Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Techjournalisto Profile picture
@Techjournalisto
Sep 21 18 tweets 8 min read Twitter logo Read on Twitter
Scrolly
Howdy, fellow #OSINT #Journalist. I want to share with you my latest checklist for #OSINT #company investigations.

This way, you'll ensure you check all boxes when investigating... Links contain my go-to sources.... let's dive in (Version 1.0) - PDF at the end of 🧵 Image
We start with a company name... First up, 1. Gain a general overview of what you are dealing with. Google dork the firm, use a corporate wiki, understand jurisdiction & company form -> then check with business registries, that might be responsible... Image
4. Check for leaked data on the company and owner/managers: If you are suspecting a shell company, check OCCRP and @ICIJ Offshore leaks. If personal company data, search for ransomware leaks or country specific DBs (e.g for Russia). A list of my favs ...
Image
Image
5. Company website: There is much to hunt for. Probably most noteworthy, check for connections to other entities (unfurl, or redirects); Domain registration (WHOIS data), and content (track changes with Webarchive), & archive data (s.a. video, old PR releases)... Image
6. Legal history/Court cases/allegation - has the entity or its founders smelled fishy in the past, e.g human rights breach allegation...?
Check country/region, and perform in platform searches or e.g. #bankruptcies with names () neu.insolvenzbekanntmachungen.de/ap/suche.jsf
Image
7. Sanctioned or on a black list? That can be on an official (trading) sanction list, a blacklist for an industry (e.g for #shipping) or on the web (website scams or crypto scam abuse databases)... Image
8. check Intellectual property of company/owner. Country -> IP databases, in platform search or Google Dork for Patent/tech/trademark... Image
9. and 10. deals with import/export trading data - has the company done suspicious deals with abroad clients? Trace containers if needed.

Or If traded publicly, try #tradint (trading #OSIINT) Image
11. Identify traces of toxic lobbying of a company and its partners. There are various #lobbying registries I check, such as @ProPublica's, the one by the EU, Germany (latest added database)... Image
12. Check on corruption - there is a broader approach checking in various money laundering DBs, incl. the "Troika Laundromat", in Bird ind Bulgaria, and others, depending on what sort of jurisdiction the company is in.... In any case, worth signing up to aleph.occrp.org
Image
13. Data on Environmental and social issues: check ESG data, Corp Resp. reports of companies and TCFD reports, or if the company purchased voluntary carbon credits from a questionable source... Image
14. Investment analysis: Can be done by #socint (does a company owner have a boat in the Canary Islands or the company has other investments that dont appear on paper, but on social media), has the company questionable investors (start up funding pages?)... Image
15. Worth checking if there has been already a "Public data request" on a specific company, with information already shared online. There are a few databases I check regularly, such as Muckrock (US database), Fragdenstaat (German) or advanced search on , EUasktheeu.org
16. Employees, they can be sources if things go wrong, eyewitnesses for crimes/bad behavior (sometimes via anonymous feedbacks by employees, s.a. ), drawing networks () or on Linkedin via "interests" of a person.Kununu.com
littlesis.org
16.2 - but especially via domain and emails addresses, we end up finding sources within the company (, , or this: Hunter.io
experte.com/email-finder
& last but not least : 17. Visualize connections!

Company networks can span pages. In the end, connect the most important dots.

Owners with business operations -> crimes/breaches.

Neo4J, Gephi, Spiderfoot results, Maltego, Miro - all can be useful in bringing it all together Image
Conclusion: The work never ends. New data sources will open or close. But with this checklist, you are on the safe side to not miss anything.

Note: Sadly not at @gijn Summit this year. But hit me up on Twitter or via my colleagues of @sz. Thanks!

Link: companyinvestigationsv1.tiiny.site
2. Check the official registration details. Access details via transparency registers. If you know the region/country, check Gazettes, or industry. Check @OCCRP catalog for research databases. If a private company @opencorporates or national databases (SEC, NorthData, Drimble.... Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Techjournalisto

Techjournalisto Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Techjournalisto

Techjournalisto Profile picture
May 22
#WagnerGroup PMC is still active in #Mali.

Wagner's operation in UA may have distracted the reporting, but the story continues, with it the expansion, possible atrocities, the hunt for minerals and the looting... funding the war in Ukraine

An update: #OISNT thread Image
In mid-September 2022, 14 civilians of the Tuareg, a Berber ethnic minority, are allegedly killed by Wagner soldiers. Some 6km from a place called Nani, central Mali. Wagner was building a presence there, for months. Bodies are being shoved into a crater.. Image
...the crater was created earlier when a soldier allegedly ran over it with his motorcycle, which then exploded. As a response, civilians were killed and stuffed in this crater...
The violent & disgraceful behavior by Wagner mirrors to details of the massacre analyzed by the UN Image
Read 19 tweets
Techjournalisto Profile picture
Jan 12
Reiche in Privatjets wollen vermeiden, dass man ihnen auf die Finger schaut. Bei einer monatelangen Datenrecherche zusammen mit dem NDR zu #Privatjet Flügen kam das auch heraus -

Ein🧵 dazu wie Reiche im wortwörtlichen Sinne unter dem Radar fliegen
Lang ist es nicht her, im Dezember erst, dass Elon Msk den Twitter Account von Jack Sweeney, die Person hinter einer Jet-Tracking-App von Msk Flugzeug, "geshadowbanned" hat.

Was wir in DE finden, spiegelt das Problem etwas. Vollständige PJ Flüge Datensätze bleiben rar...
000de€ kosten diese granularen Daten, wenn vollständig. Sie werden von Firmen gehortet. Hinzukommt: Daten werden nicht als klar "Privatjets" ausgewiesen. Dazu brauchten wir viel Zeit. Mit dem Chaos der schwammigen Klassifizierung kommen Fehler in der Berechnung der Emissionen
Read 14 tweets
Techjournalisto Profile picture
Jan 11
On August 26, 2022, a bomb hits the colorful playground of RES kids Paradise in Mekelle, Ethiopia. Frames of the climbing area, painted walls, iron stilts, it's all that remains. The attack showed what the warring parties, that fought a bloody war in Tigray, were capable of
A🧵
A woman, let's call her Ayana, worked 5km away, heard the sound of the explosions & saw a fighter jet fly away after the impact. She found the charred bodies of two dead children on site. One of the first videos showed more bodies
ethiopiatigraywar.com/incident.php?i… Image
"Yes, I heard bombs & the sound of the jet & me as an aid worker & some of my co-workers gathered with their families at that place, at ResKidsParadise, where I saw that it was totally devastated & mothers were crying, looking for their children who were playing there", told me Image
Read 22 tweets
Techjournalisto Profile picture
Sep 6, 2022
What seems to be Russian trolls fabricated false media websites and even videos. We worked with two sites that emulate Sueddeutsche Zeitung.
#osint 🧵 how the actors went about...
First, I have to give it to the trolls, the site looks stunningly similar to the real thing. Logos, webicons, the js., the CSS, the links to the real site, all neatly in place.
1)
A search for the domain, in this case ...eutsche.me or ..eutsche.online will link back to the real main page.
The top level domains are cheap GoDaddy domains, proxied via the US company #Cloudfare, to disguise the identity of the trolls... sneaky 👟
2)
Read 11 tweets
Techjournalisto Profile picture
Mar 12, 2022
#Satellite investigations around #Ukraine crisis has many facets, opportunities & problems.
Short thread on potential for more research & findings
#OSINT, #Intelligence, #Ukraine️
#Journalism
1) Most obvious: Showing the sheer extent of destruction from high-res satellite images. Like here (my video eval video) on a destroyed warehouse in Stoyanka, Kyiv region. Maxar, March 10.
2) Satellite images can also help to dismiss #disinformation. Fake posts claimed that the warehouse in Stoyanka exploded/burned up in 2015. That's impossible. We see it untouched on dated images inf 2019 & April 2020 on Google Earth
Good tool: livingatlas.arcgis.com/wayback
Read 21 tweets
Techjournalisto Profile picture
Feb 24, 2022
#OSINT protips: Incredibly useful at this stage for journalists assessing the situation in UKR: Street Cameras... Thread Image
Today showed unmistakably what livestreaming street cameras can offer for open source investigators/Journalists. How to find them?
Search on Youtube for live camera on the filter, for "Камера"... Image
There are various YouTube accounts that r immediately of great value, some started streaming recently, offering #OSINT intel to investigators... Wont call them out because I dont want them to close down. But especially in ODESSA there is one of GREAT value. Hope more open up Image
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(