Skip to content

Diogoperei29/stego-toolkit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

72 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
THIRD-PARTY
THIRD-PARTY
 
 

Repository files navigation

License Build System C++ Standard CI

Steganography Toolkit

A modern C++ toolkit for hiding and extracting data within images using steganography techniques combined with strong encryption.

Features

  • Image Steganography - Hide data inside PNG/BMP/JPEG images
  • Strong Encryption - AES-256-CBC with PBKDF2-HMAC-SHA256 key derivation (10,000 iterations)
  • Authenticated Encryption - HMAC-SHA256 for integrity verification (Encrypt-then-MAC)
  • Standard Compliance - OpenSSL-compatible encryption format
  • Modular Architecture - Extensible design supporting multiple steganography algorithms (planned)
  • Cross-Platform - Windows, Linux
  • External Dependencies - Libraries fetched automatically via CMake (excluding OpenSSL)

Quick Start

Prerequisites

Linux:

sudo apt install build-essential cmake libssl-dev

Windows:

Build

# Clone repository
git clone https://github.com/Diogoperei29/stego-toolkit.git
cd stego-toolkit

# Configure and build
mkdir build && cd build
cmake ..
cmake --build .

Note

To use this anywhere, the build folder to your PATH (might automate this later somehow).

  • Windows: add the absolute path to build to your user PATH, then restart your terminal.
  • Linux: add export PATH="/absolute/path/to/project/build:$PATH" to your shell profile (e.g., ~/.bashrc), then reload it.

Usage

Embed data into an image:

stegtool embed -i cover.png -d secret.txt -o stego.png -p mypassword

Extract hidden data:

stegtool extract -i stego.png -o recovered.txt -p mypassword

Preview how data will be embedded into an image:

stegtool visual -i cover.png -d secret.txt -o stego.png -p mypassword

Get help:

stegtool --help
stegtool -h
stegtool --version

How It Works

Encryption Layer

  1. User provides a password and data file
  2. Random salt (16 bytes) is generated
  3. Key derived from password + salt using PBKDF2-HMAC-SHA256 (10,000 iterations)
  4. Random IV (16 bytes) is generated
  5. Data encrypted with AES-256-CBC
  6. HMAC-SHA256 computed over [salt | IV | ciphertext] for authentication
  7. Output format: [salt | IV | ciphertext | HMAC]

Embedding Layer

The encrypted payload is embedded into the image using the selected algorithm. The algorithm modifies pixel values in a way that is imperceptible to the human eye while storing the data securely.

Extraction Layer

  1. Load stego image and extract embedded data
  2. Verify HMAC using password-derived key (Encrypt-then-MAC)
  3. Decrypt ciphertext using password
  4. Save recovered plaintext

Security Model:

  • Password is the only secret - Without it, data cannot be decrypted
  • Salt prevents rainbow tables - Each encryption uses unique random salt
  • IV prevents pattern analysis - Identical plaintexts encrypt differently
  • HMAC provides authentication - Detects tampering and wrong passwords
  • Standard format - Compatible with OpenSSL and other standard tools

Project Structure

stegtool/
├── src/
│   ├── main.cpp
│   ├── core/                             # Application logic
│   │   └── CLI.h/.cpp                    # Command-line interface
│   ├── utils/                            # Utility modules
│   │   ├── ErrorHandler.h/.cpp           # Result<T> error handling system
│   │   ├── CryptoModule.h/.cpp           # AES-256-CBC encryption
│   │   └── ImageIO.h/.cpp                # Image loading/saving (stb library)
│   └── algorithms/                       # Steganography algorithms
│       ├── StegoHandler.h/.cpp           # Abstract base class
│       └── lsb/                          # LSB implementation
│           ├── LSBStegoHandler.h/.cpp    # Class to handle LSB methods 
│           ├── ordered/                  # LSB Ordered implementation
│           |   └── LSBStegoHandlerOrdered.h/.cpp
│           └── shuffle/                  # LSB Shuffled implementation
│               └── LSBStegoHandlerShuffle.h/.cpp
├── tests/
│   └── test_all.cpp                      # Unit tests (Google Test)
├── CMakeLists.txt                        # Build configuration
├── LICENSE                               # Apache 2.0 license
├── THIRD-PARTY                           # Third-party attribution
└── README.md

Dependencies

The project uses the following libraries, automatically fetched via CMake FetchContent:

Library Purpose License
OpenSSL AES-256-CBC encryption, PBKDF2 Apache 2.0
cxxopts Command-line parsing MIT
stb Image loading/saving MIT/Public Domain
Google Test Unit testing framework BSD-3-Clause

System Requirements:

  • C++17 compatible compiler (GCC 7+, Clang 5+, MSVC 2017+)
  • CMake 3.16 or later
  • OpenSSL development libraries (system-installed)

CLI Reference

Commands

embed - Hide data inside an image

stegtool embed -i <cover_image> -d <data_file> -m <stego_method> -o <output_image> -p <password>

Options:
  -i, --input     Input cover image (PNG/BMP/JPEG)
  -d, --data      Data file to hide
  -m, --method    Steganography method selection
  -o, --output    Output stego image
  -p, --password  Password for encryption

extract - Extract hidden data from an image

stegtool extract -i <stego_image> -m <stego_method> -o <output_file> -p <password>

Options:
  -i, --input     Input stego image
  -m, --method    Steganography method selection
  -o, --output    Output file for extracted data
  -p, --password  Password for decryption

visual - Preview stego embed output on image

stegtool visual -i <cover_image> -d <data_file> -m <stego_method> -o <output_image> -p <password>

Options:
  -i, --input     Input cover image (PNG/BMP/JPEG)
  -d, --data      Data file to hide
  -m, --method    Steganography method selection
  -o, --output    Output pre-visualization image of stego output
  -p, --password  Password for encryption

Steganography Method Selection

Usage example: lsb - Hide data inside an image using lsb - least significant bit method

stegtool embed -i <cover_image> -d <data_file> -m lsb -o <output_image> -p <password>

Methods can be used by name or number:

stegtool embed -i <cover_image> -d <data_file> -m 0 -o <output_image> -p <password>

Steganography Methods Table:

Method Number Method Name Method Description
0 lsb least significant bit
1 lsbshuffle Shuffled least significant bit

Warning

If you omit or insert wrong Stego method option the program will revert to simple lsb method.
If you omit output file the program will generate one with default name.
If an existing file has the same name as a output file the program will ask to overwrite the file and wait for additional user input.

Global Options

  • -h, --help - Display help message
  • -v, --version - Display version information

To-Do

  • Research more algorithms and implement them (add as issues first please)
  • Add a release builder on github actions
  • Change integration tests to run on all algorithms

License

This project is licensed under the Apache License 2.0 - see LICENSE file.

Third-party library licenses are documented in THIRD-PARTY.

About

A C++ steganography toolkit for hiding and extracting data inside media files.

Topics

c data cryptography aes cpp toolkit extract embed steganography cmakelists aes-encryption

Resources

Readme

License

Apache-2.0 license
Activity

Stars

4 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages