Open-Source Intelligence
Intelligence produced from publicly available sources — news, public records, social media, satellite imagery, sensor broadcasts and the open web — rather than clandestine collection (which is SIGINT, HUMINT, etc.). The craft is in aggregating, corroborating and geolocating scattered public signals.
In Skopia The whole platform is an OSINT aggregator: every feed reads public sources, and results are labelled indicative until corroborated.
Geospatial Intelligence
Intelligence derived from imagery and geospatial data tied to a location on Earth — putting the "where" and "when" onto events. Fusing GEOINT with OSINT is what turns a list of reports into a live picture on a map.
In Skopia Every feed is geolocated onto the 3D globe, so aviation, maritime, seismic and conflict data can be read against one another in space and time.
Reconnaissance posture
Passive reconnaissance reads data that is already public without touching the target (databases, broadcasts, archives) and leaves no trace. Active reconnaissance sends traffic to the target (a port scan, a WHOIS on a live host) and can be logged by it. Serious OSINT stays passive by default.
In Skopia Passive by design: only the active-scan route and WHOIS emit traffic to a third party — everything else reads public sources server-side.
Corroboration discipline
A discipline of never presenting a single unverified source as fact. Findings are marked indicative — a lead to corroborate — until a second independent source confirms them. It keeps analysis honest and guards against deception and single-source error.
In Skopia Investigation output is sourced, cross-checked and labelled indicative rather than stated as certainty.
Automatic Identification System
VHF transponders that ships broadcast automatically, carrying identity (MMSI), position, course, speed and destination. Designed for collision avoidance, AIS is also the backbone of civilian maritime tracking — and its absence is itself a signal.
In Skopia Live AIS drives the maritime layer — ports, chokepoints and vessel positions in real time.
Dark fleet · going dark
A ship that switches off or falsifies its AIS to disappear from tracking — typically to evade sanctions, run illicit ship-to-ship transfers, smuggle or fish illegally. You find them by their absence: a radar contact with no matching transponder.
In Skopia The dark-vessels layer cross-references satellite SAR contacts against AIS across high-risk zones (Black Sea, Taiwan Strait, Malacca) to surface transponder-off ships — flagged indicative.
Position falsification
Broadcasting false AIS data to fake a vessel's identity or location — teleporting a ship, cloning another vessel's MMSI, or drawing decoy tracks. A deception layer on top of "going dark," detectable when the broadcast contradicts radar or physics.
In Skopia SAR-vs-AIS correlation is what exposes spoofed or missing transponder data, not the AIS feed alone.
Synthetic Aperture Radar
Satellite radar that images the surface day or night, through cloud and darkness, by synthesising a large virtual antenna from the sensor's motion. It detects the metal hulls of ships and structures regardless of whether they emit any signal — ideal for finding what is hiding.
In Skopia SAR contacts (via Global Fishing Watch) with no matching AIS are the raw material of dark-vessel detection.
Maritime strait / passage
A narrow, strategically critical passage that concentrates global shipping — Hormuz, Malacca, Suez, Bab-el-Mandeb, the Bosphorus. Disruption at a chokepoint ripples through world trade and energy, which is why they are watched closely.
In Skopia Major chokepoints are mapped with their traffic and risk profile alongside live vessel activity.
Ship-to-ship transfer
Moving cargo — often oil — directly between two vessels at sea instead of at a port. Legitimate for logistics, it is also the classic method for laundering sanctioned crude: a dark tanker meets a "clean" one offshore, both frequently with AIS off.
In Skopia Two SAR contacts loitering together with no AIS, in a known transfer zone, is a textbook indicative STS pattern.
Automatic Dependent Surveillance–Broadcast
Aircraft continuously broadcast their GPS-derived position, altitude, velocity and identity, received by a global network of ground stations and satellites. It is the open backbone of civilian flight tracking — and, like AIS, its gaps and anomalies carry intelligence.
In Skopia The aviation layer streams live commercial, private and military traffic from OpenSky/ADS-B.
Mode S · squawk code
A transponder replies to radar and broadcasts an aircraft's identity; the "squawk" is a four-digit code it sets — including reserved emergency codes (7500 hijack, 7600 radio failure, 7700 general emergency). Military aircraft often fly with the transponder off.
In Skopia Aircraft are classified (commercial / private / military / jet) from their transponder and track characteristics.
GNSS denial
Flooding the GPS radio band with noise to deny positioning across an area. It degrades aviation, shipping and drones alike, and clusters around conflict zones and protected strategic sites — visible as a bloom of aircraft reporting bad or lost navigation.
In Skopia Jamming zones are derived from ADS-B anomalies and correlated with the conflict layer.
GNSS deception
Broadcasting counterfeit satellite signals so a receiver computes a false position — more insidious than jamming because the target believes it is correctly located. Increasingly seen near war zones, it can drag an aircraft's reported track hundreds of kilometres off its true path.
In Skopia Impossible ADS-B jumps are a spoofing tell that separates deception from ordinary signal loss.
Common Vulnerabilities and Exposures
The public catalogue that gives every disclosed software vulnerability a unique ID (e.g. CVE-2024-3094). It is the shared language of vulnerability management — letting defenders, vendors and researchers reference the exact same flaw.
In Skopia The recon toolkit's CVE lookup queries the NVD, and the cyber layer surfaces active CVE threats.
Domain / IP registration lookup
A query protocol that returns who registered a domain or owns an IP block — registrar, dates, name servers and (where not redacted) contacts. A first step in mapping the infrastructure behind a site or an actor.
In Skopia The browser WHOIS tool runs an automatic OFAC-SDN cross-check on results.
DoH
Resolving domain names inside an encrypted HTTPS connection so the lookups can't be read or tampered with in transit. It protects the privacy of who is asking what — and lets you choose a resolver you trust rather than your ISP's.
In Skopia DNS recon defaults to a non-GAFAM DoH resolver (Quad9), never Google's.
rDNS · PTR lookup
The inverse of a normal lookup: given an IP address, find the hostname it maps to. It helps attribute infrastructure, spot shared hosting, and pivot from an address back to the names and services behind it.
In Skopia Reverse DNS is one of the browser recon toolkit's pivots for mapping an IP.
Attack-surface mapping
Discovering the hostnames under a domain (mail., vpn., staging.…) to reveal its full footprint. Forgotten or exposed subdomains are a classic weak point, which is why enumeration is a staple of both attackers and defenders.
In Skopia Subdomain and tech-fingerprint discovery is part of the passive recon toolkit.
Server-Side Request Forgery
An attack that tricks a server into making requests on the attacker's behalf — often to reach internal systems a client could never touch directly. Any tool that fetches a user-supplied URL must guard against it.
In Skopia The active-scan route is SSRF-guarded and rate-limited so the tool can't be turned into a relay.
Border Gateway Protocol · Autonomous System
BGP is the routing protocol that stitches the internet's independent networks (Autonomous Systems, each with an ASN) together. Reading it tells you which organisation an IP truly belongs to — and BGP anomalies can reveal hijacks or state-level route manipulation.
In Skopia BGP/ASN lookup attributes an address to its owning network during infrastructure recon.
Specially Designated Nationals
The U.S. Treasury (OFAC) maintains the SDN list of people, companies and vessels under sanctions; dealing with them is prohibited for U.S. persons. Screening names, ships and wallets against it is a core compliance and investigation step.
In Skopia Person / org / vessel search runs against an OpenSanctions mirror of the OFAC SDN list, and WHOIS results are auto-checked against it.
Open sanctions & PEP dataset
An open-source dataset that consolidates the world's sanctions lists, watchlists and politically-exposed-person (PEP) records into one searchable, structured source — making sanctions screening possible without a commercial provider.
In Skopia Provides the sovereign, self-hostable backend for sanctions and SDN screening — no proprietary compliance API.
Contact-line inference
Inferring where a conflict's front lies not from press maps but from physical signals — where civilian aviation stops, where GPS is jammed, where SAR shows military activity. Signals-derived frontlines are harder to spin than narrative ones.
In Skopia Active conflict zones are derived from ADS-B gaps and SAR correlation, then shown on the conflict layer.
Richter / moment magnitude · M-scale
A logarithmic measure of the energy released by an earthquake — each whole step is ~32× more energy. Seismic networks also register large explosions, which is why real-time seismic data doubles as an open sensor for blasts and strikes.
In Skopia Real-time M2.5+ events stream from USGS and ETH Zürich (SED), distinguishing quakes from "boom / blast" signatures.
GDACS · NASA FIRMS · EONET
Global systems that push near-real-time alerts on natural hazards — active wildfires (FIRMS thermal satellites), floods and quakes with humanitarian impact scores (GDACS), and curated natural events (EONET). Together they give a live planetary hazard picture.
In Skopia The hazards layer fuses NASA FIRMS hotspots, GDACS alerts and EONET events onto the globe.
Sovereign deployment
Running software on infrastructure you own and control, rather than a vendor's cloud. Your data never leaves your perimeter, there is no third party to subpoena or breach, and the tool cannot be switched off from outside. Sovereignty is a security property, not a slogan.
In Skopia There is no shared public instance by design — the value is the code you run on your own machine.
On-device / self-hosted model
A large language model that runs on your own hardware (via a runtime like Ollama) instead of a remote API. Your prompts and documents stay on-premises — no queries leaked to a cloud provider, no per-token bill, no dependency you can't unplug.
In Skopia The AI defaults to a local LLM endpoint; any cloud provider is an explicit, off-by-default opt-in.
Retrieval-Augmented Generation
An AI pattern that first retrieves relevant real documents, then asks the model to answer grounded only in them — with citations. It keeps the output tied to sources instead of the model's memory, which curbs hallucination and makes claims checkable.
In Skopia The Sovereign Investigation agent runs RAG over a self-hosted search backend and a local model, citing every fact.
Big-Tech-free stack
Building without the Google/Apple/Meta/Amazon/Microsoft dependencies most software carries silently — no Google Fonts, no analytics, no cloud lock-in. It removes the trackers and choke-points that turn a tool into a data funnel for someone else.
In Skopia Fonts are self-hosted, DNS defaults to a non-GAFAM resolver, and there is zero analytics or telemetry.