WetStone Technologies

Unfortunately, our new website relies on browser features that are not available in older versions of Internet Explorer. As Microsoft has officially stopped supporting these browsers, we have chosen to do the same. Instead, we recommend that you upgrade Internet Explorer if you are running Windows 7, 8, or 10, or that you download a newer browser, like Mozilla Firefox or Google Chrome.

We at WetStone Technologies thank you for your interest and your patience.

WetStone Technologies,
a Division of SiviSoft

WetStone Technologies: A division of Allen Corporation
WetStone Technologies: A division of Allen Corporation

Command Line Steganalysis and Steganography Detection Tool


StegoCommand Datasheet

StegoCommand - Command line steganography detection

StegoCommand is a command line Linux application that scans specified directories containing files to examine, and generates a report for each scanned file. StegoCommand is simple to use and requires a minimal amount of technical knowledge. StegoCommand builds upon the capabilities of the industry-leading Steganography detection and steganalysis software tool, StegoHunt. Like its Windows-based predecessor, StegoCommand uses a collection of detection algorithms to quickly identify the presence of steganography in suspect carrier files.

Use cases for StegoCommand include: acceptable use policy enforcement, forensic investigations, data breach response, data leak analysis, insider threat identification, and mobile device examination.


StegoCommand supports several “out-of-the-box” file types for scanning for the presence of steganography. In addition to the “out-of-the-box” file types offered, the WetStone Technologies research and development team can work directly with a customer to expand the capabilities to scan for steganography in unique, custom, proprietary or industry-specific file types.

File scan results

StegoCommand has the ability to traverse an unlimited number of nested archive files. Nested archives are often used in an attempt to conceal the presence of data hiding. With StegoCommand, users can be assured that all files in an archive file will be analyzed for the presence of hidden data.

Sample output of StegoCommand


StegoCommand detects and provides comprehensive reports on:

  • statistical anomalies
  • structural anomalies
  • the presence of misplaced binary or UTF-8 data
  • data appending
  • data prepending
  • file name obfuscation
  • the presence of unusual Unicode data
  • Comprehensive reporting

StegoCommand is:

  • Easily deployed in either on-premise or cloud-based environments
  • Scalable to support analysis of very large files and very large data repositories
  • Invoked via a command prompt or PowerShell

Scan in progress


  • JPEG
  • GIF
  • BMP
  • PNG
  • ASCII (txt, csv, xml and html)
  • Archive Files (includes but not limited to ZIP, TAR, JAR, APK, BZ2)
  • HDF5
  • NetCDF4
  • BUFR
  • HDF4
  • HSD (Himawari)


  • Ubuntu
  • Red Hat Enterprise Linux version 7

WetStone Technologies can work directly with a customer to support additional operating systems.


Computer system or virtual machine must meet or exceed the minimum requirements of 4GB RAM and 4 Core Processor.