full-OSINT-framework.md
1 ```mermaid 2 --- 3 config: 4 layout: elk 5 --- 6 flowchart LR 7 subgraph LEGEND["Legend"] 8 L_Phase["Phase<br>Primary Process"] 9 L_Step["Process Step"] 10 L_Security["Security Tool / Method"] 11 L_Defensive["Defensive Operation"] 12 L_Data["Data Node / Source"] 13 L_Audit["Audit & Review"] 14 end 15 subgraph P1["Phase 1: Planning & Scoping"] 16 A@{ label: "<span style=\"padding-left:\">1b. <br/>Threat Modeling <br/>&<br>OPSEC Baseline</span>" } 17 TM@{ label: "<span style=\"padding-left:\">1. Define Target & Objective<br>- What do you need to know?<br>- Define output: <br>map, timeline & network</span>" } 18 end 19 subgraph s1["<span style=padding-left:><span style=padding-left:><span style=padding-left:>Phase 2:<br>Passive Collection<br>(SOCMINT & OSINT)</span></span></span>"] 20 C["2. 21 Collect OSINT 22 & 23 SOCMINT<br>- Gather public data:<br>news, filings, govt<br>- Scrape social media SOCMINT"] 24 B["3. 25 Lay Psychological Foundation<br>- Analyze tone 26 & 27 sentiment NLP<br>- Track behavioral cues 28 & 29 timing"] 30 DB["3c. 31 Digital Biography<br>Gather IDs, emails,<br>social profiles & posts"] 32 BP["3d.<br>Analyze Behavioral Patterns<br>Find patterns in time, topics & networks"] 33 CA["3e. 34 Assess Competencies<br>&<br>Affinities<br><br>Technical skill<br>&<br>privacy awareness"] 35 end 36 subgraph s2["<span style=padding-left:><span style=padding-left:><span style=padding-left:><span style=padding-left:><span style=padding-left:>Phase 3:<br>Active Collection<br>(IMINT & GEOINT)</span></span></span></span></span>"] 37 D["4. 38 Acquire IMINT<br>- Satellite:<br>Google Earth, Bing<br>- Drone:<br>Legal flights only<br>- On-foot:<br>Public photography"] 39 E["5. 40 Reverse Image & Metadata<br>- Run image(s)<br>through search engines<br>- Inspect EXIF data<br>- Check historical archives"] 41 F["6. 42 Cross-Reference with Maps<br>- Pin images to<br>geospatial tools<br>- Match with Street View<br>- Detect changes over time"] 43 G["7. 44 Verification & Triangulation<br>- Correlate: 45 OSINT, SOCMINT, IMINT<br>- Flag contradictions for review<br>- Never trust a single source"] 46 PF["8. 47 Compile & Report Findings<br>- Synthesize into 48 timeline & map<br>- List key findings & risks"] 49 end 50 subgraph s3["<span style=padding-left:><span style=padding-left:><span style=padding-left:>Phase 5:<br>Defensive Operations</span></span></span>"] 51 H["9. 52 Counter-OSINT Audit<br>- Strip metadata from your files<br>- Audit your own digital footprint<br>- Monitor for self-leaks"] 53 PDP["11. 54 Physical & Data Protection"] 55 CI["10. 56 Counter-Intelligence<br>Privacy Hardening,<br>Disinformation<br>&<br>SOCMINT Monitoring"] 57 end 58 subgraph s4["<span style=padding-left:><span style=padding-left:><span style=padding-left:>Phase 6:<br>Reporting & Integration</span></span></span>"] 59 I["12. 60 Finalize & Secure Report<br>- Encrypt & secure report"] 61 CR["13. 62 Continuous Review 63 &<br>PsyOps Awareness"] 64 EC["Ethical & Legal Check<br>All data public and legally obtained?"] 65 END_Bad["Stop 66 & 67 Securely Delete Data"] 68 END_Good["Process Complete"] 69 n1["See phase 1 & 1b<br>Data is never complete"] 70 end 71 I -- Phase 0:<br>Ethical & Legal Gate --> EC 72 I --> CR 73 EC -- Yes --> END_Good 74 EC -- No --> END_Bad 75 DB --> BP 76 BP --> CA 77 D --> E 78 E --> F 79 F -- Phase 4:<br>Analysis & Synthesis --> G 80 H --> CI 81 CI --> PDP 82 G --> PF 83 TM --> A 84 C --> B 85 B --> DB 86 L_Data ~~~ L_Audit 87 L_Defensive ~~~ L_Data 88 L_Security ~~~ L_Defensive 89 L_Step ~~~ L_Security 90 L_Phase ~~~ L_Step 91 END_Bad --> END_Good 92 CR -- "<span style=padding-left:>Defensive Psyop Mindset</span>" --> EC 93 END_Good --> n1 94 95 A@{ shape: rect} 96 TM@{ shape: rect} 97 n1@{ shape: diam} 98 L_Phase:::phase 99 L_Step:::security 100 L_Security:::security 101 L_Defensive:::defensive 102 L_Data:::data 103 L_Audit:::audit 104 A:::audit 105 TM:::phase 106 C:::step 107 B:::phase 108 DB:::data 109 BP:::data 110 CA:::data 111 D:::step 112 E:::step 113 F:::step 114 G:::step 115 PF:::step 116 H:::defensive 117 PDP:::defensive 118 CI:::defensive 119 I:::security 120 CR:::defensive 121 EC:::audit 122 END_Bad:::step 123 END_Good:::step 124 n1:::audit 125 P1:::phaseCluster 126 classDef phaseCluster fill:none,stroke:#333,stroke-width:3px,color:#000 127 classDef phase fill:#e6f3ff,stroke:#333,stroke-width:2px,color:#000 128 classDef step fill:#d4edda,stroke:#155724,stroke-width:2px,color:#000 129 classDef security fill:#d4edda,stroke:#155724,stroke-width:2px,color:#000 130 classDef defensive fill:#fff3cd,stroke:#856404,stroke-width:2px,color:#000 131 classDef data fill:#f8d7da,stroke:#721c24,stroke-width:1px,color:#000 132 classDef audit fill:#fffd6e, stroke:#383d41, stroke-width:2px, color:#000 133 style P1 color:#FFFFFF,stroke:none,fill:#757575 134 style s4 fill:#757575,color:#FFFFFF 135 style s1 color:#FFFFFF,fill:#757575 136 style s2 fill:#757575,color:#FFFFFF 137 style s3 fill:#757575,color:#FFFFFF 138 style LEGEND color:#FFFFFF,fill:#757575,stroke:none 139 linkStyle 0 stroke:#000000,fill:none 140 linkStyle 1 stroke:#000000,fill:none 141 linkStyle 2 stroke:#000000,fill:none 142 linkStyle 3 stroke:#000000,fill:none 143 linkStyle 4 stroke:#000000,fill:none 144 linkStyle 5 stroke:#000000,fill:none 145 linkStyle 6 stroke:#000000,fill:none 146 linkStyle 7 stroke:#000000,fill:none 147 linkStyle 8 stroke:#000000,fill:none 148 linkStyle 9 stroke:#000000,fill:none 149 linkStyle 10 stroke:#000000,fill:none 150 linkStyle 11 stroke:#000000,fill:none 151 linkStyle 12 stroke:#000000,fill:none 152 linkStyle 13 stroke:#000000,fill:none 153 linkStyle 14 stroke:#000000,fill:none 154 ```