सतर्क (Satark) means vigilant.
SatarkAI is an offline-first investigation workstation that helps police triage digital-fraud complaints. It takes the messy evidence victims actually submit — screenshots, voice notes, receipts, chat logs and suspicious text — and turns it into a single prioritised case file: what the media is, who is behind it, and which past complaints it connects to.
It is a prioritisation tool, not a fake/real oracle. Deterministic forensic facts anchor every verdict; neural models are advisory only, weighted by measured reliability. No single model is load-bearing, and no evidence ever leaves the machine.
Built for the Lumbini Province Police Hackathon (AI-weaponised crime detection).
Digital complaints arrive as scattered chaos, and officers lose hours sorting it by hand. Worse, fragmented tools hide patterns — the same fake photo, phone number or payment ID is reused across dozens of victims, but nobody sees the link. SatarkAI does both jobs in one offline workstation: it grades the media and maps the operator behind it.
- Chain of custody — every upload is SHA-256 hashed the moment it lands.
- Scrutiny priority — independent detectors are fused into a single HIGH / MEDIUM / LOW / REVIEW verdict with a plain-language rationale.
- Deterministic anchors — EXIF / GPS / C2PA provenance checks, Error Level Analysis (ELA) compression maps, and perceptual-hash (pHash) image-reuse.
- Neural advisory layers — image & video deepfake detection with Grad-CAM heatmaps, an AI-image ensemble, and synthetic / cloned-voice detection for audio.
- IOC extraction — URLs, domains, emails, IP addresses, phone numbers, social handles, payment IDs and transaction references pulled from raw text.
- Phishing scoring — typosquat and authority-impersonation analysis on links.
- Evasion cleanup — undoes common obfuscations (
g mail [dot] com, spaced-out digits, spelled domains, zero-width characters) before matching. - Profile search — traces usernames across Facebook, TikTok, Instagram, X, Telegram and more (optional Sherlock enrichment).
- Fraud-ring linking — shared indicators surface connected prior complaints automatically, drawn as a case graph with an immutable timeline.
- Reads Nepali (Devanagari) script and digits, with a bilingual EN / NE workspace and report.
- Validates NTC, Ncell and Smart Cell numbering with the +977 country code.
- Recognises local payment rails — eSewa, Khalti, IME Pay, ConnectIPS, Fonepay.
A bilingual (EN + NE) forensic report with the verdict, evidence, timeline, case graph and recommended next leads — exportable as PDF.
Built on a React dashboard, a FastAPI engine that orchestrates the forensic and OSINT modules, and a local SQLite case store. It runs CPU-only and offline by design; online OSINT enrichment (profile-link checks, Sherlock) is strictly opt-in so the tool stays evidence-safe.
See HOW_TO_RUN.md for environment setup and offline prep.
See LICENSE.