Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats. It extracts any trailing data after the image's closing bytes and any hidden files embedded within the image. The tool relies on magic numbers, hexdumps, and binary data alone, and does not support Steganography related to color/pixel/filter/LSB. Note that short byte combinations might create false positives, and manual review of the hexdump may be necessary in complex cases.

FEATURES

This tool is not verified yet and doesn't have listed features.

Did you submit the verified tool? Sign in to add features.

Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.

ALTERNATIVES

Tool for parsing NTFS journal files, $Logfile, and $MFT.

Tool for analyzing Windows Recycle Bin INFO2 file

A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.

OSXCollector is a forensic evidence collection & analysis toolkit for OSX.

An anti-forensic Linux Kernel Module kill-switch for USB ports.

Hindsight is a free tool for analyzing web artifacts from Google Chrome/Chromium browsers and presenting the data in a timeline for forensic analysis.