Stegextract - a Steganography tool to help with steg challenges

I wrote a small tool in bash that rendered useful in quite a few steg challenges in HTB. It usually got me past one or two stages in each challenge.

The tool is written in bash and looks for embedded files and or images or any trailing data, strings, etc.
GitHub URL: GitHub - evyatarmeged/stegextract: Detect hidden files and text in images
There’s also some examples and sample files to experience on :slight_smile:

Note: the tool cannot be used for any LSB steg.

I’d be more than happy to answer any questions and of course am open to suggestions.

With all due respect, I have to ask you “But why?”. There’s binwalk and it works with any kind of files and extract even more data types and is very reliable. What’s the profit by writing it on your own?
Sorry if this sounded offensive, I’m just intrigued.

@Juniter said:
With all due respect, I have to ask you “But why?”. There’s binwalk and it works with any kind of files and extract even more data types and is very reliable. What’s the profit by writing it on your own?
Sorry if this sounded offensive, I’m just intrigued.

You’re absolutely right about binwalk. I wrote the tool as I was learning and exploring steg possibilities and scenarios… and it was more a part of my learning process than anything else really.

There was also a single CTF that had a stego level that I couldn’t solve with binwalk. Specifically, a PNG embedded within a JPG that binwalk didn’t seem to extract correctly, but that’s a rare case I suppose.