How I turned ChatGPT into an intelligence analyst


After playing the military-grade cyber operations simulator NITE Team 4 and using the game’s version of the leaked NSA’s mass surveillance tool XKeyscore, I realized that both XKeyscore and ChatGPT share a fundamental ability: pattern recognition analysis.

Outside the simulator, XKEYSCORE is a real NSA dragnet surveillance system and analytical platform that was leaked by whistleblower Edward Snowden back in 2013. In other words, it's an analyst's dream and privacy advocate’s nightmare.

However, after playing with this module in the game, which lets players drag and drop investigative data points to uncover connections between people and places, it dawned on me that I was already using ChatGPT in a similar way.

ADVERTISEMENT

Whether analyzing source code or parsing through chats between my girlfriend and me during relationship spats (where ChatGPT refused to take my side) I was mapping patterns and interpreting context, just like in the game.

Join 25,260+ followers on Google News

With ChatGPT’s ability to recognize patterns, I decided to take ChatGPT to the next level, and the results were insane. Not only can it analyze data in ways similar to surveillance-style logic, but it also functions as a reasoning engine with the power to build context.

I don’t work with or for any government. But everyday users like you and me can still organize and execute our own intelligence operations. After all, there’s no shortage of bad actors across the web, from stalkers to child predators, and within the hacker circles I move through, these skillsets aren’t unusual, although most groups seem to have only a very general grasp of OSINT and intelligence gathering.

This puts me in proximity to volumes of data, whether I’m crawling various hacker forums, chats, or Telegram groups. In the past I had to rely on an unhealthy amount of energy drinks just to contend with the fact that I’m only human, with mountains of data to sift through.

But now, I’ve found an unlikely ally in my threat intelligence work, one that isn’t hindered by human limitations. What did I do with this newfound ally of mine?

Now that’s the question.

Profiling hacktivist groups with pattern recognition

ADVERTISEMENT

I’m always watching hackers because I’m on a quest to uncover the greatest hack, get the scoop on activities targeting industrial control systems, and find solutions to mitigate attacks that could jeopardize human life without involving law enforcement.

I was already sitting in a pro-Palestinian Anonymous hacktivist group chat on Telegram, which basically served as a dump site for “news vomit.” The languages were a combination of Arabic, Hebrew, and English, and Google Translate isn’t always very useful since it lacks deep contextual understanding.

I exported the entire chat into a .Zip file, excluding files and videos, and ran it through ChatGPT with a variety of queries to satisfy my intelligence needs, including producing a report. It unpacked the archived file and began scanning the contents.

Here are some things to consider:

  • Upload Limitations: ChatGPT has a file size quota of 512MB per upload and a 10-file max upload limit.
  • Solution: You can query ChatGPT to join files and reduce their number.

ChatGPT extracted and indexed all the messages, analyzed them, and organized its findings. It produced a timeline and extracted timestamps for every post.

Since Telegram automatically removes all EXIF data from photos that aren’t zipped, I wasn’t able to extract any. However, if the EXIF data hasn’t been stripped away, ChatGPT can analyze the image files and determine whether they were taken by the same camera.

However, it was able to enumerate a list of the highest volume posters, all bearing stylistic uniformity, which is a strong indication that these various accounts were being operated by the same individual, among other factors. After analyzing the time stamps, I now knew more about which time zones the individual was likely posting from.

ChatGPT investigation
This image is not from the investigation, but offered as a simplified example or using ChatGPT to create relationship graphs.

This makes ChatGPT ideal for identifying sock accounts and connecting accounts to possible time zones.

ADVERTISEMENT
ChatGPT investigation

ChatGPT generated a heat map showing the online activity of four accounts that it strongly suggests belong to a single user operating different accounts. The darker the red, the higher the volume of messages posted by that particular user (censored) during that hour. The number within each cell shows how many messages were posted that hour.

ChatGPT

Building the psychological profile

Whenever I’m investigating something, there are basic criteria that interest me:

  • The subject’s geopolitical ideology or alignment
  • Hacktivism ideology
  • The type of targets
  • Strength of the group

Although this isn’t conclusive, you get the gist. I wanted to know whether the group openly supported national or paramilitary groups, agendas, or designated terrorist organizations.

They checked every box except direct logistical collaboration and material support. Instead, this Anonymous group aligned psychologically, amplifying narratives, media, and talking points commonly associated with terrorist entities.

Does this mean Anonymous, as a whole, shares these views? Absolutely not! But some Anonymous subcompartment groups do, both deliberately and consequentially. The group I observed didn’t pledge their allegiance to any organization beyond Anonymous itself, but its posts consistently danced upon the legal threshold for “material support” while promoting ideologies aligned with the following:

  • Hezbollah: The group flooded the channel with media preferred by Hezbollah, echoing its resistance framing and visual style.
  • Hamas: Actions by Hamas were repeatedly framed as legitimate “resistance.”
  • IRGC (Iranian Revolutionary Guard Corps): The group frequently praised “Iranian brothers” and echoed “Axis of Resistance” rhetoric.
ADVERTISEMENT

But to the hacktivists drinking the poisonous Kool-Aid, they may never see it. The chat, like many others, functioned as a live theme park for psychological and emotional control with its mentally jolting imagery, blending news, half-truths, and unverified claims, all framed as “facts.”

This reminded me of yet another reason why I left Anonymous and hung up the mask. At its core, this group was a propaganda engine, weaponizing rage and manipulating facts at scale. If the media they shared looked shocking and believable, it was fair game to share it, weaponize it, and let it psychologically drive viewers to action.

This isn’t new to me. After all, those who know my story might remember that I was part of a religious cult for several years during my early 20s, so I am intimately familiar with the various mechanisms used for psychological control and manipulation.

But to the hacktivists drinking the poisonous Kool-Aid, they may never see it. The chat, like many others, functioned as a live theme park for psychological and emotional control with its mentally jolting imagery, blending news, half-truths, and unverified claims, all framed as “facts.” It had all the right ingredients for shaping collectivist radicalization by cultivating a sense of urgency, helplessness, and the need to act now.

Interestingly, this environment serves as an ideal blueprint for architecting a space designed to emotionally flood viewers, with the goal of triggering outrage, recruitment, and activation. When this spills over onto social media, and they flood those platforms with propaganda, they’re mass-distributing emotional clickbait to the public at scale.

Is this what hacktivism looks like? Or psychological warfare?

After all, users aren’t really fact-checking things they see or hear anymore.

AI voice detection and linguistic patterns

I was able to grab voice recordings and use them as samples to analyze authentic voice recordings against an AI-created version. I know I’ve been asking a lot from my ChatGPT, but the results were interesting. It was able to inspect each file and break down each recording on a molecular level to produce insightful results.

For example, AI recordings often have hyper-consistent tone and inflection and don’t usually change dynamically unless well modeled. Human speech uses natural fluctuation, slight vocal strain, and changes in emotional tone. AI usually lacks breath sounds, and if breathing sounds are used, they're usually awkward, creating unnatural pauses.

ADVERTISEMENT

It couldn’t detect my accent the same way humans do – it could only analyze waveform properties and other elements. However, by examining my linguistic patterns, it identified that I was speaking English and that my accent, based on those patterns, strongly suggested I was originally from North America, with a slightly western or southern inflection.

Guess what? I’m from Texas.

Creating a master OSINT query list

Through a lot of trial and error, I developed a streamlined master OSINT query list so I wouldn’t have to spend all day trying to understand my investigative targets, potentially missing vital information that could prove useful.

Building the process took an entire day, and I’m still tweaking it here and there. But the end result generates full intelligence reports, complete with statistical graphs and a download link to save everything as a PDF.

What do you use your ChatGPT for? :)