Hog
Week of 6 — 12 March 2026
Every week, I manually curate tools, research, and services that are genuinely useful for OSINT, digital investigations, security research, and adjacent fields.
No hype. No SEO noise. No "AI startups that change everything".
Only things you can open, verify, and actually use.
A first step for investigations into organized crime, corruption, trafficking, and global risk networks.
Tesari is designed as an entry point into complex investigations: structure, context, and navigable intelligence instead of chaotic searching.
Using Bellingcat’s New Open Source Tool to Explore Historical and Spatial Flight Data
🔗 https://www.bellingcat.com/resources/2026/03/05/turnstone-flight-tracking-tool/
Bellingcat Beginner's Guide To Flight Tracking
🔗 https://www.bellingcat.com/resources/how-tos/2019/10/15/a-beginners-guide-to-flight-tracking/
The Hidden Trail. How MAC Addresses Reveal Real-World Locations via OSINT
🔗 https://substack.com/home/post/p-190065905
The Mystery of Nadia Marcinko. Epstein’s Alleged Right Hand and Her Digital Trail. In the sprawling story of Jeffrey Epstein’s network, certain names surface again and again -some powerful, some elusive, and some occupying a far more ambiguous space between victim and participant. One of those names is Nadia Marcinko, also known as Nadia Marcinkova
Yandex OSINT by OSINT Industries
Germany OSINT. The Investigator’s Playground: 300+ German Open-Source Intelligence Resources for Researchers, Journalists, Analysts & Students
🔗 https://osintteam.blog/germany-osint-5fb705a43ecd
Mexican OSINT. Here are a few powerful Mexican open-source intelligence (OSINT) tools and resources that I personally rely on almost every week. When hunting for information—whether it’s people, companies, assets, public records, or connections-combining several of these tools usually produces the best and fastest result
🔗 https://cartelwatch.net/resources/mexican-osint/
Hungarian OSINT start.me page
🔗 https://start.me/p/kxGLzd/hun-osint
OSINT of Zanzibar by Unishka Research Service
🔗 https://unishka.substack.com/p/osint-of-zanzibar
Exploring Cylect.io. An Aggregated Workspace for OSINT Investigations
🔗 https://toddingtonint.substack.com/p/exploring-cylectio-an-aggregated
Open DroneLog. Drone Log analyzer: A high-performance universal dashboard application for organizing and analyzing DJI/Litchi flight logs privately in one place. Built with Tauri v2, DuckDB, and React
🔗 https://github.com/arpanghosh8453/open-dronelog
WatchTower. A clean, minimal, terminal-based global intelligence dashboard
🔗 https://github.com/lajosdeme/watchtower
Megacut. Magic tool for managing internet connection in local network
🔗 https://github.com/stryker-project/megacut
IMSI Catcher. This program show you IMSI numbers of cellphones around you
🔗 https://github.com/Oros42/IMSI-catcher
S3Scanner. Scan for misconfigured S3 buckets across S3-compatible APIs
🔗 https://github.com/sa7mon/S3Scanner
Titus. High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation
🔗 https://github.com/praetorian-inc/titus
Supercookie uses favicons to assign a unique identifier to website visitors. Unlike traditional tracking methods, this ID can be stored almost persistently and cannot be easily cleared by the user
🔗 https://github.com/jonasstrehle/supercookie/
SimpleUSB. A simple application that will help you determine the usb device. It will be useful when choosing an adapter as it displays the chipset
🔗 https://github.com/stryker-project/simpleusb
Pompelmi. Secure File Upload Scanning for Node.js. Privacy-first malware detection with YARA, ZIP bomb protection, and framework adapters
🔗 https://github.com/pompelmi/pompelmi
OpenAnt from Knostic is an open source LLM-based vulnerability discovery product that helps defenders proactively find verified security flaws while minimizing both false positives and false negatives. Stage 1 detects. Stage 2 attacks. What survives is real
🔗 https://github.com/knostic/OpenAnt
RuView. WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection - all without a single pixel of video
🔗 https://github.com/ruvnet/RuView
PhishCollector is a research framework for collecting, analysing, and tracking phishing sites
🔗 https://github.com/olizimmermann/phishcollector
BTRPA Scan. Bluetooth Low Energy (BLE) scanner with Resolvable Private Address (RPA) resolution using Identity Resolving Keys (IRKs)
🔗 https://github.com/HackingDave/btrpa-scan
WAF Checker. A powerful web application to test how well your Web Application Firewall (WAF) protects against common attack vectors
🔗 https://github.com/PAPAMICA/waf-checker
Security Cipher. As passionate writers and open-source contributors in the field of cybersecurity, we are eager to share our experiences and knowledge with the community. We continue to learn and grow in this field, and we are excited to share our insights with others
🔗 https://securitycipher.com/security-tools/
Fabricis an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere
🔗 https://github.com/danielmiessler/fabric
BagOfWords. Chat with your data - with memory, rules, and observability built in. Deploy in 2 minutes
🔗 https://github.com/bagofwords1/bagofwords
NotebookLM-py. Unofficial Python API and agentic skill for Google NotebookLM. Full programmatic access to NotebookLM's features—including capabilities the web UI doesn't expose - via Python, CLI, and AI agents like Claude Code, Codex, and OpenClaw
🔗 https://github.com/teng-lin/notebooklm-py
Zonos-v0.1 is a leading open-weight text-to-speech model trained on more than 200k hours of varied multilingual speech, delivering expressiveness and quality on par with-or even surpassing-top TTS providers
🔗 https://github.com/Zyphra/Zonos
ollamaMQ. High-performance Ollama proxy with per-user fair-share queuing, round-robin scheduling, and a real-time TUI dashboard. Built in Rust
🔗 https://github.com/Chleba/ollamaMQ
LLMFit. 497 models. 133 providers. One command to find what runs on your hardware. A terminal tool that right-sizes LLM models to your system's RAM, CPU, and GPU. Detects your hardware, scores each model across quality, speed, fit, and context dimensions, and tells you which ones will actually run well on your machine
🔗 https://github.com/AlexsJones/llmfit
Presenton. Open-Source AI Presentation Generator and API (Gamma, Beautiful AI, Decktopus Alternative)
🔗 https://github.com/presenton/presenton
Deta Surf Personal AI Notebooks. Organize files & webpages and generate notes from them. Open source, local & open data, open model choice (incl. local)
🔗 https://github.com/deta/surf
Siftly. Local Twitter/X bookmark organizer with AI categorization and mindmap visualization
🔗 https://github.com/viperrcrypto/Siftly
SilentChain. AI-powered vulnerability scanner extension for Burp Suite with multi-provider support (Ollama, OpenAI, Claude, Gemini)
🔗 https://github.com/silentchainai/SILENTCHAIN
OpenPlanter. A recursive-language-model investigation agent with a terminal UI. OpenPlanter ingests heterogeneous datasets - corporate registries, campaign finance records, lobbying disclosures, government contracts, and more - resolves entities across them, and surfaces non-obvious connections through evidence-backed analysis. It operates autonomously with file I/O, shell execution, web search, and recursive sub-agent delegation
🔗 https://github.com/ShinMegamiBoson/OpenPlanter
VoidAuth is an open-source SSO authentication and user management provider that stands guard in front of your self-hosted applications. It is easy-to-use for admins and end-users, supports nice-to-have features like passkeys, user invitation, self-registration, email support, and more
🔗 https://github.com/voidauth/voidauth/
Terrae. Composable and animated components that replace imperative layers with simple props. The perfect companion for shadcn/ui
🔗 https://github.com/alamenai/terrae
Wails. Create beautiful applications using Go
🔗 https://github.com/wailsapp/wails
DuckDB is an analytical in-process SQL database management system
🔗 https://github.com/duckdb/duckdb
bbrew. A Package Manager for macOS and Linux, Based in brew.sh
🔗 https://github.com/BBrowser/BBrew
Landscape2 is a tool that generates interactive landscapes websites
🔗 https://github.com/cncf/landscape2
bg-remove. Free image background removal - private, client-side and powered by Transformers.js
🔗 https://github.com/addyosmani/bg-remove/
b4. Network packet processor with a friendly UI for circumventing Deep Packet Inspection (DPI) systems
🔗 https://github.com/DanielLavrushin/b4/
Pingap. A reverse proxy like nginx, built on pingora, simple and efficient
🔗 https://github.com/vicanso/pingap
Databasus. Databases backup tool (PostgreSQL, MySQL, MongoDB)
🔗 https://github.com/databasus/databasus
OpenLiteSpeed Web Server. Our high-performance, lightweight, open source HTTP server
🔗 https://github.com/litespeedtech/openlitespeed
Runtipi is a homeserver for everyone! One command setup, one click installs for your favorites self-hosted apps
🔗 https://github.com/runtipi/runtipi
Flipper One MCU Firmware. This repository is part of Flipper One MCU Firmware sub-project and contains issue tracking and firmware sources for the Flipper One MCU — the low-power co-processor that controls the LCD, buttons, and battery
🔗 https://github.com/flipperdevices/flipperone-mcu-firmware
**Shadow Broker.**Open-source intelligence for the global theater. Track everything from the corporate/private jets of the wealthy, and spy satellites, to seismic events in one unified interface. The knowledge is available to all but rarely aggregated in the open, until now
🔗 https://github.com/BigBodyCobain/Shadowbroker
Situation Deck. Worldwide events and conflicts monitoring tool:
- interactive map
- news feeds
- AI-powered intelligence analyst
- 60+ widgets
- 190+ data providers
- 70+ map layers
SkyOSINT. Real-time tracking of 16K+ objects on the sky. Allow to analyze anomalies, maneuvers, conjunctions and behaviorGEO:
- Substack: https://osintech.substack.com
- LinkedIn: https://www.linkedin.com/in/osintech/details/featured/
If this timeline saves you time, it’s doing its job.
Free to read. Manually curated. Minimal noise.
All tools and techniques documented in the dataset are presented for informational,
educational and information security purposes only.
The dataset does not promote or endorse illegal activities.
Users are responsible for complying with applicable laws and ethical standards.
The dataset is updated on a regular basis.
Future posts will document changes, notable additions and emerging trends observed within the dataset.
This post serves as an introduction and reference point for those updates.