Skip to content

Latest commit

 

History

History
315 lines (166 loc) · 13.3 KB

File metadata and controls

315 lines (166 loc) · 13.3 KB

OSINTech Timeline

Gopnik Art


Week of 8 — 14 May 2026

Every week, I manually curate tools, research, and services that are genuinely useful for OSINT, digital investigations, security research, and adjacent fields.

No hype. No SEO noise. No "AI startups that change everything".
Only things you can open, verify, and actually use.


🧭 Featured Project

Tesari — OSINT Copilot

A first step for investigations into organized crime, corruption, trafficking, and global risk networks.

Tesari is designed as an entry point into complex investigations: structure, context, and navigable intelligence instead of chaotic searching.

🔗 https://www.tesari.ai


🌍 Regional & Thematic OSINT

Mining China’s ‘Little Red Book’ for Open Source Gold. Xiaohongshu China Investigations Giude by Bellingcat:

🔗 https://www.bellingcat.com/resources/2026/04/20/xiaohongshu-rednote-open-source-guide/

Supercharge Your Reporting. The Journalist’s AI Prompt Playbook:

🔗 https://learnprompt.org/prompts-for-journalists/

coJournalist. Let your AI monitor the noise and surface leads. Connect your agent to scouts that monitor pages, social profiles, city councils, and your beat - while you focus on reporting:

🔗 https://cojournalist.ai

OSINT of Nicaragua by Unishka Research Service:

🔗 https://substack.com/home/post/p-195616592

Environmental monitoring and geospatial research often depend on many specialized tools Start.Me page:

🔗 https://start.me/p/p1LqPo/robert-s-links-air-land-sea

Global Censorship Index. Real-time internet-freedom rankings based on 2.3B+ measurements across 200 countries. Each row links to a country profile with evidence trail and ML-classified incidents:

🔗 https://voidly.ai/censorship-index

List of Computer Science courses with video lectures:

🔗 https://github.com/Developer-Y/cs-video-courses


Looking for a job as an OSINT Analyst?

After recently losing my job due to my role being cut, I have been digging through job listings. I have also seen several others in my network seeking new careers as well.

I have been searching the job boards and LinkedIn, but wanted to do something a little more proactive. I created a routine in Claude code to help filter the noise. I wanted to share to help others.

OSINT Job Tracker:

🔗 https://www.notion.so/thecommongeek/912662c4ff1f4200a1ec12f59acaaff2?v=08bd1620baff40ce901c5fc10ec23469

Claude Code Instructions:

🔗 https://github.com/denniskeefe/job-search/blob/main/SKILL.md


🛠 OSINT Tools, Services & Investigations

NMapView. Turn Nmap XML into a searchable, portable HTML report for analysis, triage, and pentest reporting:

🔗 https://github.com/dreizehnutters/NmapView

Thunderbit. The Next Gen AI Web Scraper:

🔗 https://thunderbit.com/

ONYPHE. A cyber defense search engine for OSINT & threat intelligence, collecting internet-sourced data to find threats:

🔗 https://search.onyphe.io/

Website downloader works with wget and archiver to download all websites assets and compress then sends it back to the user through socket channel:

🔗 https://github.com/AhmadIbrahiim/Website-downloader

PyDNS Scanner. A modern, high-performance DNS scanner with a beautiful Terminal User Interface (TUI) built with Textual. This tool can scan millions of IP addresses to find working DNS servers with optional Slipstream proxy testing and automatic multi-platform client download:

🔗 https://github.com/sy54dmin/pydns-scanner

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid:

🔗 https://github.com/streaak/keyhacks

The best IP Toolbox. Easy to check what's your IPs, IP geolocation, check for DNS leaks, examine WebRTC connections, speed test, ping test, MTR test, check website availability, whois search and more:

🔗 https://github.com/jason5ng32/myip

Cloak Browser. Stealth Chromium that passes every bot detection test. Drop-in Playwright replacement with source-level fingerprint patches. 30/30 tests passed:

🔗 https://github.com/CloakHQ/CloakBrowser

Endpoint Hunter. OWASP-focused automated reconnaissance tool for web application security testing. Performs subdomain enumeration, URL harvesting, filtering, and intelligent endpoint classification to identify high-risk attack surfaces. Built for bug bounty hunters and penetration testers:

🔗 https://github.com/banguhub/endpoint-hunter


🤖 Universal Search & AI

Free LLM API Resources. A list of free LLM inference resources accessible via API:

🔗 https://github.com/cheahjs/free-llm-api-resources

OpenHuman. Your Personal AI super intelligence. Private, Simple and extremely powerful:

🔗 https://github.com/tinyhumansai/openhuman

CodeGraph. Pre-indexed code knowledge graph for Claude Code - fewer tokens, fewer tool calls, 100% local:

🔗 https://github.com/colbymchenry/codegraph

MARM Systems. Turn AI into a persistent, memory-powered collaborator. Universal MCP Server (supports HTTP, STDIO, and WebSocket) enabling cross-platform AI memory, multi-agent coordination, and context sharing. Built with MARM protocol for structured reasoning that evolves with your work:

🔗 https://github.com/curatedhealth/marm-systems

Superserve. Peristent and secure sandboxes for AI Agents, powered by Firecracker microVMs:

🔗 https://github.com/superserve-ai/superserve

OpenSandbox is a general-purpose sandbox platform for AI applications, offering multi-language SDKs, unified sandbox APIs, and Docker/Kubernetes runtimes for scenarios like Coding Agents, GUI Agents, Agent Evaluation, AI Code Execution, and RL Training:

🔗 https://github.com/alibaba/OpenSandbox

OptiLLM is an OpenAI API-compatible optimizing inference proxy that implements 20+ state-of-the-art techniques to dramatically improve LLM accuracy and performance on reasoning tasks - without requiring any model training or fine-tuning:

🔗 https://github.com/algorithmicsuperintelligence/optillm

Goose. An open source, extensible AI agent that goes beyond code suggestions - install, execute, edit, and test with any LLM:

🔗 https://github.com/aaif-goose/goose

Browserbase's official collection of agent skills to access the web:

🔗 https://github.com/browserbase/skills

Token Tracker. Track Claude Code, Codex, Cursor, Gemini, Kiro, OpenCode, OpenClaw & Every Code token usage. Local-first, zero-config, with a beautiful dashboard, native macOS menu bar app, and 4 desktop widgets:

🔗 https://github.com/mm7894215/TokenTracker

AngelSlim. Model compression toolkit engineered for enhanced usability, comprehensiveness, and efficiency:

🔗 https://github.com/tencent/AngelSlim


👨‍💻 Software Development & APIs

Floci. Light, fluffy, and always free - The AWS Local Emulator alternative:

🔗 https://github.com/floci-io/floci

GitNexus. The Zero-Server Code Intelligence Engine - GitNexus is a client-side knowledge graph creator that runs entirely in your browser. Drop in a GitHub repo or ZIP file, and get an interactive knowledge graph wit a built in Graph RAG Agent. Perfect for code exploration:

🔗 https://github.com/abhigyanpatwari/GitNexus

Data Peek. A minimal, fast, database client desktop application. Built for developers who want to quickly peek at their data without the bloat:

🔗 https://github.com/Rohithgilla12/data-peek

Codeg (Codegen). Aggregate and browse AI coding agent sessions (Claude Code, Codex, Gemini CLI, etc.) in one place. Desktop app, self-hosted server, or Docker:

🔗 https://github.com/xintaofei/codeg

Spec Kit. Toolkit to help you get started with Spec-Driven Development:

🔗 https://github.com/github/spec-kit

HeyForm simplifies the creation of conversational forms, making it accessible for anyone to gather information or feedback through engaging surveys, quizzes, and polls. We are committed to enhancing HeyForm with regular updates, including bug fixes, new features, and performance improvements:

🔗 https://github.com/heyform/heyform

TablePro. Native database client for Mac and iPhone. MySQL, PostgreSQL, SQLite, MongoDB, Redis, and 15+ more:

🔗 https://github.com/TableProApp/TablePro

mapcn. Beautiful map components. 100% Free, Zero config, one command setup:

🔗 https://github.com/AnmolSaini16/mapcn

Open Infrastructure Map. A view of infrastructure data in OpenStreetMap:

🔗 https://github.com/openinframap/openinframap


🐧 Linux & DevOps

Live Custom Ubunti from Scratch. This procedure shows how to create a bootable and installable Ubuntu Live (along with the automatic hardware detection and configuration) from scratch. A Linux to call your own:

🔗 https://github.com/mvallim/live-custom-ubuntu-from-scratch

MOS is a lightweight operating system based on Devuan, designed specifically for small, energy‑efficient home servers:

🔗 https://github.com/ich777/mos-releases

Free online domain analysis. Server Info, Meta-Tags, Spyder-Map, Connection-Urls, Screenshot, Domain Whois, Trace Route, HTTP Security, DNS Server, HSTS Check, Headers, Server Status, Email Configuration, Block Lists, Cookies, Social Tags, Linked Pages, Global Ranking and more:

🔗 https://redmorph.com/

DNS-Blocklists. For a better internet - keep the internet clean:

🔗 https://github.com/hagezi/dns-blocklists

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community:

🔗 https://github.com/OISF/suricata

LUKSbox. Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots. Mounts as a real drive on Linux, macOS, and Windows:

🔗 https://github.com/PentHertz/LUKSbox

SkySend. Minimalist, end-to-end encrypted, self-hostable file and note sharing. Zero-knowledge server - files and notes are encrypted in the browser before upload. No accounts, no telemetry, built for speed and security

🔗 https://github.com/Eirias/skysend

VirusTotal CLI, a tool designed for those who love both VirusTotal and command-line interfaces. With this tool you can do everything you'd normally do using VirusTotal's web page:

🔗 https://github.com/VirusTotal/vt-cli/

Designed for Developers and DevOps Engineers, Lens provides an unparalleled experience for managing and troubleshooting Kubernetes workloads through one intuitive context-aware UI. For teams and organizations, Lens has proven to be the most effective way to learn Kubernetes, boost team productivity and reduce tools required for cloud native development. It's trusted by the world's best product teams; from innovative startups to iconic enterprises. Lens is the #1 choice for Kubernetes with over 1 million users globally:

🔗 https://github.com/lensapp/lens

Ultimate source for Nothing OS firmware, stock OTA images, community apps, projects, resources and comprehensive guides for Nothing & CMF devices:

🔗 https://github.com/spike0en/nothing_archive


🔌 Hardware & Devices

SigDigger. Qt-based digital signal analyzer, using Suscan core and Sigutils DSP library:

🔗 https://github.com/BatchDrake/SigDigger

ESP-Claw. A "Chat Coding" AI agent framework for IoT devices:

🔗 https://github.com/espressif/esp-claw/


🚨 From CyberDetective

Related Repos. A free online tool that helps you find repositories similar to a specific one (results can be sorted by number of stars, similarity score and date of last update)

🔗 https://relatedrepos.com

Public Procurement Portals - An OSINT Goldmine

International Procurement Portals
United States Procurement Portals
Canada-Wide Procurement Portals
British Columbia Procurement Portals
Procurement Aggregators and Meta-Sources
Finding More Portals
Why Is The Procurement Process So Underrated As A Source of Information?
From a Cybersecurity Perspective
From an Investigative Perspective
From a Civic Engagement Perspective
Procurement Data Is Excellent for Historical Research

🔗 https://appliedawareness.ca/public-procurement-portals-an-osint-goldmine/


📌 Where to Follow

If this timeline saves you time, it’s doing its job.
Free to read. Manually curated. Minimal noise.


📌 Donates

Buy Me a Coffee


📌 Legal and ethical note

All tools and techniques documented in the dataset are presented for informational,
educational and information security purposes only.

The dataset does not promote or endorse illegal activities.
Users are responsible for complying with applicable laws and ethical standards.


📌 About future updates

The dataset is updated on a regular basis.
Future posts will document changes, notable additions and emerging trends observed within the dataset.

This post serves as an introduction and reference point for those updates.