Beneath the Pixels: LSB Steganography Demo in Python Using PNG Files

Written by sleepparalysis | Published 2026/03/11
Tech Story Tags: cybersecurity | anti-forensics | digital-forensics | python-programming | steganography | lsb-steganography | tuckerlsb | png-files

TLDRTuckerLSB is a Python tool that can be used to hide messages in PNG files. It converts plaintext into binary, converts the plaintext to binary, and then converts the binary to a mark. The code is then used to decode the modified image and retrieve the hidden text.via the TL;DR App

Most image files are exactly what they appear to be.
A PNG, if treated with sufficient disrespect, can become something else entirely.

With LSB steganography, a perfectly normal-looking image can carry hidden text without advertising the fact. Nothing dramatic happens on the surface. No visible distortion. No cinematic glitching. Just an ordinary file quietly transporting information it was never hired to carry.

That is what makes the technique useful.

At its core, least significant bit steganography works by modifying the smallest bits in pixel data so slightly that the human eye usually notices nothing. The image remains visually intact. The data underneath becomes compromised in a very organized way. Which, in computing, is often where the fun begins.

What LSB Steganography Actually Does

The process is simple.

You take a plaintext message, convert it into binary, and embed those bits into the least significant bits of pixel values in a PNG. Because the changes happen at the smallest level of the color data, the image still looks normal to casual inspection.

So the file keeps its pleasant civilian appearance while quietly developing a second job.

https://github.com/Anti-Forensics/tuckerlsb?embedable=true

In the original Python implementation, the tool supports two main operations:

  • Encoding, which hides a plaintext message inside a PNG
  • Decoding, which extracts that message later

That’s the entire mechanism. No sorcery. No dramatic red-team cosplay. Just bit manipulation with excellent manners.

The Python Tool

The script, tuckerlsb.py, is built to hide and recover messages from PNG files.

In encode mode, the user provides:

  • an input PNG
  • an output PNG
  • a plaintext message

The script embeds the message and saves the modified image. In decode mode, it reads the altered image and retrieves the hidden text.

Example usage:

python3 tuckerlsb.py --input demo.png --output steg.png --message "Hello my friend!"
python3 tuckerlsb.py --input steg.png --getmessage
> Hello my friend!

The first command hides the message.
The second pulls it back out.

Clean workflow. Minimal noise. Slightly incriminating energy.

Step 1: Convert Text to Binary

Before a message can be buried inside image data, it has to be converted into a binary stream.

The code handles this by looping over each character, converting it to its ASCII value with ord(), and formatting it as an 8-bit binary string.

Example:

binary_string = ''
for char in message:
    binary_char = format(ord(char), '08b')
    binary_string += binary_char
return binary_string

That gives the script a long sequence of bits ready to be written into the image.

Human language always looks a little worse after being reduced to binary. More honest, perhaps. Certainly less sentimental.

Step 2: Convert Binary Back into Text

Decoding reverses the process.

The binary stream is split into 8-bit chunks. Each chunk is converted from base 2 into an integer, then back into a character using chr().

Example:

for i in range(0, len(binary_message), 8):
    byte = binary_message[i:i + 8]
    text += chr(int(byte, 2))

return text

If the embedded data remains intact, the original plaintext is reconstructed exactly.

If it does not, the output becomes nonsense, which is also a fairly accurate summary of many technical environments.

Step 3: Embed the Message in the PNG

This is where the image stops being innocent.

The encoder opens the PNG, converts the plaintext into binary, appends a delimiter to mark the end of the message, and begins walking through pixel data. For each bit, it modifies the least significant bit of a color channel.

The core operation looks like this:

pixel[0] = (pixel[0] & ~1) | bit_to_write

This clears the last bit of the value and replaces it with the next message bit.

The visible effect is usually negligible. The structural effect is more interesting. The image is still an image, but now it’s also a container for hidden data, which is exactly the sort of dual-purpose behavior analysts are paid to distrust.

Once all message bits are written, the modified image is saved.

It looks normal. That’s the point.

Step 4: Extract the Hidden Message

To recover the payload, the decoder reads the least significant bit from each relevant pixel value and rebuilds the binary stream. Once it detects the delimiter, it stops and converts the recovered bits back into text.

Example:

least_significant_bit = pixel[0] & 1
binary_message += str(least_significant_bit)

if binary_message.endswith(self.delimeter):
    binary_message = binary_message[:-16]
    return self.binary_to_text(binary_message)

At that point, the hidden message is back.

No dramatic reveal. Just a PNG quietly confessing under the right conditions.

Why PNG Matters

PNG is a strong choice for LSB steganography because it is lossless.

That detail matters more than people think. This method depends on preserving exact pixel values, and lossless formats do that reliably. A lossy format can alter those carefully embedded bits and destroy the payload.

So the file type is not a cosmetic detail here. It is infrastructure. Ignore that, and the whole operation turns into a confidence trick played against yourself.

Why the Technique Still Matters

LSB steganography is useful because it teaches several things at once:

  • how binary data can be manipulated directly
  • how information can be hidden inside ordinary files
  • why visual normality is not the same thing as data integrity
  • why defenders should treat “looks fine to me” as the beginning of analysis, not the end

That last one tends to survive contact with reality.

Steganography lives in the uncomfortable space between clever engineering and quiet deception. Which makes it educational, practical, and very hard not to admire a little.

Final Thoughts

LSB steganography is not loud. It does not need to be.

With a small amount of Python and a lossless image format, plaintext can be hidden in a way that survives casual inspection and remains invisible to the human eye. The method is simple, but the implications are not.

That is usually the sign of a technique worth learning.

The best tricks in computing rarely kick down the door.
They smile, straighten their tie, and get waved inside.

Written by sleepparalysis | Anti-forensics hides or destroys digital evidence, undermining system confidentiality, integrity, and availability.
Published by HackerNoon on 2026/03/11
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy