Welcome to the Steganography Analysis and Research Center

StegAlyzerFS
Steganography Analyzer Field Scanner

Perform rapid field triage for steganography artifacts and signatures!

DESCRIPTION:

StegAlyzerFS is a steganalysis tool designed to perform rapid field triage on suspect media on computers to detect the use of steganography to conceal information. Often it is necessary to quickly identify potential evidence of concealed information while at the scene. If the information was hidden with a steganography application, currently deployed computer forensic triage tools will not detect it.

A suspect computer can be booted from the StegAlyzerFS device and results can be obtained in a matter of minutes. StegAlyzerFS detects any of the files associated with over 1150 applications in the Steganography Application Fingerprint Database (SAFDB). SAFDB is the largest commercially available steganography hash set. In addition, StegAlyzerFS detects over 55 uniquely identifiable byte patterns, or known signatures, left inside files when particular steganography applications are used to embed hidden information within them.

Product highlights in StegAlyzerFS:

• Software executes from single USB device
  
  
• Requires no installation or configuration
  
  
• Does not change target storage media, preserving its forensic integrity
  
  
• Automated scanning of entire devices
  
  
• Detect file artifacts associated with over 1,025 steganography applications
  
  
• Detect signatures associated with over 55 steganography applications
  
  
• Scan popular file systems such as ext2, ext3, ReiserFS, XFS, FAT, FAT32, NTFS, ISO and others supported by Linux kernel 2.6.32
  
  
• Automated decompression/extraction of the following archive and compressed file types: zip, iso, tar, gz, gz2, bz, bz2, rar, cab, pax, cpio, xar, lha, ar, mtree
  
  
• Extensive report generation in HTML format
  
  
• Automated logging of key events and information of potential evidentiary value