Hide data inside images.
Encrypt your message, then weave it into the pixels of a normal-looking photo. No encrypted file sitting on your drive. Just a picture, statistically indistinguishable from any other.
Choose a cover image
Secret message
Password
Image containing hidden data
Password
How steganography works.
Your message is encrypted with AES-256, then each bit of ciphertext is written into the least-significant bit of an image pixel. Three bits per pixel; the colour change is far below what the eye can detect, and far below the noise floor of any normal photograph. The output is a standard PNG that opens in any viewer.
The trick is what's missing. There's no encrypted file on disk asking to be explained. No .enc extension. No high-entropy block in the file headers. To anyone short of a forensic stego-scanner, it's a holiday snap.
Combine it with deny.sh deniable encryption and you get two layers: the encrypted data hides inside the image (steganography), and if it's ever extracted and decrypted, it can resolve to a decoy instead of the truth (deniability).
Capacity rule of thumb: a 1000×1000 PNG holds about 366KB of hidden data. A 12-word BIP-39 seed phrase is under 100 bytes. Plenty of headroom.
Everything runs in your browser.
No server uploads. No API calls. Your image and message never leave your machine.
Need to do this at scale? The steganography API does the same thing server-side, with batch processing and webhook notifications.
FAQ.
Can someone tell the image has hidden data?
Not visually. The changes are in the least significant bits of pixel data, invisible to the human eye. Statistical analysis (chi-square, RS analysis) can detect steganography in some cases, but combined with deny.sh's encryption the hidden data is indistinguishable from noise.
What image formats are supported?
Input: PNG, JPEG, or WebP. Output is always PNG (lossless), because lossy compression (JPEG) destroys the hidden data. If you upload a JPEG, it's converted to PNG before embedding.
How much data can I hide?
Roughly 3 bits per pixel. A 1000x1000 image holds about 366KB. A 12-word seed phrase is under 100 bytes, so even a small image has plenty of capacity. The tool shows available capacity before you embed.
Will social media compress away the hidden data?
Yes. Platforms like Instagram, WhatsApp, and X re-compress images, which destroys the steganographic payload. Store and share the original PNG file directly (email, cloud drive, USB, AirDrop, Signal in document mode). Don't rely on social media as a delivery mechanism.
Is hiding data in a photo really safer than just encrypting it?
It depends on the threat. Pure encryption protects the contents but advertises that something is being protected. Anyone who comes across an obviously-encrypted file knows there's something inside worth protecting. Steganography removes that signal. The strongest setup uses both: encrypt the data deniably, then hide the ciphertext inside an image. If the image leaks but no one knows it carries data, the data stays hidden. If someone does extract it and tries the wrong password, they get the decoy. The data fails closed at every layer.
What makes a good cover image?
Anything photographic with natural noise: landscapes, food, family snaps, screenshots of busy scenes. Avoid flat colour gradients, cartoon graphics, or simple logos: those have low pixel variance, so embedded data shows up as faint statistical anomalies. A normal phone photo is ideal cover.