This set of GCHQ minutes from 29 February 2008 describes a set of tools that were under development at that point, including the metadata analysis tool KARMA POLICE: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
This GCHQ presentation from March 2009 describes the BLACKHOLE database used to store raw metadata records from TEMPORA, with about 10 billion records being added each day: see the Intercept article Profiled: From Radio to Porn, British Spies Track Web Users’ Online Identities, 25 September 2015.
This short extract from a GCHQ Network Analysis Centre report covering the period July-September 2011 describes “offensive cyber operations” against Iran, Argentina and Libya: see the Intercept article Britain Used Spy Team to Shape Latin American Public Opinion on Falklands, 2 April 2015.
This GCHQ presentation from 2011 provides the background to the agency’s hacking attack on Belgacom: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.
These screenshots from GCHQ’s internal GCWiki describe progress on the MTI (Mastering the Internet) cable access project, also known as Tempora. Prominent within these reports is the close cooperation with corporate partner Cable & Wireless / Vodafone, codenamed GEROTIC: see the Süddeutsche Zeitung article Snowden-Leaks: How Vodafone-Subsidiary Cable & Wireless Aided GCHQ’s Spying Efforts, 25 November 2011.