JTRIG Tools and Techniques (Redirected from JTRIG CITD - Covert Internet Technical Development) Navigation
Total Page:16
File Type:pdf, Size:1020Kb
my talk my preferences my watchlist my contributions | page | | discussion | | edit | | history | | delete | | move | | watch | ^additional statistics | TOP SECRET STRAP1 COMINT The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content. For GCWiki help page JTRIG tools and techniques (Redirected from JTRIG CITD - Covert Internet Technical Development) navigation Main Page Help Pages Wikipedia Mirror JTRIG Capabilities Ask Me About... Random page Recent changes Report a Problem Contacts GCWeb [edit] search JTRIG tools Go Search toolbox What links here Contents Related changes Upload file 1 JTRIG tools Special pages 1.1 Understanding this page Printable version 1.2 Current Priorities Permanent link 1.2.1 Engineering 1.2.2 Collection Ii« MedioWiki 1.2.3 Effects Capability 1.2.4 Work Flow Management This page was last 1.2.5 Analysis Tools modified on 5 July 2012, at 13:05. This page has 1.2.6 Databases been accessed 19,579 1.2.7 Forensic Exploitation times. 1.2.8 Techniques All material is UK 1.2.9 Shaping and Honeypots We dont update this page anymore, it became somewhat of a Chinese menu for effects operations. Information is now available for JTRIG staff at [[1]^] [edit] Understanding this page Tools and techniques are developed by various teams within JTRIG. We like to let people know when we have something that we can think we can use, but we also dont want to oversell our capability. For this reason, each tool indicates its current status. We may put up experimental tools or ones that are still in development so you know what we are working on, and can approach JTRIG with any new ideas. But experimental tools by their nature will be unreliable, if you raise expectations or make external commitments before speaking to us you will probably end up looking stupid. Most of our tools are fully operational, tested and reliable. We will indicate when this is the case; however there can be reasons why our tools wont work for some operational requirements (eg if it exploits a provider specific vulnerability). There may also be legal restrictions. So please come and speak to JTRIG operational staff early in your operational planning process. [edit] Current Priorities Capability Development Priorities can be fond by following the link below • CapDev Priorities (Discover) [edit] Engineering Tool/System Description Status Contacts Collects on-going usage information about how many users utilise Cerberus JTRIG's UIA capability, what sites are the most frequently visited etc. Statistics OPERATIONAL JTRIG Software Developers H3 This is in order to provide JTRIG infrastucture and ITServices Collection management information statistics. JTRIG RADIANT is a 'Data Diode' connecting the CERBERUS network with GCNET OPERATIONAL JTRIG Software Developers H3 SPLENDOUR ALLIUM ARCH JTRIG UIA via the Tor network. OPERATIONAL JTRIGI nf rastru ctu re Te am H3 ASTRAL OPERATIONAL JTRIGI nf rastru ctu re Te am H3 PROJECTION Remote GSM secure covert internet proxy using TOR hidden sen/ices. TWILIGHT OPERATIONAL JTRIGI nf rastru ctu re Te am H3 ARROW Remote GSM secure covert internet proxy using VPN services. JTRIG's new Infrastructure. FOREST WARRIOR, FRUIT BOWL, JAZZ SPICE ISLAND FUSION and other JTRIG systems will form part of the SPICE ISLAND DEV JTRIG Infrastructure Team 113 infrastructure POISON Safe Malware download capability. DESIGN JTRIG Infrastructure Team 113 ARROW CERBERUS UIA Replacement and new tools infrastructure - Primary FRUIT BOWL Domain for Generic User/Tools Access and TOR split into 3 sub- DESIGN JTRIG Infrastructure Teami3 systems. JTRIG Tor web browser - Sandbox IE replacement and FRUIT BOWL NUT ALLERGY PILOT JTRIG Infrastructure Teami3 sub-system BERRY A sub-system of FRUIT BOWL PILOT JTRIG Infrastructure Teami3 TWISTER BERRY A sub-system of FRUIT BOWL PILOT JTRIG Infrastructure Team E3m] TWISTER+ BRANDY SNAP JTRIG UIA contingency at Scarborough. IMPLEMENTATION JTRIG Infrastructure Team H3 WIND FARM R&D offsite facility. DESIGN JTRIG Infrastructure Team i3 JTRIG's legacy UIA desktop, soon to be replaced with FOREST CERBERUS OPERATIONAL JTRIG Infrastructure Team i3 WARRIOR. BOMBAYROLL JTRIG's legacy UIA standalone capability. OPERATIONAL JTRIG Infrastructure Team i3 BOMBAY ROLL Replacement which will also incorporate new collectors JAZZ FUSION IMPLEMENTATION JTRIG Infrastructure Team i3 - Primary Domain for Dedicated Connections split into 3 sub-systems. COUNTRY FILE A sub-system of JAZZ FUSION OPERATIONAL JTRIG Infrastructure Team H3 TECHNO A sub-system of JAZZ FUSION DESIGN JTRIG Infrastructure Team i3 VIKING JAZZ FUSION+ A sub-system of JAZZ FUSION DESIGN JTRIG Infrastructure Team i3 BUMBLEBEE JTRIG Operational VM/TOR architecture OPERATIONAL JTRIG Infrastructure Team i3 DANCE AIR BAG JTRIG Laptop capability for field operations. OPERATIONAL JTRIG Infrastructure Team i3 EXPOW GCHQ's UIA capability provided by JTRIG. OPERATIONAL JTRIG Infrastructure Team i3 AXLE GREASE The covert banking link for CPG OPERATIONAL JTRIG Infrastructure Team i3 POD RACE JTRIG'S MS update farm DESIGN JTRIG Infrastructure Team i3 WATCHTOWER GCNET -> CERBERUS Export Gateway Interface System OPERATIONAL JTRIG Software Developers H3 REAPER CERBERUS -> GCNET Import Gateway Interface System OPERATIONAL JTRIG Software Developers H3 DIALd External Internet Redial and Monitor Daemon OPERATIONAL JTRIG Software Developers H3 FOREST Desktop replacement for CERBERUS DESIGN JTRIG Infrastructure TeamH3 WARRIOR DOG HANDLER JTRIG's development network DESIGN JTRIG Infrastructure TeamH3 JTRIG Infrastructure TeamS DIRTY DEVIL JTRIG'S research network DESIGN [edit] Collection Tool Description Contacts Status AIRWOLF YouTube profile, comment and video collection. Beta release. JTRIG Software Fully ANCESTRY Tool for discovering the creation date of yahoo selectors. Developers ü3 Operational. JTRIG Software Fully BEARTRAP Bulk retrieval of public BEBO profiles from member or group ID. Developers H3 Operational. Decomissioned JTRIG Software BIRDSONG Automated posting of Twitter updates. Replaced by Developers H3 SYLVESTER. JTRIG Software Fully BIRDSTRIKE Twitter monitoring and profile collection. Click here for the User Guide. Developers H3 Operational. Tech Leads |In early BUGSY Google+ collection (circles, profiles etc.) ¡development. [Tech Lead:J DANCING HExpert Fully obtains the locations of WiFi access points. BEAR User: J I Operational. (Tech Lead:^__| DEVILS Expert Fully ECI Data Technique. HANDSHAKE User: Operational. DRAGON'S Paltalk group chat collection. Beta release. SNOUT Fully JTRIG Software operational EXCALIBUR acquires a Paltalk UID and/or email address from a Screen Name. Developers IO (against current Paltalk version) [Tech Lead: FATYAK Public data collection from Linkedln. In development Provides 24/7 monitoring of Vbulliten forums for target postings/online activity. Also allows JTRIG Software FUSEWIRE staggered postings to be made. Developers Is3 Technique of getting a targets IP address by pretending to be a spammer and ringing them. JTRIG Software Fully GLASSBACK Target does not need to answer. Developers IO operational. [Tech Lead: _ „ Fully GODFATHER Public data collection from Facebook. operational. In Development [Tech Lead: (Supports GOODFELLA Generic framework for public data collection from Online Social Networks. RenRen and Xing). is a port scanning tool designed to scan an entire country or city. It uses GEOFUSION to identify IP locations. Banners and content are pulled back on certain ports. Content is put into NAC HACIENDA Fully HACIENDA the EARTHLING database, and all other scanned data is sent to GNE and is available through TaskersS operational. GLOBAL SURGE and Fleximart. JTRIG Software ICE is an advanced IP harvesting technique. Developers H3 JTRIG Software Fully INSPECTOR Tool for monitoring domain information and site availability Developers H3 Operational. Fully LANDING JTRIG Software Tool for auditing dissemination of VIKING PILLAGE data. Operational. PARTY Developers H3 Fully operational, but MINIATURE Active skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and JTRIG Software note usage HERO bidirectional instant messaging. Also contact lists. Developers O restrictions. JTRIG Software Fully MOUTH Tool for collection for downloading a user's files from Archive.org. Developers H3 Operational. (Tech Lead:J^| ¡Expert Fully MUSTANG provides covert access to the locations of GSM cell towers. Us ^^^^^^^ Operational. Operational, but usage PHOTON A technique to actively grab the IP address of an MSN messenger user. restrictions. TORPEDO Fully JTRIG Software operational, but RESERVOIR Facebook application allowing collection of various information. Developers IO note operational restrictions. [Tech Lead:H An ICTR developed system to identify P2P file sharing activity of intelligence value. Logs are B Expert SEBACIUM accessible via DIRTY RAT. User: SILVER JTRIG Software Allows batch Nmap scanning over TOR In Development SPECTER Developers E3 A tool for regularly downloading gmail messages and forwarding them onto CERBERUS JTRIG Software Fully SODAWATER mailboxes Developers E3 Operational. Tech Lead: SPRING Find private photographs of targets on Facebook. BISHOP Tech Lead: SYLVESTER Framework for automated interaction / alias management on online social networks. In Development. Replaced by A technical programme allowing operators to log on to a JTRIG website to grab IP addresses of HAVOK. TANNER JTRIG osona Internet Cafe's. In Development. TRACER An