and analysis on digital threats, hacking, and security trends.

https://krebsonsecurity.com/
Brian Krebs' investigative blog covering cybercrime, data breaches, and digital security trends.

https://www.infosecurity-magazine.com/
An online magazine delivering news, features, and analysis on information security and cyber threats.

https://www.trellix.com/blogs/research/
Trellix's research blog offering insights into advanced threats, vulnerability analysis, and cybersecurity trends.

https://decoded.avast.io/
Avast Threat Labs' blog offers in-depth analyses of malware, ransomware, and other cyber threats, providing insights into the tactics, techniques, and procedures of malicious actors.

https://www.microsoft.com/en-us/security/blog/
Microsoft's official security blog providing updates, insights, and best practices on cybersecurity threats, defense strategies, and product enhancements.

https://cloud.google.com/blog/topics/threat-intelligence/
Google Cloud's blog provides updates and analysis on threat intelligence and cybersecurity trends.

https://malwaretech.com/
A blog by a malware researcher, featuring insights into cyber threats, reverse engineering, and incident analysis.

https://outpost24.com/blog/category/research-and-threat-intel/

Outpost24's blog focused on threat intelligence, vulnerability research, and cybersecurity trends.

COMMON VULNERABILITIES AND EXPOSURES

https://www.cisa.gov/known-exploited-vulnerabilities-catalog
CISA's catalog of actively exploited vulnerabilities, offering detailed information and mitigation guidance to reduce risks associated with known security threats.

https://www.darkreading.com/vulnerabilities-threats/
Covers news on vulnerabilities, data breaches, and emerging cyber threats.

https://www.cisa.gov/known-exploited-vulnerabilities-catalog
The Cybersecurity and Infrastructure Security Agency's (CISA) catalog of vulnerabilities known to be actively exploited, providing mitigation recommendations to reduce risk.

https://www.akamai.com/blog/security-research
A blog by Akamai providing research, insights, and analysis on web application security, DDoS attacks, and other cyber threats.

https://www.cve.news/
A site dedicated to providing updates and summaries on newly disclosed CVEs (Common Vulnerabilities and Exposures).

https://www.cvedetails.com/
A database of CVEs offering detailed information on vulnerabilities, affected software, and related exploit information.

https://www.exploit-db.com/
A comprehensive database of publicly available exploits and vulnerability information maintained by Offensive Security.

YETI RECON

Cipher Yeti

WHOIS TOOLS

OSINT TOOLS

CYBER SECURITY NEWS

COMMON VULNERABILITIES AND EXPOSURES