aeondave/stegseek
offensive-tools/forensic/stegseek/SKILL.md
Auth/lab ref: high-speed wordlist attacker for steghide-protected files. For you suspect a JPEG/BMP/WAV/AU artifact contains steghide data but extraction is blocked by a passphrase.
$ install --global
skillsauthnpx skillsauth add aeondave/malskill stegseekInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 8, 2026, 3:48 AM145.8s1 file scanned
SKILL.md
- name:
- stegseek
- description:
- Auth/lab ref: high-speed wordlist attacker for steghide-protected files. For you suspect a JPEG/BMP/WAV/AU artifact contains steghide data but extraction is blocked by a passphrase.
- compatibility:
- Linux primary; optimized for steghide-compatible files.
- author:
- AeonDave
- version:
- 1.0
Stegseek
The fast lane for steghide passphrase guessing.
When to use Stegseek
Use Stegseek when you need to:
- attack a suspected steghide carrier with a wordlist
- recover the passphrase or extract the hidden payload quickly
- validate whether a JPEG/BMP/WAV/AU file is worth deeper stego effort
Quick Start
# Try a wordlist against a carrier
stegseek image.jpg rockyou.txt
Practical Workflow
- Confirm the file is plausibly steghide-related.
- Run Stegseek with a good candidate wordlist.
- If a passphrase is found, verify extraction and inspect the recovered payload.
- If nothing lands, revisit assumptions about format and stego family.
Practical Notes
- This tool is purpose-built for steghide scenarios, so use it there first.
- Pair with
steghide infoor prior challenge hints before assuming the wordlist is the problem. - Recovery speed is its selling point; let it answer the obvious question early.
Caveats
- Not every image with hidden data is a steghide target.
- A strong passphrase still wins.
- Success only gets you the payload; you still need to analyze what comes out.
Resources
No bundled scripts/, references/, or assets/.
Use the upstream project docs for extraction behavior, output handling, and troubleshooting.
Related Skills
aeondave/vibe-audit-technique
development
VerifiedTrustedCommunity
White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).
4SKILL.mdUpdated Jun 12, 2026
aeondave/source-review-technique
development
VerifiedTrustedCommunity
Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.
4SKILL.mdUpdated Jun 12, 2026
aeondave/hardware-technique
development
VerifiedTrustedCommunity
Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.
4SKILL.mdUpdated Jun 12, 2026
aeondave/container-technique
devops
VerifiedTrustedCommunity
Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.
4SKILL.mdUpdated Jun 12, 2026