A command-line tool that detects steganographically hidden data in PNG and BMP image files.
zsteg is a command-line forensic tool that detects steganographically hidden data in PNG and BMP image files. It helps security professionals and researchers uncover concealed information by analyzing pixel data, compression patterns, and various steganography techniques. The tool is particularly useful for digital forensics, security audits, and Capture The Flag (CTF) competitions.
Security researchers, forensic analysts, CTF participants, and developers working on digital security or image analysis who need to detect hidden data in image files.
zsteg provides a comprehensive, automated approach to steganalysis with support for multiple steganography techniques in a single tool. Its detailed output and flexible extraction parameters give users precise control over the analysis process.
detect stegano-hidden data in PNG & BMP
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
Detects multiple steganography techniques including LSB, OpenStego, Camouflage 1.2.1, and zlib compression, as listed in the README's 'Detects' section.
Allows targeted payload extraction using specific bit, channel, and order parameters, demonstrated in usage examples like '2b,b,lsb,xy' shortcuts.
Automatically finds and displays readable ASCII strings in discovered data, with configurable minimum length and modes, as shown in the examples.
Provides hex dumps and metadata in verbose mode (-v), helping users understand the structure and location of hidden data, as seen in the wbStego examples.
Only works with PNG and BMP files, excluding common formats like JPEG, which restricts its use in broader forensic contexts.
Requires installation via 'gem install', necessitating a Ruby setup, which adds complexity compared to standalone tools.
Involves numerous options and parameters (e.g., --bits, --channels, --order) that can be overwhelming for users unfamiliar with steganography concepts.
While it detects encrypted steganography (e.g., wbStego with Blowfish), it does not decrypt the data, leaving extraction incomplete for secured payloads.