This project is a security auditing and penetration testing utility designed for automating password guessing, credential stuffing, and account brute-forcing on Instagram. It functions as an account recovery auditor that simulates automated login attacks to test the strength of account passwords.
The main features of bitwise-01/instagram- are: Credential Brute-Forcing, Credential Stuffing, Instagram Password Crackers, Penetration Testing, Proxy Request Routers, Credential Testing Pipelines, Proxy Health Verifications, HTTP Proxies.
Open-source alternatives to bitwise-01/instagram- include: rootphantomer/blasting_dictionary — Blasting Dictionary provides curated datasets of common usernames and passwords designed for auditing authentication… zhuifengshaonianhanlu/pikachu — Pikachu is a web security training platform and vulnerable web application sandbox. It provides a containerized lab… owasp/nettacker — Nettacker is an automated penetration testing framework designed to orchestrate reconnaissance, port scanning, and… danielmiessler/seclists — SecLists is a centralized library of security assessment data designed to support vulnerability discovery and… mitmproxy/mitmproxy — Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol… qaiu/netdisk-fast-download — This project is a cloud storage link resolver and direct link generator that transforms sharing links from various…
Blasting Dictionary provides curated datasets of common usernames and passwords designed for auditing authentication strength and identifying vulnerable accounts. It serves as a collection of credential stuffing wordlists and password attack dictionaries used to test for weak or default credentials in target services. The project facilitates security penetration testing and vulnerability assessments by providing the necessary datasets for simulating brute force and credential stuffing attacks. These resources are used to evaluate the security of authentication systems and identify services su
Pikachu is a web security training platform and vulnerable web application sandbox. It provides a containerized lab environment designed for practicing penetration testing and identifying common security flaws. The project serves as an OWASP Top 10 practice lab, offering a simulation suite for critical risks. It includes specific scenarios for practicing the exploitation of SQL injection, cross-site scripting, remote code execution, and broken access control. The environment covers a broad range of security testing simulations, including directory traversal, server-side request forgery, unsa
Nettacker is an automated penetration testing framework designed to orchestrate reconnaissance, port scanning, and vulnerability detection. It functions as a network reconnaissance tool and vulnerability scanner that identifies open ports, fingerprints services, and checks systems against databases of known security flaws. The framework distinguishes itself by combining a web application crawler for discovering hidden paths via fuzzing with a vulnerability management system that persists scan results in a database to track historical assessments. It also includes specialized capabilities for
SecLists is a centralized library of security assessment data designed to support vulnerability discovery and penetration testing. It functions as a comprehensive repository of wordlists, payloads, and testing methodologies used to audit software, firmware, and internet-connected hardware for technical vulnerabilities. The project distinguishes itself through a standardized taxonomy and a language-agnostic data format, which allows security tools to predictably ingest and utilize its assets regardless of the underlying programming environment. By decoupling raw testing data from execution log