Listen to this Post
Introduction:
In the shadowy world of Open-Source Intelligence (OSINT), financial data is the crown jewel—revealing not just who owns a company, but who they owe, who they sue, and whether they are on the brink of collapse. While most analysts focus on social media or domain records, the real battleground lies in corporate registries. Iberinform, the intelligence arm of Crédito y Caución, offers a legal backdoor into the balance sheets, judicial histories, and international structures of millions of businesses. This tool transforms raw data into actionable risk intelligence, making it indispensable for penetration testers conducting due diligence, fraud investigators, or red-teamers mapping high-value corporate targets.
Learning Objectives:
- Navigate Iberinform to extract hidden financial liabilities and judicial incidents of a target entity.
- Correlate Spanish corporate data with international subsidiaries using cross‑reference techniques.
- Utilize command‑line tools to verify and enrich data extracted from business intelligence platforms.
You Should Know:
1. Navigating Iberinform for Initial Target Reconnaissance
Iberinform functions similarly to a standard business directory but with forensic depth. Start by accessing the platform at https://www.iberinform.es/. The free tier allows basic searches by company name, tax ID (NIF/CIF), or activity sector. For OSINT purposes, this is the entry point.
Step‑by‑step guide:
- Query the target: Enter the exact legal name or CIF. Note the returned data: legal address, incorporation date, and activity code (CNAE).
- Analyze the “Activity and Structure” section: This reveals the number of employees and a breakdown of the company’s operations. For a penetration test, this helps profile the target’s size and potential attack surface.
- Extract the data manually or via browser automation (Selenium): If you need to scale this, a Python script can automate searches. Example snippet:
from selenium import webdriver from selenium.webdriver.common.by import By</li> </ol> driver = webdriver.Chrome() driver.get("https://www.iberinform.es/") search_box = driver.find_element(By.NAME, "query") Hypothetical selector search_box.send_keys("TARGET_CIF") search_box.submit() Extract page source and parse with BeautifulSoup4. Export to CSV: Most corporate databases offer a CSV export. Use this to build a spreadsheet of multiple targets for comparative risk analysis.
2. Extracting Financial Risk Scoring and Solvency Data
The core value of Iberinform is its “Risk Scoring” and “Financial Information” modules. These provide a credit rating (similar to a Moody’s score) and detailed annual accounts.
Step‑by‑step guide:
- Navigate to the financial tab: After searching for a company, locate the financial health section.
- Interpret the scoring: Iberinform uses a color-coded system (Green = Low Risk, Red = High Risk). For a red-team engagement, a high-risk (financially unstable) company might be more susceptible to insider threats or spear-phishing due to internal layoffs or distress.
- Check the “Impagos” (Defaults) registry: This lists unpaid debts and judicial demands. This is critical intelligence—if a key executive is personally named in a default, they become a high-value phishing target.
- Verify data with external sources: Use the following Linux command to check if the company’s domain is still active or has been seized due to bankruptcy:
Check domain registration and SSL certificate expiry for the target's main site whois targetcompany.es | grep -E "Expiry|Creation" Use curl to check HTTP response codes (404 might indicate business closure) curl -I https://www.targetcompany.es
3. Mapping Corporate Hierarchies and Director Links
One of the most powerful OSINT techniques is link analysis—finding connections between companies through shared directors or administrators. Iberinform provides the “Historial de Administradores.”
Step‑by‑step guide:
- Go to the “Administrators” section: Here you will find the names, appointment dates, and cessation dates of all board members and managers.
- Extract the names: Copy the full names of key individuals (CEO, CFO, IT Director).
- Cross-reference with LinkedIn (via the `social-analyzer` tool): Use a CLI tool to see if these individuals have publicly listed their roles, confirming the data.
Assuming social-analyzer is installed social-analyzer --username "Name Surname" --mode fast
- Build the link map: Take the extracted names and run them back through Iberinform as a new search. You will often find that the same director sits on the board of multiple, seemingly unrelated, companies. This reveals the true structure of a corporate group.
4. Investigating Judicial Incidents and Legal Proceedings
Iberinform aggregates data from the Official State Gazette (BOE) and commercial registries regarding lawsuits, bankruptcies (concursos de acreedores), and embargoes.
Step‑by‑step guide:
- Access the “Judicial Incidents” tab: This is often buried under “Risk Analysis.”
- Review the case details: Note the court, case number, and type of proceeding (e.g., layoffs, debt collection).
- Validate the case number via official government portals: Use `curl` to query the Spanish Judicial Documentation service (if available) to see if the case is still active.
Example: Search for the case number on a public judicial site (hypothetical endpoint) curl -X POST https://www.poderjudicial.es/search/ -d "caseNumber=1234/2024"
- Geolocate the court: Use the court’s address to understand the jurisdiction. In corporate espionage, knowing which local court handles a company’s affairs can be useful for social engineering pretexts (e.g., impersonating a court officer).
5. Leveraging International Coverage for Multi‑National Targets
Iberinform’s unique selling point is its access to reports on companies in over 200 countries via its network (Crédito y Caución is part of the Euler Hermes group). This allows for cross-border verification.
Step‑by‑step guide:
- Initiate an “International Report” request: This is usually a paid feature, but the presence of international data can be confirmed for free.
- Correlate with WHOIS data: If the Spanish subsidiary is “Target Spain S.L.” and the parent is in Germany, check the domain registration of the German parent.
Find IP ranges owned by the international parent company whois parentcompany.de | grep -i "netname" Use Amass to enumerate subdomains of the parent's main domain amass enum -d parentcompany.com
- Analyze cross-border payment incidents: If Iberinform shows that the Spanish arm has defaulted on payments to a German supplier, this indicates supply chain friction—a potential entry point for a business email compromise (BEC) attack by impersonating that supplier.
6. Automating Data Extraction with API Recon
While Iberinform may not have a public OSINT API, large corporate intelligence platforms often provide backend APIs used by their web interfaces. You can reverse-engineer these for automated data collection.
Step‑by‑step guide (Ethical Considerations Apply):
- Open Developer Tools (F12) in your browser while searching on Iberinform.
- Go to the “Network” tab and look for XHR/Fetch requests that return JSON data.
- Identify the endpoint: You might find a URL like `https://api.iberinform.es/v3/company/risk/{CIF}`.
- Test the endpoint with
curl: Send a request with the appropriate headers copied from your browser session.curl -H "User-Agent: Mozilla/5.0" -H "Authorization: Bearer YOUR_SESSION_TOKEN" \ https://api.iberinform.es/v3/company/risk/B12345678
- Parse the JSON: Use `jq` to extract specific fields like financial score or administrator names.
curl [bash] | jq '.data.financial_score, .data.administrators[].name'
Note: Respect `robots.txt` and terms of service. This is for educational purposes regarding API structures.
What Undercode Say:
- Data Correlation is King: Iberinform is not a standalone solution. Its true power emerges when you combine its financial risk data with technical infrastructure data (domains, IPs) and social media profiles of its directors. The financial motive often explains the technical attack.
- The Human Factor in Financial Data: The “impagos” and judicial records often point to stressed individuals. In social engineering, knowing a target is facing a lawsuit or bankruptcy provides a powerful, albeit sensitive, pretext for engagement. It lowers their guard if you approach them with a “solution” to their financial woes.
- International OSINT Requires Patience: While Iberinform boasts 200-country coverage, the depth of data varies. Always verify international reports against local registrars using native-language search terms. The tool is a pointer, not the final verdict.
Prediction:
As financial regulations tighten and cross-border commerce increases, platforms like Iberinform will evolve from passive databases to active monitoring systems. We predict the integration of real-time payment alerts and AI-driven predictive failure analysis. For the OSINT community, this means the battleground will shift from simply finding data to interpreting machine-learning risk scores. Analysts will need to become hybrid professionals—part forensic accountant, part penetration tester—to understand not just that a company is at risk, but why the AI thinks so, and how to exploit that weakness technically or operationally before the company itself is aware of the danger.
▶️ Related Video (90% Match):
🎯Let’s Practice For Free:
IT/Security Reporter URL:
Reported By: Osint Osint – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeTesting & Stay Tuned:
