Steganography Techniques



CyberQ Skill Packs provide direct hands-on, practical experiences in the EC-Council Cyber Range Platform. The CyberQ Skill Pack – Steganography Techniques provides an assembly of 5 distinct exercises covering both Image and Web Steganalysis. Purchasing this product will enable the Learning Path in your CyberQ Account providing up to three attempts for each challenge.


Steganography refers to the art of hiding data “behind” other data without the knowledge of the victim. Thus, steganography hides the existence of a message. It replaces bits of unused data into ordinary files, such as graphics, sound, text, audio, and video with other surreptitious bits. The hidden data can be in the form of plaintext or ciphertext, and sometimes, an image.

Utilizing a graphic image as a cover is the most popular method to conceal the data in files. Unlike encryption, the detection of steganography can be challenging. Thus, steganography techniques are widely used for malicious purposes. For example, attackers can hide a keylogger inside a legitimate image; thus, when the victim clicks on the image, the keylogger captures the victim’s keystrokes. Attackers also use steganography to hide information when encryption is not feasible. In terms of security, it hides the file in an encrypted format, so that even if the attacker decrypts it, the message will remain hidden. Attackers can insert information such as source code for a hacking tool, a list of compromised servers, plans for future attacks, communication and coordination channels, etc.

Steganography is the art and science of writing hidden messages in such a way that no one other than the intended recipient knows of the existence of the message. The increasing use of electronic file formats with new technologies has made data hiding possible. Basic steganography can be broken down into two areas: data hiding and document making. Document making deals with protection against removal. Its further classifications of cover medium include watermarking and fingerprinting.

Steganography Techniques Covered in the Learning Path:

  • Image Steganography
  • Web Steganography
Skill ID Statement
S0001 Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
S0009 Skill in assessing the robustness of security systems and designs.
S0044 Skill in mimicking threat behaviors.
S0051 Skill in the use of penetration testing tools and techniques.
S0137 Skill in conducting application vulnerability assessments.
S0164 Skill in assessing the application of cryptographic standards.
S0364 Skill to develop insights about the context of an organization’s threat environment
  • Blue Team Technician
  • Red Team Technician
  • Computer Network Defense (CND) Auditor
  • Ethical Hacker
  • Information Security Engineer
  • Internal Enterprise Auditor
  • Penetration Tester
  • Network Security Engineer
  • Reverse Engineer
  • Risk/Vulnerability Analyst
  • Technical Surveillance Countermeasures Technician
  • Vulnerability Manager

Environment Screenshots