loneobs/instakill
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
3 commits 1 branch 0 tags 9.7 MiB
  • Shell 100%
Find a file
Exact
lonelyobserver 27e4f2803f Whonix support
2026-02-24 01:18:43 +01:00
.gitignore Created 2026-02-23 21:51:55 +01:00
1M_passwords.txt Created 2026-02-23 21:51:55 +01:00
instakill.sh Whonix support 2026-02-24 01:18:43 +01:00
install.sh Created 2026-02-23 21:51:55 +01:00
LICENSE Created 2026-02-23 21:51:55 +01:00
README.md V2 2026-02-23 21:55:54 +01:00

README.md

Instakill

Multi-threaded Instagram brute force tool. Uses the Android private API with TOR for anonymous IP rotation to bypass rate limiting. Capable of testing 400+ passwords/min with 20 threads.

Features

  • Multi-threaded brute force (up to 400 pass/min with 20 threads)
  • Anonymous attack through TOR with automatic IP rotation
  • Save and resume sessions
  • Username validation
  • Default wordlist with 1M+ passwords
  • CLI and interactive mode

Requirements

  • curl
  • tor
  • openssl

Quick install

cd instakill
chmod +x install.sh
sudo ./install.sh

Usage

chmod +x instakill.sh
sudo service tor start

Usage: ./instakill.sh [OPTIONS]
  -u, --user <username>      Target username (required in CLI mode)
  -w, --wordlist <file>      Password list (default: 1M_passwords.txt)
  -t, --threads <num>        Number of threads (default: 10)
  -i, --interactive          Start in interactive mode
  --resume                   Resume a saved session
  -h, --help                 Show this help

CLI mode

sudo ./instakill.sh -u target_user -w 1M_passwords.txt -t 15

Only -u is required. Wordlist defaults to 1M_passwords.txt and threads to 10:

sudo ./instakill.sh -u target_user

Interactive mode

sudo ./instakill.sh --interactive

Resume a session

sudo ./instakill.sh --resume

How it works

  1. Generates a fake Android device fingerprint (Xiaomi HM 1SW)
  2. Signs login requests with Instagram's APK signature (HMAC-SHA256)
  3. Sends authentication attempts through TOR (SOCKS5 proxy)
  4. On rate limit (Please wait), rotates the TOR circuit for a new IP
  5. On success, saves credentials to found.instakill and exits

Disclaimer

This tool is provided for educational purposes and authorized security testing only. You are solely responsible for ensuring that your use of this software complies with all applicable laws and regulations. Unauthorized access to computer systems or accounts is illegal. The author assumes no liability for any misuse, damage, or legal consequences resulting from the use of this tool. By using this software you agree that you have explicit permission from the account owner or are operating within a legally authorized context (e.g., penetration testing, CTF competitions, security research).

This is a fork of https://github.com/maxrooted/instakill