Try it now: https://www.aperisolve.com
Aperi'Solve is a platform which performs steganalysis on images.
The platform uses layer analysis, "zsteg", "steghide", "outguess", "exiftool", "binwalk", "foremost" and "strings" for deeper steganography analysis.
Aperi'Solve has been created in order to have an "easy to use" platform which performs common steganalysis tests such as LSB or steghide. The platform is also a quick alternative for people who didn't manage to install tools like zsteg (ruby gem) properly.
Aperi'Solve is based on Python3 with Flask and PIL module, the platform supports the most common images formats like.png, .jpg, .gif, .bmp, .jpeg, .jfif, .jpe, .tiff...
The platform allow you to:
- Visualise each bit layer of each channel for a given image (ie. LSB of Red channel).
- Browse and Download each bit layer image.
- Visualise
zsteginformations such as text encoded on LSB - Download
steghidefiles using a defined password - Download
outguessfiles using a defined password - Visualise
exiftoolinformations such as geolocation or author - Visualise
binwalkinformations - Download
binwalkfiles such as zip in png headers - Download
foremostfiles such as zip in png headers - Visualise
stringsoutput
Even if Aperi'Solve is available at the URL https://www.aperisolve.com/, you can set-up your own instance with the following command:
git clone https://github.com/Zeecka/AperiSolve.git
cd aperisolve
docker compose up -dDefault will run on http://localhost:5000/
Aperi'Solve platform is a Flask web service (python 3.11+) with python workers performing analysis. Jobs are stacked in a redis-queue, and images informations are stored in a postgresql database. All services are well contained inside Docker containers.
Adding new analyzer is easy.
- Copy and addapt the template_analyzer.py file with you name, ie. "myanalyzer.py".
- Add this analyzer to workers.py.
- Import your function
from .analyzers.analyzer import analyze_myanalyzer - Add the function to
analyzersvariables, like other analyzers.
- Import your function
- Add your analyzer name to
TOOL_ORDERin aperisolve.js.
Here is a batch of usefull commands.
docker compose down -v # Remove volume containings results
docker compose -f docker-compose-dev.yml up # Start application in developpement mode
rm -rf aperisolve/results # Remove results from developpement mode
docker exec -it postgres psql -U aperiuser -d aperisolve # Get postgresql shell
docker exec -it aperisolve-web bash # Get shell in running web appNote, if you used docker-compose-dev.yml, you must remove "results" when switching to production docker.
Python code follows the following linters:
- Black
- Flake8 (ignoring E203,E501,W503)
- Pylint (ignoring W0718,R0903,R0801)
- Mypy (ignoring unused-awaitable)
GitHub CI will alert in case of failure.
- PngCheck
- Zsteg extract / --all --> Download
zstegfiles such as mp3 encoded on LSB - Test on mobile
- i18n
- Rootless analyzers ?