INTRODUCTION

Instagram is used by almost everyone in this modern world. It is by far one of the best social media platform where users can chat, post, comment, react and interact with anyone on the Earth. But for hackers, It opens a huge scope of juicy information for them like their location, contact information and many other sensitive details.

In this article, We are going to learn how we can gather someone’s personal information like address, number of followers, phone numbers, email addresses and many more. So, Let’s get started.

PART 1: SETTING UP THE TOOL

Let’s start by downloading OSINTGRAM, The tool we will be using in this article to gather user’s details on Instagram. Follow the steps below:
1- Download the script from here.

2- Open terminal where you have downloaded the script and type: “sudo bash installer.sh”.

3- Type your root’s password.

4- After installation get’s complete, you will see something like below:

5- Type cd Osintgram

6- Type cd config and after that type mousepad credentials.ini (Note: If you are not able to save changes in credentials.ini then type sudo mousepad credentials.ini instead)

7- Now add your Instagram credentials inside the file. (Important: Please do not use your Instagram account, create a dummy account instead)

8- Save the file and move back to the previous directory by typing cd ..

9- Now its time to run the program. In this article, we are going to gather sensitive information on “sprouts”.

Type python3 main.py <instagram_id> i.e. python3 main.py sprouts

(Note: If you are facing any error then try sudo python3 main.py <instagram_id> instead.)

10- If everything is done correctly, you will see the interface below:

PART 2: GETTING ADDRESS

Now its time for us to play with this tool. First let’s type “list” to see the total available commands.

There are tons of interesting commands here like stories, info, hashtags etc. But here we going to use the addrs command. This command extracts registered address from target photos.

Let’s type “addrs” and analyze the output.

BOOM! As we can see, we successfully got the address using this tool.

PART 3: GETTING EMAIL ADDRESS OF THE FOLLOWERS

Now type “fwersemail” to get the email address of the target’s follower

Perfect, as you can see we were able to gather the target’s followers email address. This can give room to more attacks like phishing etc.

CONCLUSION

So, I hope you all learnt how we can gather sensitive information by just someone’s username. Please note that this tool will not work on private profiles and those tools that claims to get sensitive information of someone’s private account are fraud.

This tool is tested and found working perfect on Kali Linux and Ubuntu.

Do let me know if have any issues or doubts regarding this topic. Check out our other interesting cybersecurity contents by clicking over here.