Select your language: Albanian Arabic Bulgarian Catalan Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Estonian Filipino Finnish French Galician German Greek Hebrew Hindi Hungarian Indonesian Italian Japanese Korean Latvian Lithuanian Maltese Norwegian Polish Portuguese Romanian Russian Serbian Slovak Slovenian Spanish Swedish Thai Turkish Ukranian Vietnamese

Welcome to the Steganography Analysis and Research Center

A Backbone Security Center of Excellence

Products

You’ve just finished examining the storage media from a seized computer. You’ve done everything you know to do with the tools you have at your disposal. You’ve looked in all the “obvious places.” You’ve recovered deleted files and scanned through slack and swap space. You may have found something—or you may not have found anything. Yet, you have this gnawing feeling that there’s still more there than meets the eye.

Are you sure there isn’t something hidden inside those recovered files?

Perhaps you’ve discovered a large number of seemingly innocuous images that don’t make sense for your particular suspect. You become convinced there’s evidence to be found and recovered—but you just can’t see it.

If you’ve ever found yourself in this situation, then you need automated tools to extend your digital forensic examinations to look for the presence or use of digital steganography applications. These applications, which are simple to obtain and use, can hide information in non-obvious places. Digital steganography applications can hide information inside any digital file using a variety of techniques so you must have highly capable specialized tools for detection and extraction of any hidden information.

Whether you are in law enforcement, the intelligence community, or the private sector, you need the capability to go beyond traditional digital forensic examinations. You need the extra assurance that you went as far as you could to search for evidence that a digital steganography application exists on seized media, or did at one time. If an artifact of a steganography application (i.e., a file or registry key known to be associated with a steganography application) is detected, the application was probably used to establish a covert channel for communications. In other words, the application was probably used to hide something in a file that was, or will be, sent to a co-conspirator. The objective then becomes finding the file, or files, in which information was hidden and then extracting the hidden information. StegAlyzerAS and StegAlyzerSS may be the key to cracking your case!

Don’t let crucial evidence continue to go undetected!

The Steganography Analysis and Research Center (SARC) has developed the most advanced digital forensic analysis tools available for the examination, detection, analysis, and extraction of digital steganography. Get StegAlyzerAS and StegAlyzerSS today and extend your digital forensic examinations with a search for known steganography applications and signatures—it just might help you find the critical evidence needed to win a conviction!

Steganography Application Fingerprint Database (SAFDB)

A fundamental goal of the SARC is to collect steganography, watermarking, and other data-hiding applications from various sources and incorporate file profiles computed from them into the SAFDB. The SAFDB can be used to review files on seized media by matching file profiles in the SAFDB. SAFDB is the most extensive steganography hash set publicly available. The file profiles contain identifying information such as filename, associated application name, file size, and several unique hash values. These hash values may be used to determine the presence of a steganography application or artifact of a steganography application on the media being examined. The SAFDB is available for download in formats compatible with most of the popular digital forensic tools and utilities: EnCase, Forensic Toolkit (FTK), HashKeeper, ILook, and ProDiscover.

Steganography Analyzer Artifact Scanner (StegAlyzerAS)

StegAlyzerAS gives you the capability to scan the entire file system, or individual directories, on suspect media for the presence of steganography application artifacts. And, unlike other popular forensic tools, you can perform an automated or manual search of the Windows Registry to determine whether or not any Registry keys or values exist that can be associated with a particular steganography application.

Steganography Analyzer Signature Scanner (StegAlyzerSS)

StegAlyzerSS gives you the capability to scan every file on the suspect media for the presence of hexadecimal byte patterns, or signatures, of particular steganography applications in the files. If a known signature is detected, it may be possible to extract information hidden with the steganography application associated with the signature.

Steganography Analyzer Real-Time Scanner (StegAlyzerRTS)

StegAlyzerRTS is the first commercially available network security appliance in the world capable of detecting the fingerprints and signatures of digital steganography applications in real-time.