Steganography is the practice of hiding messages or information within other non-secret text or data and it is usually embedded in images or audio. In the CTFs we must find the clues or flags that have been hidden.

There is a wide range of file types and methods for hiding files/data. Here we will show some of the techniques we can use to get the hidden information.

• First of all, see if there is a type of message that can be seen, such as morse or binary code.
• Check that the file extension is correct. Perhaps the file extension was intentionally changed.
• Look at the properties of the image.
• You can search in Google for keywords the type of file you have found and find a tool that you can use to get the flag.
• Use tools like “file”, “strings”, “exiftool”, “pngcheck”, “binwalk”, “foremost”, “imagemagick”, “steghide”, “hexedit”,”hexdump”, “xxd”, “zsteg”, “stegcracker “,” stegsnow “. You can also help yourself with “wget”,”eog”, “grep”, “md5hash”, “cat”, “katana”.
• If we do grep and only we find a part of the flag, we see if it is packed by upx.
• The famous Stegsolve (for example to perform XOR between images) or https://georgeom.net/StegOnline/image.
• Imagemagick.
• SmartDeblur or photorec to restore images.
• Image partition errors: volatibility.
• Use https://www.tineye.com/ to reverse search the image in the internet.
• Tesseract to convert an image to text.
• Audacity, DeepSound, Sonic Visualiser.
• Spectrum Analyzer: https://academo.org/demos/spectrum-analyzer/.