Listen to this Post

Introduction:
Open-source intelligence (OSINT) aggregation has traditionally been fragmented across dozens of platforms, requiring analysts to manually correlate satellite feeds, economic indicators, conflict data, and social sentiment. Crucix changes this paradigm by pulling 27 live intelligence feeds in parallel every 15 minutes, rendering everything on a self-contained 3D WebGL globe with real-time market data, nuclear monitoring, and space tracking. This article dissects the technical architecture of Crucix, provides step-by-step deployment guides, and explores how to integrate LLMs for automated threat briefings and trade idea generation.
Learning Objectives:
- Deploy a self-hosted OSINT dashboard using Node.js that aggregates satellite, radiation, flight, and economic data from 27 open-source feeds without cloud dependencies.
- Configure multi-tier alerting to Telegram and Discord, and implement LLM-based natural language commands like `/brief` and `/sweep` for two-way intelligence assistance.
- Harden the dashboard against API leakage, implement rate limiting for external feeds, and apply Linux/Windows security controls to prevent telemetry and unauthorized access.
You Should Know:
- Deploying Crucix from Scratch – Node.js Server with WebGL Globe
Crucix runs entirely on `node server.mjs` – no cloud, no subscriptions. Below is a step-by-step guide to set up the core dashboard on Linux (Ubuntu 22.04) or Windows (WSL2 recommended).
Step 1: Install Node.js and Dependencies
Linux (Ubuntu/Debian) curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - sudo apt install -y nodejs git node -v Should show v20.x Windows (PowerShell as Admin) winget install OpenJS.NodeJS Then enable WSL2 for better performance: wsl --install
Step 2: Clone Crucix Repository and Install Modules
git clone https://github.com/crucix-osint/crucix-dashboard.git Hypothetical URL – replace with actual cd crucix-dashboard npm install express socket.io axios globe.gl yahoo-finance2 cheerio puppeteer
Step 3: Configure the 27 OSINT Feeds
Edit `config/feeds.json` to enable/disable sources. Example snippet:
{
"fire_detection": "https://firms.modaps.eosdis.nasa.gov/api/area/csv/",
"flight_tracking": "https://opensky-network.org/api/states/all",
"radiation": "https://api.safecast.org/measurements.json",
"satellites": "https://celestrak.com/NORAD/elements/gp.php?CATNR=25544",
"market_prices": "https://query1.finance.yahoo.com/v8/finance/chart/^GSPC"
}
Step 4: Launch the Dashboard
node server.mjs --port 8080 --update-interval 900000 15 minutes = 900,000 ms
Access at `https://localhost:8080` (self-signed SSL generated on first run).
Security Hardening Commands:
– Block external telemetry: `sudo iptables -A OUTPUT -d 35.186.224.0/19 -j REJECT` (Google telemetry ranges)
– Run as non-root user: `sudo useradd -r -s /bin/false crucix && sudo -u crucix node server.mjs`
2. Integrating LLM as a Two-Way Intelligence Assistant
Crucix can hook into any LLM (local with Ollama or cloud via API) to process natural language commands like `/brief Lebanon` or /sweep energy sector.
Step-by-Step LLM Integration:
Step 1: Install Ollama for Local LLM (No API Key)
curl -fsSL https://ollama.com/install.sh | sh ollama pull mistral:7b-instruct Lightweight, runs on 8GB RAM
Step 2: Create the LLM Bridge Script (`llm_bridge.py`)
import requests, json, subprocess
from flask import Flask, request
app = Flask(<strong>name</strong>)
@app.route('/command', methods=['POST'])
def handle_command():
cmd = request.json['text']
if cmd.startswith('/brief'):
location = cmd.split()[bash]
Fetch OSINT summary from Crucix internal API
osint_data = requests.get(f'http://localhost:5000/api/sweep?region={location}').json()
prompt = f"Summarize key threats and opportunities from this data: {osint_data}"
Call Ollama
result = subprocess.run(['ollama', 'run', 'mistral:7b-instruct', prompt], capture_output=True, text=True)
return result.stdout
elif cmd.startswith('/sweep'):
Return delta changes since last sweep
delta = requests.get('http://localhost:5000/api/delta').json()
return f"New signals: {delta['new']}, Escalations: {delta['escalations']}"
else:
return "Unknown command. Try /brief [bash] or /sweep"
if <strong>name</strong> == '<strong>main</strong>':
app.run(port=5001)
Step 3: Connect to Telegram Bot
Create bot via @BotFather on Telegram, get TOKEN npm install node-telegram-bot-api
Create `telegram_bot.js`:
const TelegramBot = require('node-telegram-bot-api');
const axios = require('axios');
const token = 'YOUR_BOT_TOKEN';
const bot = new TelegramBot(token, { polling: true });
bot.onText(/\/brief (.+)/, async (msg, match) => {
const location = match[bash];
const resp = await axios.post('http://localhost:5001/command', { text: `/brief ${location}` });
bot.sendMessage(msg.chat.id, resp.data);
});
bot.onText(/\/sweep/, async (msg) => {
const resp = await axios.post('http://localhost:5001/command', { text: '/sweep' });
bot.sendMessage(msg.chat.id, resp.data);
});
console.log('Telegram bot running');
Step 4: Multi-Tier Alerting to Discord
const { WebhookClient } = require('discord.js');
const webhook = new WebhookClient({ url: 'YOUR_DISCORD_WEBHOOK_URL' });
// Inside sweep delta check
if (delta.severity === 'high') {
webhook.send({ content: <code>🚨 HIGH ALERT: ${delta.message}</code>, username: 'Crucix' });
}
- Live Market Data & Risk Gauges – Yahoo Finance Without API Key
Crucix scrapes Yahoo Finance endpoints that don’t require authentication. Below is the extraction logic and risk gauge calculation.
Step 1: Fetch VIX (Volatility Index)
// market.js
const yahooFinance = require('yahoo-finance2').default;
async function getMarketData() {
const vix = await yahooFinance.quote('^VIX');
const spy = await yahooFinance.quote('SPY');
const highYieldSpread = (await yahooFinance.quote('HYG')).regularMarketPrice -
(await yahooFinance.quote('SHY')).regularMarketPrice;
return {
vix: vix.regularMarketPrice,
spyChange: spy.regularMarketChangePercent,
highYieldSpread: highYieldSpread,
supplyChainPressure: await calcSupplyChainIndex() // Custom from Baltic Dry Index
};
}
Step 2: Calculate Supply Chain Pressure Index (Baltic Dry + Freightos)
Using curl to fetch Freightos Baltic Index curl -X GET "https://www.freightos.com/freight-index/fbx" -H "User-Agent: CrucixBot" | jq '.index'
Step 3: Display Risk Gauges on Globe
<!-- In dashboard HTML, add gauge via Chart.js -->
<canvas id="vixGauge" width="200" height="200"></canvas>
<script>
const ctx = document.getElementById('vixGauge').getContext('2d');
new Chart(ctx, {
type: 'doughnut',
data: { datasets: [{ data: [vixValue, 100 - vixValue], backgroundColor: ['red', 'grey'] }] }
});
</script>
- Nuclear Watch & Space Tracking – Real-Time Radiation and Satellite Constellations
Crucix ingests live radiation readings from Safecast and EPA RadNet, plus CelesTrak for satellite tracking.
Step 1: Fetch Radiation Data (Safecast API)
Get latest 100 measurements in Japan curl "https://api.safecast.org/measurements.json?distance=100&latitude=35.68&longitude=139.76"
Step 2: EPA RadNet for US Air Monitoring
import requests
from bs4 import BeautifulSoup
RadNet data via CSV download
url = "https://www.epa.gov/radnet/radnet-air-monitoring-data"
response = requests.get(url)
soup = BeautifulSoup(response.text, 'html.parser')
csv_link = soup.find('a', href=lambda x: x and x.endswith('.csv'))['href']
df = pd.read_csv(csv_link)
gamma_readings = df['Gamma Exposure Rate (uR/hr)'].tail(10)
Step 3: Track Starlink/OneWeb Constellations from CelesTrak
Download TLE for all Starlink satellites wget https://celestrak.com/NORAD/elements/gp.php?GROUP=starlink&FORMAT=tle -O starlink.tle Count active satellites grep -c "^0 " starlink.tle
Step 4: Real-Time ISS Position for Globe Overlay
async function getISSposition() {
const res = await fetch('https://api.wheretheiss.at/v1/satellites/25544');
const data = await res.json();
return { lat: data.latitude, lng: data.longitude, velocity: data.velocity };
}
// Update globe marker every second
setInterval(async () => {
const iss = await getISSposition();
globe.pointOfView({ lat: iss.lat, lng: iss.lng, altitude: 2.5 }, 1000);
}, 1000);
- Conflict Data & Sanctions Lists – OSINT Feed Aggregation from 17 Telegram Channels
Crucix monitors 17 Telegram intelligence channels (e.g., IntelCrow, OSINTdefender) using Telegram API without a bot (requires user session for private channels).
Step 1: Set up Telethon for Telegram Scraping
pip install telethon
Step 2: Python Script to Aggregate Posts
from telethon import TelegramClient
import asyncio
api_id = YOUR_API_ID Get from my.telegram.org
api_hash = 'YOUR_API_HASH'
channels = ['@intelcrow', '@OSINTdefender', '@liveuamap', '@ConflictIntel']
async def main():
client = await TelegramClient('session', api_id, api_hash).start()
for channel in channels:
async for message in client.iter_messages(channel, limit=5):
if 'conflict' in message.text.lower() or 'sanctions' in message.text.lower():
print(f"[{channel}] {message.text[:200]}")
await client.disconnect()
asyncio.run(main())
Step 3: Merge with RSS and GDELT News Ticker
GDELT API for real-time news curl "https://api.gdeltproject.org/api/v2/doc/doc?query=cyber%20attack&mode=artlist&format=json"
Step 4: Auto-Scrolling News Ticker in Dashboard
<div class="ticker">
<div class="ticker__items" id="newsTicker"></div>
</div>
<script>
const ticker = document.getElementById('newsTicker');
setInterval(async () => {
const news = await fetch('/api/news').then(r => r.json());
ticker.innerHTML = news.map(n => `<span>🔴 ${n.headline}</span>`).join(' · ');
}, 30000);
</script>
- API Security & Cloud Hardening for Self-Hosted OSINT
Since Crucix has no telemetry but still reaches out to 27 external APIs, you must protect your own API keys and prevent DNS leaks.
Step 1: Encrypt Local Configuration
Using openssl to encrypt feeds.json
openssl enc -aes-256-cbc -salt -in config/feeds.json -out config/feeds.enc -k "YOUR_STRONG_PASSPHRASE"
Decrypt at runtime in server.mjs:
const crypto = require('crypto'); ... decipher = crypto.createDecipheriv(...)
Step 2: Rate Limiting Outbound Requests to Avoid IP Bans
// Using bottleneck package
const Bottleneck = require('bottleneck');
const limiter = new Bottleneck({ minTime: 60000 }); // 1 request per minute per source
const throttledFetch = limiter.wrap(fetch);
Step 3: Linux Firewall Rules for Ingress/Egress
Allow only localhost and specific outbound OSINT domains sudo iptables -P INPUT DROP sudo iptables -A INPUT -i lo -j ACCEPT sudo iptables -A INPUT -p tcp --dport 8080 -s 192.168.1.0/24 -j ACCEPT Local network only Outbound whitelist sudo iptables -A OUTPUT -d api.safecast.org -j ACCEPT sudo iptables -A OUTPUT -d query1.finance.yahoo.com -j ACCEPT sudo iptables -A OUTPUT -d celestrak.com -j ACCEPT sudo iptables -A OUTPUT -j DROP Block everything else
Step 4: Windows Defender Firewall with PowerShell
New-NetFirewallRule -DisplayName "Crucix-Inbound" -Direction Inbound -Protocol TCP -LocalPort 8080 -Action Allow -RemoteAddress 192.168.1.0/24 New-NetFirewallRule -DisplayName "Block-Outbound-Telemetry" -Direction Outbound -Action Block -RemoteAddress 35.186.224.0/19
7. Generating Actionable Trade Ideas with Signal Correlation
Crucix produces “leverageable ideas” either via LLM (with API key) or rule-based correlation without LLM.
Step 1: Signal Correlation Engine (No LLM)
correlate.py – watches for patterns
signals = {
'oil_spike': ['conflict in gulf', 'houthi attack red sea', 'vix > 25'],
'gold_buy': ['radiation spike > 0.5 uSv/h', 'sanctions list update', 'ruble drops > 10%']
}
def generate_ideas(sweep_data):
ideas = []
if sweep_data['vix'] > 25 and 'conflict' in sweep_data['telegram']:
ideas.append("Volatility surge + geopolitical tension → long VIX calls or short SPY")
if sweep_data['radiation'] > 0.5 and sweep_data['supply_chain'] > 120:
ideas.append("Radiation alert + supply chain pressure → buy gold ETF (GLD)")
return ideas
Step 2: LLM-Powered Trade Idea (OpenAI GPT-4)
export OPENAI_API_KEY="sk-..."
const { Configuration, OpenAIApi } = require("openai");
const configuration = new Configuration({ apiKey: process.env.OPENAI_API_KEY });
const openai = new OpenAIApi(configuration);
async function getLLMIdea(context) {
const prompt = <code>Based on this OSINT data: ${JSON.stringify(context)}, suggest 3 actionable trade ideas with rationale.</code>;
const response = await openai.createCompletion({ model: "gpt-4", prompt, max_tokens: 300 });
return response.data.choices[bash].text;
}
What Undercode Say:
- Self-hosted OSINT aggregation is now feasible for solo analysts – Crucix demonstrates that with Node.js, WebGL, and free APIs, you can replicate expensive commercial threat intelligence platforms for zero subscription cost.
- LLM integration transforms dashboards into proactive assistants – The ability to run `/brief Lebanon` from Telegram and receive a synthesized intelligence summary eliminates manual correlation, but requires careful prompt engineering to avoid hallucinations on critical data like radiation levels or conflict escalations.
- Security must focus on egress filtering and API key hygiene – Since Crucix reaches out to 27 external feeds, attackers could exploit misconfigured outbound rules to exfiltrate your dashboard data. The provided iptables and PowerShell rules are essential for production deployments.
Prediction: Within 18 months, open-source “Jarvis-style” intelligence dashboards will become standard for SOC analysts, independent journalists, and commodity traders. The convergence of real-time satellite, economic, and social sentiment into a single pane of glass – augmented by local LLMs – will erode the advantage of classified intelligence, democratizing threat awareness. However, this also lowers the barrier for malicious actors to automate target reconnaissance, forcing defenders to adopt similar tooling just to keep pace. The arms race will shift from data collection to correlation accuracy and alert fidelity.
▶️ Related Video (64% Match):
🎯Let’s Practice For Free:
IT/Security Reporter URL:
Reported By: Syed Muneeb – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


