Best Tools For Steganography

Lipson Thomas Philip
3 min readNov 22, 2022

--

There are few best tools available for steganography and can be used for CTF competition.

Steganography is the best form of communication used by government agencies as well as high-profile criminals. The fundamental of steganography is slightly similar to cryptography.

The concept of steganography is that someone hides a private file or data in another file, which can be any image, video or audio file. To embed or retrieve that file, the user wants to enter the passphrase or password. This technique of hiding files in another file uses different algorithms according to the situation. In cryptography, the text changes to the coded phrases according to the algorithm used.

There are amazing tools out there for both Linux and Windows:

  1. Steghide
  2. Binwalk
  3. Stegsolve
  4. Exiftool

Steghide

Steghide is a basic and beginner-friendly tool for steganography. This tool is available for both Windows and Linux. In 2003, Stefan Hetzl created steghide. This tool is being used in CTF competition.

Steghide is a steganography tool that hides bits of a data file in the least significant bits of another file, making the presence of the data file invisible and impossible to verify.

Steghide is portable and adjustable, with capabilities such as data hiding in BMP, JPEG, WAV, and AU files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in container data.

Binwalk

Binwalk is a program that searches a binary image for embedded files and executable code. It is specifically intended for recognizing files and code included within firmware packages.

Binwalk is compatible with magic signatures written for the Unix file utility, since it utilizes the libmagic library.

Binwalk additionally includes a special magic signature file that provides better signatures for commonly encountered files in firmware images such as compressed/archived files, firmware headers, Linux kernels, bootloaders, file systems, and so on.

Exiftool

Exiftool is a platform-independent command line and graphical user interface utility for reading, writing, and manipulating metadata in pictures and media files. GPS coordinates, tags, creation time, edit time, device name, and other metadata can be included.

Exiftool is a customizable set of Perl modules and a full-featured command-line application called exiftool for reading and writing meta information in a wide variety of files, including the maker note information of many digital cameras from various manufacturers such as Canon, Casio, DJI, FLIR, Fuji Film, GE, GoPro, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica Minolta, Nikon, Nintendo.

To know more about these tools practically, refer to the links in the reference section.

Steganography is a very useful and interesting topic. Everyone should know to send encrypted messages without relying on WhatsApp, Instagram, Facebook, or Telegram. At the end, companies have the right to share these types of messages to government.

References

Articles

YouTube Videos

--

--

No responses yet