Listen to this Post

Introduction
IG-Detective is a high-performance, Python-based OSINT (Open Source Intelligence) tool for Instagram, designed to perform deep account analysis, geospatial mapping, and social network investigation. Built with advanced evasion techniques like TLS fingerprint spoofing and randomized jitter to bypass restrictions, it offers security professionals and investigators a powerful shell for extracting actionable intelligence from public profiles, while also raising critical questions about privacy boundaries.
Learning Objectives
- Understand the installation and core command structure of the IG-Detective OSINT tool.
- Learn to execute advanced reconnaissance modules for geospatial and social network analysis.
- Identify the ethical boundaries and legal considerations when using automated Instagram intelligence tools.
You Should Know
1. Installation & Evasion Setup
IG-Detective leverages a headless Playwright browser with `playwright-stealth` to completely bypass Cloudflare and rate-limiting, making it a unique tool in the OSINT landscape.
Step‑by‑step guide:
1. Clone the Repository:
git clone https://github.com/shredzwho/IG-Detective.git cd IG-Detective
This downloads the tool and moves into its directory.
2. Set Up Virtual Environment (Recommended):
python3 -m venv venv source venv/bin/activate On Windows: venv\Scripts\activate
A virtual environment isolates dependencies to avoid conflicts.
3. Install Dependencies:
pip install -r requirements.txt
This installs all required Python libraries, including Playwright.
4. Run with Docker (Optional but “Recommended”):
docker-compose run --rm detective
Using Docker avoids dependency issues and containerizes the tool for easy deployment.
5. Launch Interactive Shell:
python3 main.py
Starts the IG-Detective interactive prompt where all analysis commands are run.
2. Core Reconnaissance & Target Setting
Once inside the shell, you must first set an active target before any module runs. This allows the tool to cache data for lightning-fast repeated queries.
Step‑by‑step guide:
1. Set Target: `target @username` (e.g., `target @example_user`).
This assigns the investigation target for the session.
2. Basic Profile OSINT: Run `info`.
This command outputs comprehensive profile details including user ID, bio, followers, and business status.
3. Fetch Recent Media: Run `posts`.
This retrieves the target’s recent timeline activity, providing statistical breakdowns of likes and comments.
4. Extract Followers/Following: Use the `followers` and `following` commands (or their equivalents via the `sna` module).
These list and export the target’s social graph, crucial for network mapping.
3. Advanced OSINT: Geospatial Mapping
The geospatial feature extracts GPS coordinates from posts and generates an interactive map, which is invaluable for physical location tracking.
Step‑by‑step guide:
1. Extract Geographical Targets: Run `addrs`.
This command scans the target’s posts for embedded GPS metadata.
2. Generate Interactive Map: After extracting coordinates, the tool automatically generates an `interactive_map.html` file.
This Folium-based map includes readable addresses and clickable pins for each geotagged location.
3. Perform Co-Visitation Analysis: For dual-target analysis, use intersect @second_user.
This bleeding-edge module identifies physical meeting points by cross-referencing GPS and time intersections between two targets.
4. Social Network Analysis (SNA) & Temporal Profiling
Beyond location, these advanced features map a target’s “Inner Circle” and predict their active time zone.
Step‑by‑step guide:
1. Run Social Network Analysis: Execute `sna`.
This maps interactions to identify the top 10 users most highly connected to the target, revealing their “Inner Circle”.
2. Calculate Time Zone: Execute `temporal`.
Using DBSCAN clustering, this module identifies the target’s “sleep gap” and predicts their primary time zone.
3. Use for Behavioral Profiling: The output helps build a schedule of the target’s most and least active periods, assisting in surveillance planning.
5. Forensic Modules & Automated Reporting
IG-Detective includes several high-risk, forensic modules such as account recovery enumeration, stylometry, and bot detection audits. All command output is automatically saved for evidence records.
Step‑by‑step guide:
1. Account Recovery Enumeration: Run `recovery`.
This module triggers the password reset flow to reveal masked contact information (e.g., admin email hints), which is a highly sensitive action.
2. Perform Stylometry Analysis: Run `stylometry`.
This NLP-based analysis generates a digital “Linguistic Signature” (bigram and emoji distribution) to link multiple accounts.
3. Export All Data: Run `data`.
This one-click export command downloads a target’s followers, following list, and timeline media (with metadata JSON), packaging everything into a single ZIP archive.
4. View Reports: All reports are saved as JSON and TXT files in the `data/` directory for later review.
6. Windows & Linux Commands for OSINT Integration
For investigators integrating IG-Detective into a broader workflow, these fundamental OSINT commands provide a baseline for infrastructure and identity checks.
Step‑by‑step guide:
1. WHOIS Lookup (Linux/Windows): `whois example.com`
Retrieves domain registration details for infrastructure mapping.
- DNS Enumeration: `dig example.com ANY +short` (Linux) or `nslookup example.com` (Windows).
Fetches DNS records to identify hosting and subdomains.
- Reverse IP Lookup (cURL): `curl -s https://api.hackertarget.com/reverseiplookup/?q=IP_ADDRESS`
Identifies other domains hosted on the same IP address to find connected assets.4. Subdomain Discovery: `subfinder -d example.com`
Enumerates subdomains that could lead to security gaps or additional investigation vectors.
- Check for Breaches: Use a service like LeaksAPI (available on osintrack.com) to check emails against 1800+ breach databases.
What Undercode Say
- IG-Detective represents the cutting edge of automated, evasion-focused OSINT, but its power necessitates strict adherence to ethical guidelines and platform ToS.
- The integration of geospatial and temporal analytics transforms raw social media data into actionable behavioral intelligence for security teams.
The rise of tools like IG-Detective forces cybersecurity professionals to reconsider the definition of “public” data. While platforms like Instagram intend for basic profile info to be accessible, the aggregation and correlation of that data through advanced mapping and network analysis can create a surveillance capability previously reserved for state actors. This asymmetry of effort—where an investigator with a Python script can map a target’s physical movements and social connections in minutes—demands that organizations update their privacy policies and that defenders build awareness of such tools into their threat models. The availability of tool aggregators like OSINTRACK.com further lowers the barrier, making complex intelligence gathering accessible to a broader audience, which is both a boon for security research and a stark warning for individual privacy.
Prediction
As automated OSINT tools become more sophisticated with AI-driven analysis and AI-evasion techniques, platforms will respond with increasingly aggressive bot-detection and rate-limiting measures, leading to a continuous arms race. Ultimately, this will push OSINT investigations further into the realms of AI agents and specialized, stealthy infrastructure, making the disciplined use of tools like IG-Detective a baseline skill for cyber threat intelligence analysts rather than a niche specialty.
▶️ Related Video (84% Match):
🎯Let’s Practice For Free:
IT/Security Reporter URL:
Reported By: Mariosantella Osint – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


