r/osinttools

Hey guys!

Today I am releasing Monitory, which is an online monitoring platform. It allows you to log or get alerted about any change or post on a social media profile, a website, and more.

Monitory has a set of prebuilt modules (including X, Reddit, Github, TikTok, Steam, and any website), and thanks to our partnership with scraping.industries, modules are added on request and accessible to everyone.

You can create multiple scanners on multiple platforms for the same user, group these scanners inside a profile to get the whole picture of any user's behaviour and changes. Get alerted by email, webhooks, or Discord of any change when it happens.

Why this is useful for OSINT:

• Fully anonymous. No login, no follow, no interaction. Completely passive.
• Track a person across X, Reddit, GitHub, TikTok, and Steam from one dashboard.
• Detect bio changes, new posts, follower shifts, SSH key additions, and more.
• Visual timeline with field-by-field diffs.
• Webhooks support to pipe into your existing tooling.

Your first scanner is free for 24 hours, no card needed, so you can test the full flow before committing.

Would love feedback from the community. Happy to answer any questions.

monitory.me

## Claude Sleuth

6 phase, 56 task workflow for Claude, consisting of; Operational Direction, Intelligence Collection, Collation & Entity Resolution, Chronological & Relational Processing, Hypothesis & Reasoning, concluding with the Final Report. Templates for every step, reference files for each task are output by task_runner.py upon completion of the gate.

### Not just for CLI, works on all Claude platforms incl. Mobile.

https://github.com/elb-pr/claude-sleuth

- Remote MCP Persistent investigation state across sessions via Cloudflare D1. Stores entities, relationships, timelines, evidence, grades, and the Investigation Notebook.

- 16-section Cognitive Surrogate Profiling from documentary evidence. Advance the profile whenever subject information is synthesised as well as a 12-technique reasoning framework. Call diagnose at any impasse, competing framing, or stuck point

| Standard | What It Does |

|---|---|

| **Admiralty 6x6** | Grades source reliability (A–F) and credibility (1–6) independently before any claim enters the record |

| **ACH** | Derives conclusions via the Inconsistency Principle — surviving hypotheses have the least evidence against them |

| **ICD 203** | Maps every probabilistic statement to a 7-tier scale. Vague qualifiers are not permitted |

### Conventions applied to all outputs:

Timestamps - ISO 8601, normalised to UTC

Entity records - POLE schema with mandatory source, date_observed, analyst_id, and confidence fields

Network edges - source_node, target_node, relationship_type, evidence_ref; edges are directed (source -> target)

Evidence custody - SHA-256 hash, capture timestamp, analyst ID, storage location

Probability language - ICD 203 7-tier scale

### Scripts Reference

|---|---|

| `task_runner.py` | Drives the 56-task pipeline (`next`, `done`, `status`, `jump`, `peek`, `notebook`, `reset`) |

| `template_builder.py` | Assembles Markdown working documents from `templates/` by phase, step, or task ID |

| `source_grader.py` | Admiralty 6x6 source reliability and credibility grading with action recommendations |

| `entity_resolver.py` | Fellegi-Sunter probabilistic record linkage; deterministic matching on unique identifiers |

| `corporate_intel.py` | Aggregates company data from UK Companies House, SEC EDGAR, GLEIF LEI, and ICIJ Offshore Leaks |

| `domain_intel.py` | Domain reconnaissance via DNS, RDAP, crt.sh, Shodan InternetDB — zero authentication required |

| `username_enum.py` | Async username enumeration across social platforms using Maigret, Sherlock, or WhatsMyName |

| `sanctions_screen.py` | Fuzzy name matching against OFAC SDN, UK HMT, and other public sanctions lists |

| `evidence_preservation.py` | Forensic web capture: screenshots, HTML, WARC, Wayback submission, SHA-256 chain of custody |

| `content_archiver.py` | Async media download and cataloguing via yt-dlp, gallery-dl, and Playwright with manifest generation |

| `chronological_matrix.py` | UTC-normalised timeline construction; gap detection, source conflict flagging, CSV export |

| `network_graph.py` | Directed POLE relationship graph; in/out-degree, PageRank, community detection, HTML/GEXF export |

| `geolocation.py` | EXIF GPS extraction, solar position/shadow analysis, historical weather correlation, reverse geocoding |

| `financial_analysis.py` | SEC EDGAR financial anomaly detection: Benford's Law, YoY variance, Altman Z-Score |

| `report_generator.py` | ICD 203-compliant briefings and findings memos via Jinja2 templates; optional WeasyPrint PDF export |

Hi everyone, I’ve been working on a project called NOX because I was tired of manually pivoting between breach data and social handles during recon. It’s a Python framework that basically takes a seed (email, username, etc.) and recursively digs through about 120+ sources.

The main thing it does is the "Avalanche" effect: if it finds a new handle in a leak, it automatically starts dorking and scraping for that new handle without you doing anything. It outputs a PDF with a pivot chain so you can actually see the link between the data points.

It’s strictly not-for-profit and open source. If you guys do a lot of collection/analysis, I’d love to know if the recursive logic makes sense or if I should tweak the depth caps.

GitHub: https://github.com/nox-project/nox-framework

I built Market Ontology because I kept running into the same problem:

the news tells you what happened,
the charts tell you what moved,
but neither gives you a clean way to see what should move next.

So I made a workspace for:

• macro regime monitoring
• geopolitical risk mapping
• cross-asset relationships
• options / positioning context into catalysts

It’s aimed at macro and event-driven traders.

The core use case is pretty simple:

headline → transmission path → affected assets → confirmation signals

Example:

• tariff / sanctions / conflict headline
• does that hit energy, shipping, inflation expectations, FX, or rates first?
• which assets should confirm the story?
• is the first move likely real repricing or just flow/noise?

A few things I’d genuinely love feedback on:

• is the use case clear enough?
• does “market mapping” resonate or sound too vague?
• which page or screenshot would make you understand it fastest?

Link: marketontology.com

Happy to answer anything bluntly, including what’s not working.