Gopnik Art
Week of 8 — 14 May 2026
Every week, I manually curate tools, research, and services that are genuinely useful for OSINT, digital investigations, security research, and adjacent fields.
No hype. No SEO noise. No "AI startups that change everything".
Only things you can open, verify, and actually use.
A first step for investigations into organized crime, corruption, trafficking, and global risk networks.
Tesari is designed as an entry point into complex investigations: structure, context, and navigable intelligence instead of chaotic searching.
Mining China’s ‘Little Red Book’ for Open Source Gold. Xiaohongshu China Investigations Giude by Bellingcat:
🔗 https://www.bellingcat.com/resources/2026/04/20/xiaohongshu-rednote-open-source-guide/
Supercharge Your Reporting. The Journalist’s AI Prompt Playbook:
🔗 https://learnprompt.org/prompts-for-journalists/
coJournalist. Let your AI monitor the noise and surface leads. Connect your agent to scouts that monitor pages, social profiles, city councils, and your beat - while you focus on reporting:
OSINT of Nicaragua by Unishka Research Service:
🔗 https://substack.com/home/post/p-195616592
Environmental monitoring and geospatial research often depend on many specialized tools Start.Me page:
🔗 https://start.me/p/p1LqPo/robert-s-links-air-land-sea
Global Censorship Index. Real-time internet-freedom rankings based on 2.3B+ measurements across 200 countries. Each row links to a country profile with evidence trail and ML-classified incidents:
🔗 https://voidly.ai/censorship-index
List of Computer Science courses with video lectures:
🔗 https://github.com/Developer-Y/cs-video-courses
Looking for a job as an OSINT Analyst?
After recently losing my job due to my role being cut, I have been digging through job listings. I have also seen several others in my network seeking new careers as well.
I have been searching the job boards and LinkedIn, but wanted to do something a little more proactive. I created a routine in Claude code to help filter the noise. I wanted to share to help others.
OSINT Job Tracker:
Claude Code Instructions:
🔗 https://github.com/denniskeefe/job-search/blob/main/SKILL.md
NMapView. Turn Nmap XML into a searchable, portable HTML report for analysis, triage, and pentest reporting:
🔗 https://github.com/dreizehnutters/NmapView
Thunderbit. The Next Gen AI Web Scraper:
ONYPHE. A cyber defense search engine for OSINT & threat intelligence, collecting internet-sourced data to find threats:
Website downloader works with wget and archiver to download all websites assets and compress then sends it back to the user through socket channel:
🔗 https://github.com/AhmadIbrahiim/Website-downloader
PyDNS Scanner. A modern, high-performance DNS scanner with a beautiful Terminal User Interface (TUI) built with Textual. This tool can scan millions of IP addresses to find working DNS servers with optional Slipstream proxy testing and automatic multi-platform client download:
🔗 https://github.com/sy54dmin/pydns-scanner
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid:
🔗 https://github.com/streaak/keyhacks
The best IP Toolbox. Easy to check what's your IPs, IP geolocation, check for DNS leaks, examine WebRTC connections, speed test, ping test, MTR test, check website availability, whois search and more:
🔗 https://github.com/jason5ng32/myip
Cloak Browser. Stealth Chromium that passes every bot detection test. Drop-in Playwright replacement with source-level fingerprint patches. 30/30 tests passed:
🔗 https://github.com/CloakHQ/CloakBrowser
Endpoint Hunter. OWASP-focused automated reconnaissance tool for web application security testing. Performs subdomain enumeration, URL harvesting, filtering, and intelligent endpoint classification to identify high-risk attack surfaces. Built for bug bounty hunters and penetration testers:
🔗 https://github.com/banguhub/endpoint-hunter
Free LLM API Resources. A list of free LLM inference resources accessible via API:
🔗 https://github.com/cheahjs/free-llm-api-resources
OpenHuman. Your Personal AI super intelligence. Private, Simple and extremely powerful:
🔗 https://github.com/tinyhumansai/openhuman
CodeGraph. Pre-indexed code knowledge graph for Claude Code - fewer tokens, fewer tool calls, 100% local:
🔗 https://github.com/colbymchenry/codegraph
MARM Systems. Turn AI into a persistent, memory-powered collaborator. Universal MCP Server (supports HTTP, STDIO, and WebSocket) enabling cross-platform AI memory, multi-agent coordination, and context sharing. Built with MARM protocol for structured reasoning that evolves with your work:
🔗 https://github.com/curatedhealth/marm-systems
Superserve. Peristent and secure sandboxes for AI Agents, powered by Firecracker microVMs:
🔗 https://github.com/superserve-ai/superserve
OpenSandbox is a general-purpose sandbox platform for AI applications, offering multi-language SDKs, unified sandbox APIs, and Docker/Kubernetes runtimes for scenarios like Coding Agents, GUI Agents, Agent Evaluation, AI Code Execution, and RL Training:
🔗 https://github.com/alibaba/OpenSandbox
OptiLLM is an OpenAI API-compatible optimizing inference proxy that implements 20+ state-of-the-art techniques to dramatically improve LLM accuracy and performance on reasoning tasks - without requiring any model training or fine-tuning:
🔗 https://github.com/algorithmicsuperintelligence/optillm
Goose. An open source, extensible AI agent that goes beyond code suggestions - install, execute, edit, and test with any LLM:
🔗 https://github.com/aaif-goose/goose
Browserbase's official collection of agent skills to access the web:
🔗 https://github.com/browserbase/skills
Token Tracker. Track Claude Code, Codex, Cursor, Gemini, Kiro, OpenCode, OpenClaw & Every Code token usage. Local-first, zero-config, with a beautiful dashboard, native macOS menu bar app, and 4 desktop widgets:
🔗 https://github.com/mm7894215/TokenTracker
AngelSlim. Model compression toolkit engineered for enhanced usability, comprehensiveness, and efficiency:
🔗 https://github.com/tencent/AngelSlim
Floci. Light, fluffy, and always free - The AWS Local Emulator alternative:
🔗 https://github.com/floci-io/floci
GitNexus. The Zero-Server Code Intelligence Engine - GitNexus is a client-side knowledge graph creator that runs entirely in your browser. Drop in a GitHub repo or ZIP file, and get an interactive knowledge graph wit a built in Graph RAG Agent. Perfect for code exploration:
🔗 https://github.com/abhigyanpatwari/GitNexus
Data Peek. A minimal, fast, database client desktop application. Built for developers who want to quickly peek at their data without the bloat:
🔗 https://github.com/Rohithgilla12/data-peek
Codeg (Codegen). Aggregate and browse AI coding agent sessions (Claude Code, Codex, Gemini CLI, etc.) in one place. Desktop app, self-hosted server, or Docker:
🔗 https://github.com/xintaofei/codeg
Spec Kit. Toolkit to help you get started with Spec-Driven Development:
🔗 https://github.com/github/spec-kit
HeyForm simplifies the creation of conversational forms, making it accessible for anyone to gather information or feedback through engaging surveys, quizzes, and polls. We are committed to enhancing HeyForm with regular updates, including bug fixes, new features, and performance improvements:
🔗 https://github.com/heyform/heyform
TablePro. Native database client for Mac and iPhone. MySQL, PostgreSQL, SQLite, MongoDB, Redis, and 15+ more:
🔗 https://github.com/TableProApp/TablePro
mapcn. Beautiful map components. 100% Free, Zero config, one command setup:
🔗 https://github.com/AnmolSaini16/mapcn
Open Infrastructure Map. A view of infrastructure data in OpenStreetMap:
🔗 https://github.com/openinframap/openinframap
Live Custom Ubunti from Scratch. This procedure shows how to create a bootable and installable Ubuntu Live (along with the automatic hardware detection and configuration) from scratch. A Linux to call your own:
🔗 https://github.com/mvallim/live-custom-ubuntu-from-scratch
MOS is a lightweight operating system based on Devuan, designed specifically for small, energy‑efficient home servers:
🔗 https://github.com/ich777/mos-releases
Free online domain analysis. Server Info, Meta-Tags, Spyder-Map, Connection-Urls, Screenshot, Domain Whois, Trace Route, HTTP Security, DNS Server, HSTS Check, Headers, Server Status, Email Configuration, Block Lists, Cookies, Social Tags, Linked Pages, Global Ranking and more:
DNS-Blocklists. For a better internet - keep the internet clean:
🔗 https://github.com/hagezi/dns-blocklists
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community:
🔗 https://github.com/OISF/suricata
LUKSbox. Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots. Mounts as a real drive on Linux, macOS, and Windows:
🔗 https://github.com/PentHertz/LUKSbox
SkySend. Minimalist, end-to-end encrypted, self-hostable file and note sharing. Zero-knowledge server - files and notes are encrypted in the browser before upload. No accounts, no telemetry, built for speed and security
🔗 https://github.com/Eirias/skysend
VirusTotal CLI, a tool designed for those who love both VirusTotal and command-line interfaces. With this tool you can do everything you'd normally do using VirusTotal's web page:
🔗 https://github.com/VirusTotal/vt-cli/
Designed for Developers and DevOps Engineers, Lens provides an unparalleled experience for managing and troubleshooting Kubernetes workloads through one intuitive context-aware UI. For teams and organizations, Lens has proven to be the most effective way to learn Kubernetes, boost team productivity and reduce tools required for cloud native development. It's trusted by the world's best product teams; from innovative startups to iconic enterprises. Lens is the #1 choice for Kubernetes with over 1 million users globally:
🔗 https://github.com/lensapp/lens
Ultimate source for Nothing OS firmware, stock OTA images, community apps, projects, resources and comprehensive guides for Nothing & CMF devices:
🔗 https://github.com/spike0en/nothing_archive
SigDigger. Qt-based digital signal analyzer, using Suscan core and Sigutils DSP library:
🔗 https://github.com/BatchDrake/SigDigger
ESP-Claw. A "Chat Coding" AI agent framework for IoT devices:
🔗 https://github.com/espressif/esp-claw/
Related Repos. A free online tool that helps you find repositories similar to a specific one (results can be sorted by number of stars, similarity score and date of last update)
Public Procurement Portals - An OSINT Goldmine
International Procurement Portals
United States Procurement Portals
Canada-Wide Procurement Portals
British Columbia Procurement Portals
Procurement Aggregators and Meta-Sources
Finding More Portals
Why Is The Procurement Process So Underrated As A Source of Information?
From a Cybersecurity Perspective
From an Investigative Perspective
From a Civic Engagement Perspective
Procurement Data Is Excellent for Historical Research
🔗 https://appliedawareness.ca/public-procurement-portals-an-osint-goldmine/
- Substack: https://osintech.substack.com
- LinkedIn: https://www.linkedin.com/in/osintech/details/featured/
If this timeline saves you time, it’s doing its job.
Free to read. Manually curated. Minimal noise.
All tools and techniques documented in the dataset are presented for informational,
educational and information security purposes only.
The dataset does not promote or endorse illegal activities.
Users are responsible for complying with applicable laws and ethical standards.
The dataset is updated on a regular basis.
Future posts will document changes, notable additions and emerging trends observed within the dataset.
This post serves as an introduction and reference point for those updates.

