Hide data inside images. Programmatically.

No encrypted files on disk. No suspicious filenames. No metadata. Just a photo that happens to contain your data, encrypted with AES-256, embedded in the least significant bits. Invisible to the eye. Undetectable by analysis.

Get API key Try in browser

How it works.

📸

Upload a cover image

Any PNG, JPEG, or WebP. A holiday photo. A product shot. A meme. The image is the container. It looks normal because it is normal.

🔐

Encrypt and embed

Your data is encrypted with AES-256, then each bit is stored in the least significant bit of each pixel. The visual difference is below the threshold of human perception. The output is a valid PNG.

📤

Distribute freely

Email it. Upload it. Post it publicly. Nobody knows the image contains data. Without the password, there's no indication anything is hidden. With the password, you get your data back.

API.

# Hide data inside an image
curl -X POST https://deny.sh/api/stego/hide \
  -H "Authorization: Bearer dk_your_key" \
  -H "Content-Type: application/json" \
  -d '{
    "imageBase64": "'$(base64 -w0 photo.png)'",
    "message": "seed phrase goes here",
    "password": "your-password"
  }'

# Extract data from a stego image
curl -X POST https://deny.sh/api/stego/extract \
  -H "Authorization: Bearer dk_your_key" \
  -H "Content-Type: application/json" \
  -d '{
    "imageBase64": "'$(base64 -w0 output.png)'",
    "password": "your-password"
  }'

# → { "message": "seed phrase goes here", "payloadSize": 312 }
// Node.js SDK
import { stego } from 'deny-sh';

// Hide data
const result = await stego.hide(imageBuffer, 'secret data', 'password');
// result.image → PNG buffer with hidden data

// Extract data
const extracted = await stego.extract(stegoBuffer, 'password');
// extracted.message → 'secret data'

A 1000x1000 pixel image holds about 366KB of hidden data. A 12-word seed phrase is about 100 bytes.

Use cases beyond crypto.

Source protection

Journalists embed source material inside stock photos. If a device is seized, there are no encrypted files to find. Just a camera roll full of normal images.

Content authentication

Embed provenance data inside images at creation time. Downstream consumers extract the metadata to verify origin. Invisible to viewers. Available to verifiers.

Digital watermarking

Embed unique identifiers in images distributed to different parties. If a leak occurs, extract the watermark to identify the source. No visible alteration.

Secure document transport

Move sensitive documents across borders as images. A photo library doesn't attract attention. An encrypted archive does. Same data, different container.

Pricing.

Free

$0
  • 500 API calls/month
  • Max 5MB cover images
  • PNG output
  • AES-256 encryption
  • Browser tool (unlimited)
Get API key

Pro

$29/mo
  • 10,000 API calls/month
  • Max 25MB cover images
  • PNG + WebP output
  • AES-256 encryption
  • Batch processing
  • Webhook notifications
  • Email support
Get your API key

Enterprise

Custom
  • Unlimited API calls
  • Unlimited image size
  • All output formats
  • Dedicated endpoints
  • Custom encryption options
  • On-premise deployment
  • SLA + priority support
Contact us

Two layers. Neither detectable.

Steganography hides the container. Deniable encryption protects the contents. Combined: the data is invisible inside the image, and if someone does extract it, it decrypts to a decoy. The real content is behind a different key.

Try in browser Protect a seed phrase

The best encryption is the kind nobody knows is there.

Get your API key