Multi-threaded Instagram Brute Forcer without password limit
Switch branches/tags
Nothing to show
Clone or download
Failed to load latest commit information.
LICENSE Update LICENSE Jul 23, 2018 Update Jun 15, 2018 Requirements install file uploaded Mar 24, 2018 Update Sep 24, 2018
passwords.lst Best 8 letter (39k) Mar 26, 2018

Instashell v1.5.4



Don't copy this code without give me the credits, nerd!

Instashell is an Shell Script to perform multi-threaded brute force attack against Instagram, this script can bypass login limiting and it can test infinite number of passwords with a rate of +400 passwords/min using 20 threads.

Legal disclaimer:

Usage of InstaShell for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program



  • Multi-thread (400 pass/min, 20 threads)
  • Save/Resume sessions
  • Anonymous attack through TOR
  • Check valid usernames
  • Default password list (best +39k 8 letters)
  • Check and Install all dependencies


git clone
cd instashell
chmod +x
service tor start
sudo ./

Install requirements (Curl, Tor, Openssl):

chmod +x
sudo ./

How it works?

Script uses an Android ApkSignature to perform authentication in addition using TOR and rotating the ip address to avoid blocking. The script uses Instagram-py algorithm, see the project at:


Support the authors:

Donate using Liberapay