⚠️ Legal Disclaimer
This is a research and development tool that demonstrates steganography and Command and Control (C2) communication techniques in a controlled environment.
Its use is strictly intended for learning, testing, and research purposes.
Unauthorized or illegal use is prohibited under applicable laws, including the Brazilian Civil Rights Framework for the Internet (Law No. 12,965/2014).
The author assumes no liability for misuse or damages.
- 🎯 Objective
- 🌐 Website
- 🧰 Technologies
- 🏗️ Architecture
- ⚙️ Usage Instructions
⚠️ Limitations- 📜 Tutorial
- 🤝 Contribution Guidelines
- 📷 Screenshot
- 📄 License
- 📬 Contact
This project provides a functional tool for:
- Steganography using LSB (Least Significant Bit) to embed messages in images.
- Simulated C2 communication, allowing structured data flow between a local client and server.
Visit the live project at:
🔗 https://peer-crypt.vercel.app
-
Language: Python 3.8+
-
Libraries:
Pillow– Image manipulationsocket– Local TCP communication
-
Execution environment: Fully local (
127.0.0.1) for safety -
Web interface (in development): Started on 09/06/2025
The architecture is modular and extensible:
-
🎯 Client Module:
Sends steganographic payloads to the C2 server. -
🖥️ Server Module (C2):
Receives and decodes payloads, simulating command reception. -
🗝️ Encoding/Decoding Layer:
Handles the core steganographic logic (LSB). -
🛡️ Safety & Logging Layer:
Logs key events and blocks unsafe usage.
You need to fork the project repository to your own GitHub account to use the steganography panel.
Create and activate the virtual environment (venv):
python -m venv venv
source venv/bin/activate # On Windows use `venv\Scripts\activate`pip install -r requirements.txtuvicorn api.main:app --reload
-
📏 The message size is limited by the input image resolution.
-
🎭 The C2 feature is fully simulated and does not perform real-world operations.
-
⚙️ To use the steganography dashboard, you need to activate the virtual environment (venv) in the repository and run the backend API server locally before interacting with the website.
I will be showing here a tutorial on how to use the tool efficiently, remembering that at the moment 09/08/2025 the tool runs on the website but with its API connected manually, which in itself is already a great advance compared to the beta version 0.1.0 which did not even have the website.
First we will Fork the repository to clone it and run some processes.
When you enter the project, you'll see a certain folder structure. Currently, the site still doesn't run without this user dependency on using the tool without manually starting the API. So, you'll just enter the terminal instead of using any of the folders.
Entering the terminal, we will start VENV:
python -m venv venv
source venv/bin/activate # On Windows use `venv\Scripts\activate`After that we will add the packages that are in the tool's requirement using the command:
pip install -r requirements.txtFinally, we will activate the API with the command:
uvicorn api.main:app --reload
We will see the Link and when we click we will see the API online. Remembering that it is not mandatory to enter the link to see the API status, but for good practice it is good to see it to have confirmation.
Finally, you will enter the website that is available in the repository (Without closing your IDE and your API page) and scrolling down you will reach the panel where we have the options to inject information and extract information. First, let's start with the process of injecting information into the image. I'll use one as an example and inform you of the content.
see that we automatically receive a file with a name, when clicking it we will see that the photo is the same, it seems funny but after all the information is hidden in it. Now let's do the opposite process
Congratulations, you did the steganography process correctly. 🎊🎉🎉🎉🎉
Contributions are welcome, provided they align with the educational goals of the project.
If you find bugs, have ideas for improvements, or want to add features, feel free to contribute via pull requests.
To contribute:
- Fork the repository.
- Create a branch with your changes.
- Submit a pull request with a detailed description of your changes.
This project is licensed under the GNU Affero General Public License v3.0 (AGPL-3.0).
See the LICENSE file for details.
- Contact the author via GitHub
⚠️ Final Notice: This project is intended for research, testing, and development purposes in controlled environments only. Do not use this code in production systems, unauthorized networks, or for malicious activities. The author explicitly disclaims any responsibility for misuse and condemns any form of unethical or illegal usage.