Displaying 1 to 20 from 21 results

Cloakify - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection

  •    Python

CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.

stego-toolkit - Collection of steganography tools - helps with CTF challenges

  •    Shell

This project is a Docker image useful for solving Steganography challenges as those you can find at CTF platforms like hackthebox.eu. The image comes pre-installed with many popular tools (see list below) and several screening scripts you can use check simple things (for instance, run check_jpg.sh image.jpg to get a report for a JPG file). First make sure you have Docker installed (how to). Then you can use the shell scripts bin/buid.sh and bin/run.sh in this repo to build the image and run the container. You will be dropped into a bash shell inside the container. It will have the data folder mounted, into which you can put the files to analyze.

ImSter - Image Steganographer

  •    Java

ImSter is a tool that lets you hide and view encrypted text inside images securely. Text is password encrypted using 256-bit AES and encoded into the pixels of the image themselves rather than any metadata. It is impossible for anyone to tell by eye that there is hidden content within an image.

Image Steganography

  •    DotNet

'Image Steganography' allows you to embed text and files into images, with optional encryption.


  •    C

occulo is a free steganography program, meant to embed files within images with optional encryption.

PyExfil - A Python Package for Data Exfiltration

  •    Python

All requirements can be met with a pip install --user -r requirments.txt. After that the server is easy to execute. Notice that in some cases you might want to use py2exe before delivering the package to the code you want to operate. So recently we have decided to impliment some physical data exfiltration techniques assuming some networks might be airgapped from any internet connectivity. So this is the first one. It will encode a file in several QR codes, display them on the screen one by one and it comes with a decoder to recompile that into the file itself.

jsteg - JPEG steganography

  •    Go

jsteg is a package for hiding data inside jpeg files, a technique known as steganography. This is accomplished by copying each bit of the data into the least-significant bits of the image. The amount of data that can be hidden depends on the filesize of the jpeg; it takes about 10-14 bytes of jpeg to store each byte of the hidden data. Note that the data is not demarcated in any way; the caller is responsible for determining which bytes of hidden it cares about. The easiest way to do this is to prepend the data with its length.

mr-hyde - A collection of steganography tools.

  •    C

This repository gathers some sub-projects related with steganography. Here I am avoiding cliché things like steganography using images and sounds.Take a look at each sub-project's README.md to know more details about the related sub-project.

Stegano - Stéganô is a pure Python steganography module

  •    Python

Stéganô, a pure Python Steganography module. Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. Consequently, functions provided by Stéganô only hide messages, without encryption. Steganography is often used with cryptography.

lsb - Steganography cheap trick - hide string data in the least-significant bits of an array.

  •    Javascript

See example code for image hiding in the demo or voxel-painter.Where channel is the array to hide the stegotext string in. iterator is an optional callback for determining the index of each hidden byte, if you want to get tricky.

bacon-cipher - A robust JavaScript implementation of Bacon’s cipher, a.k.a. the Baconian cipher.

  •    Javascript

bacon-cipher is a JavaScript implementation of Bacon’s cipher, a.k.a. the Baconian cipher. It can be used to encode plaintext to Bacon-ciphertext, or the other way around (i.e. decoding). Here’s an online demo.A string representing the semantic version number.

jphs - jphide & seek steganography tools

  •    C

jphide & seek steganography tools

steganography - A tool to conceal files into images

  •    Javascript

Conceals any type of file into images. Python is required.

stegextract - Detect hidden files and text in images

  •    Shell

Bash script to extract hidden files and strings from images. Stegextract extracts any trailing data after the image's closing bytes, and any hidden files (or other images) embedded within the image. Short byte combinations such as JPEG's FFD8 FFE0 might sometimes create false positives. Manually reviewing the hexdump is sometimes inevitable in cases of highly complex embedded files. Stegextract is not the solution for any color/pixel/filter/LSB related Steganography, nor does it try to be. It relies on magic numbers, hexdumps and binary data alone. Currently supports PNG, JPG, and GIF.

stegify - Go tool for LSB steganography, capable of hiding any file within an image.

  •    Go

stegify is a simple command line tool that is capable of fully transparent hiding files within an image. The technique is known as steganography. This tool uses the technique known as LSB (Least Significant Bit) Steganography. The Result file contains the Data file hidden in it. And as you can see it is fully transparent.

busysteg - :ghost: Hide information content into busy areas of images, optimally

  •    C++

Some parts of the image (for example, tree foliage) are busier than others (for example, the sky). It is possible to hide upto even 4 bits per 8 bit pixel in such areas, with no perceptible change to the image. Additionally, such modifications are virtually impossible to detect using common steganalysis techniques. The original idea for this is taken from a paper titled "Keyless dynamic optimal multi-bit image steganography using energetic pixels" by Goutam Paul et. al..

Image-Steganography-Library-Android - ✔️ Hide a secret message in an image

  •    Java

Steganography is the process of hiding a secret message within a larger one in such a way that someone cannot know the presence or contents of the hidden message. Although related, Steganography is not to be confused with Encryption, which is the process of making a message unintelligible—Steganography attempts to hide the existence of communication. The main advantage of steganography algorithm is because of its simple security mechanism. Because the steganographic message is integrated invisibly and covered inside other harmless sources, it is very difficult to detect the message without knowing the existence and the appropriate encoding scheme . The algorithm is more dedicated towards the algorithm proposed by Rosziati Ibrahim and Teoh Suk Kuan in their Research Paper published on February 25, 2011.

PacketWhisper - PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography

  •    Python

PacketWhisper - Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file type (e.g. executables, Office, Zip, images) into a list of Fully Qualified Domain Names (FQDNs), use DNS queries to transfer data. Simple yet extremely effective. Traditional DNS exfiltration relies on one of the following: DNS tunneling; Hiding data in DNS query fields; or Encoded / encrypted payloads that are broken up and used as subdomains in the DNS query. All of these methods require that the attacker control a domain and/or an associated DNS Name Server to receive the data, which leads to attribution. Those approaches are also vulnerable to DNS Name Server blacklisting (common) and whitelisting (increasingly common). Another problem is that DFIR analysts are familiar with these methods, and SIEM systems will often detect and alert on seeing them.

hide.py - A steganographic program that encodes files in pictures

  •    Python

A steganographic program that encodes files in pictures. "Image" specifies the image you want to decode or encode. Currently only png files are supported. "Action" must be either encode or decode. "File" is only required when encoding. It specifies the file you want to hide in the image. "Password" is an optional argument that activates AES encryption. The password is transformed into a large key unique for that string of characters before encryption takes place.