Skip to main content
Secvark
Finalist
Back to Agents Under Pressure - Build your own OS Gallery

Secvark

by OrangeTissue

AI-powered OSINT operating system that remembers, reasons, recovers, and adapts.

Demo Video

About This Project

SecVark SmartOS is an AI-powered OSINT (Open Source Intelligence) Operating System — an autonomous investigation agent that reasons across security data, maintains persistent memory of past investigations, gracefully recovers from failures, and adapts to changing threat landscapes in real-time.

What It Does SecVark SmartOS acts as an intelligent security analyst that can:

Investigate targets (emails, usernames, domains, IPs, phone numbers) across 12+ OSINT tools including HIBP, Shodan, VirusTotal, Sherlock, and more Remember everything — it builds persistent knowledge graphs of threat actors, correlates findings across cases, and recalls relevant context from past investigations using HydraDB as its long-term memory Recover gracefully — when APIs fail, data is messy, or results conflict, the agent consults recovery playbooks, applies exponential backoff, switches to alternative tools, and never lets a single failure stop an investigation Adapt on the fly — users can change targets mid-investigation, new indicators of compromise can appear, and the scope can shift — the agent adjusts its plan in real-time without losing context Architecture The system is built on four core pillars, each corresponding to a hackathon track:

Memory Track (HydraDB): Six specialized collections store security knowledge, investigation memory, threat actor profiles, tool execution history, correlation patterns, and recovery playbooks — all with semantic vector search for intelligent retrieval.

Tools Track: An orchestration layer manages 12+ OSINT tools with rate limiting, retries, fallbacks, and quality scoring. The agent learns which tools work best for which target types.

Recovery Track: When tools fail (rate limits, API outages, conflicting data), the agent consults learned recovery playbooks, applies appropriate strategies, and continues the investigation using alternative data sources.

Adaptation Track: A multi-phase investigation loop (Recall → Plan → Execute → Correlate → Remember) allows the agent to dynamically adjust its approach based on what it discovers.

How It Works Knowledge Seeding: HydraDB is pre-loaded with extensive security knowledge — OSINT methodologies, Google dork patterns, MITRE ATT&CK techniques, tool usage guides, correlation rules, and recovery playbooks.

Investigation Planning: When given a target, the agent recalls relevant methodology and past findings from HydraDB, then uses Claude to create a prioritized investigation plan.

Tool Execution with Learning: Each tool call is instrumented — successes, failures, response times, and result quality are all recorded. The agent literally gets smarter with every investigation.

Cross-Source Correlation: Findings from multiple tools are analyzed using learned correlation rules (e.g., same username across platforms = high confidence same person; same SSH key across servers = same administrator).

Persistent Memory: Conclusions, correlations, hypotheses, and even dead ends are stored — so the next investigation benefits from everything learned before.

Built With

Vue
codex
lemonsqueezy
lovable

Submitted May 25, 2026 at 7:00 AM