CIA

	Warning! The following may feature disinfo, psy-ops, or other infohazards.
	Proceed with caution.

	Mazel tov! CIA is Kosher! The content of this page has been fact-checked by real Israeli patriots.

The Central Intelligence Agency (CIA) is the main security department of the United States. Its members are commonly referred to as glowies or glowniggers because they are bioluminescent and emit a green light if that matters. Unlike jannies, glowies have a greater scope in terms of who or what they deal with; in most cases, they take down pedophiles and other disturbing criminals. They're also all full of aryans btw.

FUN FACT: The motto of the NSA is "Collect It All, Process It All, Exploit It All, Partner It All, Sniff It All, Know It All.", this was leaked from internal slides.

All the info of what the CIA does below is ALL used for good purposes. You VILL NOT question the brave heroes, chuddy.

• ECHELON (1947–ongoing) – Global signals intelligence collection network (NSA + Five Eyes)
• ThinThread (2001) – Precursor to StellarWind, had built-in privacy protections but was canceled
• Trailblazer Project (2002–2005) – Failed $4B+ data mining replacement for ThinThread
• StellarWind (Oct 2001–2011) – Bush's illegal warrantless wiretapping & bulk metadata program (revealed by Thomas Tamm & Snowden)
• PRISM (2007–present) – Direct access to the databases of (((Google, Facebook, Apple, Microsoft, Yahoo))), etc.
• MYSTIC + SOMALGET (2009–present) – Records 100% of phone calls of entire countries (e.g. Bahamas, Afghanistan, Mexico, Philippines, Kenya)
• DISHFIRE (2010–present) – Collects ~200 million SMS text messages per day worldwide
• XKeyscore (2008–present) – "Widest-reaching" NSA system, lets analysts search nearly everything a user does on the internet without authorization
• Bullrun / Edgehill – NSA program to deliberately weaken encryption standards (RSA, Dual_EC_DRBG, etc.)
• MUSCULAR (2010–2013) – Tapped the private fiber links between Google/Yahoo data centers overseas (UK GCHQ joint op)

• Boundless Informant – NSA's internal "heat map" of how many records it collects per country
• GHOSTMACHINE – Cloud analytics platform
• Tempora (GCHQ) – Full-take buffering of transatlantic fiber cables for 30 days
• Upstream collection (FAIRVIEW, STORMBREW, BLARNEY, OAKSTAR) – Tapping internet backbone inside US
• CO-TRAVELER – Tracking 5+ billion location records per day via cell phones
• Optic Nerve (GCHQ) – Captured webcam images from 1.8 million Yahoo users (many nude)
• QUANTUM (QUANTUMINSERT, QUANTUMHAND, QUANTUMBOT, etc.) – Man-on-the-side attacks to redirect targets to FOXACID exploit servers
• TURMOIL – Passive sensors on backbone
• TURBINE – Active command & control for millions of implants
• EGOTISTICALGIRAFFE – Breaking Tor (compromised 2013)
• HappyFeet / RoadBait – Geolocating targets via phone apps

• Weeping Angel (2014) – Samsung Smart TV implant (turns TV into listening device even when "off")
• HammerDrill – Implants Windows machines via infected CD/DVD
• Archimedes – Man-in-the-middle attack tool
• Athena/Hera – Windows implant family (Athena can survive OS reinstall)
• AfterMidnight / Assassin – Windows malware frameworks
• Pandemic – Turns Windows file servers into infection vectors for entire networks
• Grasshopper – Custom malware builder to evade antivirus
• Marble – Obfuscates code to hide CIA authorship
• HIVE / CherryBlossom – Compromises home/business routers & wireless access points
• Brutal Kangaroo – Air-gapped network jumping via USB
• Fight Club / RickyBobby – iPhone & Android implants
• Sonic Agitator – Makes phones vibrate to trigger hardware implants
• Bee Sting – Infects via USB sticks
• SnowyOwl / Gyrfalcon – Linux implants
• BothanSpy / Gyrfalcon – Steals SSH credentials on Windows/X11
• YarnBall – iOS implant that steals location even when off
• UMBRAGE – Library of foreign malware signatures to frame other countries (Russia, China, Iran, NK)
• DarkSeaSkies / NightSkies – Mac OS X and iPhone implants (NightSkies was on new iPhones from factory as early as 2008)
• DerStarke / Protego – Missile control system implant (yes, actual missile guidance systems)
• PocketPutty – Remote command execution on Windows
• Cannoli – UEFI persistence

• EternalBlue, EternalRomance, EternalSynergy, EternalChampion – SMB exploits (used in WannaCry, NotPetya)
• DoublePulsar – Backdoor implant used with above
• Exploits for Cisco, Juniper, Fortinet, TopSec firewalls
• UNITEDRAKE – Modular Windows implant (used since ~2006)
• DanderSpritz – Post-exploitation framework (like Metasploit but NSA)
• FuzzBunch – Exploit framework (like Metasploit)
• EPICBANANA – Privilege escalation on Cisco PIX
• ETERNALSYNAPSE – Remote root on HP printers
• BANANAGLEE – Persistent storage of stolen data on target
• ZESTYLEAK – iPhone bootrom exploit
• EWOKFRENZY – VMware ESXi exploitation

• WINDSTOP / MONKEYCALENDAR (2016–present) – Collects all SMS in certain countries
• Project 6 (NSA) / DarkMatter (UAE) – iPhone zero-click exploits sold to UAE
• Quantum SquID – Skype video/audio interception
• SPINALTAP – Linux kernel implants
• INCENSER – Implant on fiber-optic repeaters
• GINSU / KONGUR – Persistent implant for air-gapped systems via PCIe hardware cards
• Cottonmouth-I, -II, -III – USB & Firewire hardware implants (look like normal cables, exfiltrate over RF)
• NIGHTSTAND – Wireless exploit injection from up to 8 miles away
• SURLYSPAWN – Keystroke logger over RF
• RAGEMASTER – Retro-reflector on VGA cable (records screen via radar from outside building)
• LOUDAUTO – Microphone implant hidden in audio jack
• DROPOUTJEEP – iPhone implant (claimed 100% success rate in 2013 docs)
• TOTEGHOSTLY – Mobile phone implant over WiFi
• PHOTOANGLO (GCHQ/NSA) – iPhone location/data exfil
• ICREACH (2007–present) – Google-like search engine sharing 850 billion+ records with 23 US agencies + Five Eyes

• ECHELON (1947–ongoing)
• ThinThread (2000–2001) – canceled because it had privacy protections
• Trailblazer Project (2002–2005) – failed $4B replacement
• StellarWind (Oct 2001–2011) – Bush-era illegal bulk collection

• RAGEMASTER – VGA cable retro-reflector (screen capture via radar)
• LOUDAUTO – Hidden microphone in audio jack
• SURLYSPAWN – RF keystroke logger
• CTX4000 – Radar unit for RAGEMASTER
• NIGHTSTAND – Wireless exploit injection from 8 miles away
• IRATEMONK – Hard drive firmware implant
• STRAITBIZARRE – PCIe hardware implant
• SWAP – BIOS/UEFI reflashing implant
• WISTFULTOLL – UEFI implant on ASUS, Dell, HP, etc.
• DEITYBOUNCE – Dell PowerEdge BIOS implant
• GODSURGE – Juniper firewall JLoader implant
• STUXNET & DUQU / DUQU 2.0 (NSA/Israel)
• HEADWATER – Persistent backdoor on Huawei routers
• HALLUXWATER – Huawei bootkit
• Cottonmouth-I/II/III – USB/FireWire hardware implants with RF exfil
• TRINITY – Intel-based implant chip (used in Cottonmouth)
• TAWDRYYARD – Hidden beacon in USB plug
• GINSU / KONGUR – PCIe hardware persistence for air-gapped systems
• INCENSER – Implant on fiber-optic repeaters
• SPINALTAP – Linux kernel implants
• UNITEDRAKE – Modular Windows implant (2006–present)
• DanderSpritz – NSA post-exploitation framework
• FuzzBunch – NSA exploit framework
• PICASSO – iPhone call/SMS interception tool
• VALIDATOR – Early iPhone exploit chain
• DROPOUTJEEP – iPhone implant (claimed 100% success rate by 2013)
• TOTEGHOSTLY – Mobile implant over Wi-Fi
• NIGHTSKIES – Factory-installed iPhone implant (as early as 2008)
• DARKSEASKIES – Mac OS X implant suite

• PRISM (2007–present)
• Upstream collection (FAIRVIEW, STORMBREW, BLARNEY, OAKSTAR)
• MUSCULAR (2010–2013) – Google/Yahoo inter-datacenter links
• Tempora (GCHQ) – Full-take on transatlantic cables
• XKeyscore (2008–present) – “search everything a user does on the internet”
• MYSTIC + SOMALGET (2009–present) – 100% recording of entire countries’ phone calls
• DISHFIRE – ~200 million SMS per day globally
• CO-TRAVELER – 5+ billion daily location records
• QUANTUM family (QUANTUMINSERT, QUANTUMHAND, QUANTUMBOT, etc.)
• TURMOIL – Passive backbone sensors
• TURBINE – Active C2 for millions of implants
• Bullrun / Edgehill – Deliberate cryptographic weakening
• ICREACH (2007–present) – Google-style search for 850+ billion records across 23+ agencies
• MAINWAY – Trillions of phone call metadata records
• MARINA – Internet metadata repository
• NUCLEON – Voice content repository
• PINWALE – Text content repository
• FASCIA – Mobile device identifier database (hundreds of billions)
• BANYAN, CADENCE, TREASUREMAP, GHOSTMACHINE, Boundless Informant
• SHELLTRUMPET – 1+ trillion metadata records processed by 2012
• SKYSCRAPER – Global Wi-Fi location collection
• SPARKINGPIGEON – Undersea cable landing stations
• RAMPART-A – Cable tapping with Denmark, Norway, Germany, France
• RAMPART-T – Middle East cable tapping

• Weeping Angel – Samsung Smart TV microphone implant
• HammerDrill – CD/DVD Windows implant
• Archimedes – MitM tool
• Athena/Hera – Windows implant (survives OS reinstall)
• AfterMidnight / Assassin – Windows malware frameworks
• Pandemic – Turns file servers into infection vectors
• Grasshopper – Custom malware builder (AV evasion)
• Marble – Code obfuscation to hide CIA authorship
• HIVE / CherryBlossom – Router/wireless AP compromise
• Brutal Kangaroo – Air-gapped USB jumping
• BothanSpy / Gyrfalcon – SSH credential theft
• YarnBall – iOS location exfil even when off
• Sonic Agitator – Phone vibration trigger
• Bee Sting – USB stick infection
• DerStarke / Protego – Missile control system implant
• Tomahawk – Cruise missile guidance implant
• HighRise – Android SMS redirector
• FineDining – 24 trigger methods (USB, email, etc.)
• CouchPotato – Remote webcam viewing
• MaddeningWhispers – Ultrasonic audio exfil from air-gapped PCs
• DumbScore – Lowers AV detection scores
• QuarkMatter – UEFI Windows implant
• UMBRAGE – Library of foreign malware signatures for false flags

• EternalBlue, EternalRomance, EternalSynergy, EternalChampion
• DoublePulsar, Exploits for Cisco, Juniper, Fortinet
• EXPLODINGCAN, ESTEEMAUDIT, EXTRA BACON, EMERALDTHREAD
• ERRATICGOPHER, ELIGIBLEBOMBSHELL, ESCALATEPLOWMAN
• ECLIPSEDWING, ZIPPYBEER, EWOKHAVEN, etc.

• ForcedEntry (2021) – Zero-click iMessage exploit (NSO-level)
• Project 6 / DarkMatter iPhone zero-click exploits
• WINDSTOP / MONKEYCALENDAR – Full SMS collection in target countries
• BLACKPEARL – Prepaid SIM card data worldwide
• PHOTOANGLO – iPhone exfil (joint GCHQ/NSA)