Overview: The 5-Phase Intelligence Cycle

The OSINT Cycle is your roadmap for every investigation. Think of it as a recipe – skip a step, and your final product suffers.

Planning → Collection → Processing → Analysis → Dissemination
    ↑                                                    ↓
    ←←←←←←←←←←←← Feedback Loop ←←←←←←←←←←←←←←←←←←←←←←←

Phase 1: Planning and Direction

Purpose: Define what you're looking for and how you'll find it

Key Activities:

Practical Planning Template:

Investigation Title: [Name your investigation]
Objective: [What do you want to achieve?]
Key Questions:
  1. [Specific question 1]
  2. [Specific question 2]
  3. [Specific question 3]
Timeline: [Start date - End date]
Boundaries:
  - Will use: [List acceptable sources/methods]
  - Won't use: [List unacceptable sources/methods]
Resources Needed:
  - Tools: [List required tools]
  - Accounts: [List required accounts]
  - Time: [Estimated hours]

Example Planning Session:

Objective: Verify legitimacy of "TechStart LLC" before partnership
Key Questions:
  1. Is the company legally registered?
  2. Who are the real owners/directors?
  3. Do they have the claimed experience?
  4. Any red flags or legal issues?
Timeline: 48 hours
Boundaries:
  - Will use: Public records, social media, news archives
  - Won't use: Pretexting, contacting employees directly

Phase 2: Collection

Purpose: Gather raw information from identified sources

Collection Strategies:

Collection Best Practices:

✓ DO:
  • Use multiple search engines
  • Check archived versions of pages
  • Save everything (you can't go back)
  • Note collection time and source
  • Use legal methods only

✗ DON'T:
  • Rely on single sources
  • Assume information is permanent
  • Contact targets directly
  • Use intrusive techniques
  • Violate terms of service

Phase 3: Processing and Exploitation

Purpose: Transform raw data into a usable format

Processing Tasks:

File Organisation Structure:

/Investigation_Name_Date/
  /Raw_Data/
    /Social_Media/
      /Facebook/
      /LinkedIn/
      /Twitter/
    /Public_Records/
    /News_Articles/
    /Images/
  /Processed_Data/
    /Profiles/
    /Timelines/
    /Relationships/
  /Analysis/
  /Reports/

Phase 4: Analysis and Production

Purpose: Transform processed data into intelligence

Analysis Techniques:

The 3-Source Rule: Always try to verify important information through at least three independent sources:

  1. Primary source (original)

  2. Secondary source (different platform/database)

  3. Tertiary source (additional confirmation)

Confidence Levels:

Phase 5: Dissemination and Feedback

Purpose: Deliver intelligence to stakeholders

Report Components:

Feedback Integration: