OSINT Report Anatomy

- Face-Sheet

The face-sheet is typically one or two pages and is the most important piece of any report. It is meant to quickly convey the most important intelligence.

- Narrative

The nattative follows the face-sheet and it tells the story. This is your opportunity to describe the path you took to reach your key findings.

- Link Analvsis & Timelines

Graphical components that support understanding of the preceding narrative.

Software such as Maltego or 12 Analyst's Notebook.

When I do not have analyst resources available, I leverage one of the following free and user-friendlv link visualization tools.

  • Draw.io (www.diagrams.net/integrations.html)

  • Visual Investigative Scenarios (vis.occrp.org/account/metro)

  • Gephi (gephi.org)

  • MindMup (mindmup.com)

  • WU (knightlab.northwestern.edu/projects)

I formerly used the free, stripped down version of Maltego called CaseFile for my link charts.

Prefer Draw.io for most investigations. It is most commonly used Online as a browser-based diagram solution. To instal it’s offline desktop app:

  • Navigate to github.com/igraph/drawio-desktop/ releases.

  • Click the Linux "deb" link and download the installation file.

  • Right-click on the downloaded file and choose "Open with Software Install'.

  • Click the "Install" button and provide your password.

  • Open the application from the Applications menu and add to favorites, if desired.

When you first install Draw.io the default settings will present charts which appear a bit outdated due to the art style of the standard icons. Changing the following settings can fix this.

  • Click "Extras" at the top and select one of the additional themes. I use the lighter options, as seen in Figure 35.03, for anything being printed, but I find that dark works well visually.

  • At the bottom of the "Shapes" panel on the left, click "+ More Shapes...

  • Browse through and check any sets that look useful and click "Apply". One I always include is "Web Icons" under "Other". The "Web Icons" and "Web Logos" work very well for OSINI charts and the icon styles tend to be more modern than the default selections included in the offered templates.

  • There is also a + button in your toolbar that will allow you to import your own images into the chart or even draw shapes freehand.

- Timelines and Event Maps

Draw.io is very flexible and you could use it to create timelines or event maps.

The following descriptions are of two other applications for dedicated timeline and mapping tools:

  • Event Viewpoint (eventviewpoint.com): Event Viewpoint is a free, browser-based timeline and mapping application. It will allow you to create events made up of a location, designated span of time/ date, and event notes. Never use this with sensitive data, it’s not open source and it collects user data.

  • Time Graphics (time.graphics): Reports can be exported in various formats. Only premium users can save privatized projects.

PreviousReport Anatomy

Last updated