Steganography Toolkit
This project is a Docker image useful for solving Steganography challenges as those you can find at CTF platforms like hackthebox.eu. The image comes pre-installed with many popular tools and several screening scripts you can use check simple things. Usage: First make sure you have Docker installed. Then you can use the shell scripts bin/build.sh and bin/run.sh in this repo to build the image and run the container. You will be dropped into a bash shell inside the container. It will have the data folder mounted, into which you can put the files to analyze. If you don't use the scripts, follow these steps: Build image (docker build -t <image_name> .) or pull from Docker hub (docker pull dominicbreuker/stego-toolkit). Start a container with your files mounted to the folder /data (docker run -it <image_name> -v /local/folder/with/data:/data /bin/bash). Use CLI tools and screening scripts on your files: e.g., run check_jpg.sh image.jpg to create a quick report, or run brute_jpg.sh image.jpg wordlist.txt to try extracting hidden data with various tools and passwords.
FEATURES
SIMILAR TOOLS
Automated tool for detecting steganographic content in images, with F5 detection capabilities.
Simple C++ Encryption and Steganography tool for hiding files inside images using LSB encoding.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
A project focusing on deconstructing and utilizing data for security using Python modules like IPython, Pandas, and Scikit Learn.
A demonstration of a method to delete a locked executable or currently running file from disk.
A utility tool for decrypting data from weak public keys and attempting to recover the corresponding private key, primarily for educational purposes.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.