Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A Python wrapper for the Instagram private API with no 3rd party dependencies.
I wrote this to access Instagram's API when they clamped down on developer access. Because this is meant to achieve parity with the official public API, methods not available in the public API will generally have lower priority.
Problems? Please check the docs before submitting an issue.
Documentation is available at instapi.rtfd.io.
Install with pip:
pip install instapi
To update:
pip install instapi --upgrade
To update with latest repo code:
pip install instapi --upgrade --force-reinstall
Tested on Python 3.
The app API client emulates the official app and has a larger set of functions.
The examples/
and tests/
are a good source of detailed sample code on how to use the clients, including a simple way to save the auth cookie for reuse.
from instapi import Client, ClientCompatPatch
user_name = 'YOUR_LOGIN_USER_NAME'
password = 'YOUR_PASSWORD'
api = Client(user_name, password)
results = api.feed_timeline()
items = [item for item in results.get('feed_items', [])
if item.get('media_or_ad')]
for item in items:
# Manually patch the entity to match the public api as closely as possible, optional
# To automatically patch entities, initialise the Client with auto_patch=True
ClientCompatPatch.media(item['media_or_ad'])
print(item['media_or_ad']['code'])
You are advised to persist/cache the auth cookie details to avoid logging in every time you make an api call. Excessive logins is a surefire way to get your account flagged for removal. It's also advisable to cache the client details such as user agent, etc together with the auth details.
The saved auth cookie can be reused for up to 90 days.
Make sure to review the contributing documentation before submitting an issue report or pull request.
Disclaimer: This is not affliated, endorsed or certified by Instagram. This is an independent and unofficial API. Strictly not for spam. Use at your own risk.
FAQs
A client interface for the private Instagram API.
We found that instapi demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.