VaultLib is a professional-grade security tool designed to embed encrypted credential databases within standard image files. By leveraging AES-256 (Fernet) encryption and EOF Steganography, it ensures that sensitive data remains hidden in plain sight, maintaining the visual integrity of the carrier file. Perfect for those who value privacy and the "hidden in plain sight" philosophy.
- ✨ Key Features
- ⚙️ Technical Overview
- 🚀 Getting Started
- 🏝️ Demo
- ✍️ Usage Example
- 📚 API Reference
- 📊 Analytics & Metrics
- 👻 Invisible Storage: Implements EOF (End-of-File) steganography, allowing data to be stored behind valid image headers (JPG/PNG). The container file remains a perfectly viewable image.
- 🔒 Military-Grade Encryption: Utilizes AES-256 via the
cryptographylibrary with PBKDF2HMAC key derivation (200,000 iterations for robust key stretching). - 🔑 Custom Signatures: Dynamic byte-marker injection (
NEO_SPACE_MARKER) for reliable data offset identification, ensuring data integrity. - 🎭 Visual Camouflage: Supports automated decoy display using system-native handlers (e.g.,
xdg-openon Linux), distracting casual observers. - 🐧 Arch-Friendly: Designed with minimalism and control in mind, resonating with the Arch Linux philosophy.
- 🌐 Session Management: Integrated identity headers (
user,os,vault_name) for multi-user or multi-environment vault deployments.
The library appends a proprietary data block to the image binary after the standard end-of-file markers (IEND for PNG, EOI for JPG). This ensures the visual integrity of the host image is preserved.
[ Original Image Binary ]
(e.g., PNG header, IHDR, IDAT chunks, IEND marker)
+-------------------------+
| NEO_SPACE_MARKER | <-- Custom byte signature to locate the payload
+-------------------------+
| SALT | <-- 16-byte random salt for PBKDF2HMAC
+-------------------------+
| ENCRYPTED_PAYLOAD | <-- Fernet-encrypted JSON (credentials data)
+-------------------------+