A modern web application for Unicode steganography - hiding secret messages inside text using invisible Unicode characters.
- Three Embedding Modes: Tail, Interleaved, and ZWJ-aware embedding
- Compression: DEFLATE compression to fit more data in shorter texts
- Encryption: AES-GCM encryption with PBKDF2 key derivation
- Unicode Analysis: Comprehensive text analysis and visualization
- Privacy-First: All processing happens locally in your browser
- Modern UI: Built with Next.js, Tailwind CSS, and shadcn/ui components
- Dark Mode: Default dark theme with light/dark mode toggle
- Responsive Design: Optimized for mobile and desktop devices
- Node.js 18+
- pnpm (recommended) or npm
-
Clone the repository
git clone https://github.com/chinmay29hub/stegmoji.git cd stegmoji -
Install dependencies
pnpm install
-
Start the development server
pnpm dev
-
Open your browser Navigate to http://localhost:3000
- Go to the Encode tab
- Enter your secret message in the "Hidden Message" field
- Enter cover text in the "Cover Text" field
- Choose embedding mode:
- Tail: Appends data at the end (unlimited capacity)
- Interleaved: Inserts between codepoints (limited by text length)
- ZWJ-aware: Inserts between grapheme clusters (preserves emoji)
- Optionally enable compression and/or encryption
- Click "Encode Message" to generate the steganographic text
- Go to the Decode tab
- Paste the encoded text
- Choose detection mode (Auto-detect recommended)
- Enter passphrase if the message was encrypted
- Click "Decode Message" to extract the hidden content
- Go to the Scan tab
- Paste any text to analyze
- View detailed Unicode analysis including:
- Invisible character detection
- Steganography indicators
- Grapheme cluster breakdown
- Normalization effects
Stegmoji uses Unicode Variation Selectors to embed data:
U+FE0E(VS15) represents bit 0U+FE0F(VS16) represents bit 1
These characters are invisible and don't affect text rendering.
- Compression: DEFLATE algorithm reduces payload size
- Encryption: AES-GCM with 256-bit keys
- Key Derivation: PBKDF2 with SHA-256 (100,000 iterations)
- Authentication: GCM provides built-in message authentication
-
Tail Mode: Appends all variation selectors at the end
- ✅ Unlimited capacity
⚠️ Easily detectable by scanning text endings
-
Interleaved Mode: Inserts one bit after each Unicode codepoint
- ✅ Distributes data throughout text
⚠️ Limited by number of characters
-
ZWJ-Aware Mode: Inserts one bit after each grapheme cluster
- ✅ Preserves emoji and complex Unicode sequences
⚠️ Limited by number of visual characters
-
Push to GitHub
git add . git commit -m "Initial commit" git push origin main
-
Deploy with Vercel
- Go to vercel.com
- Import your GitHub repository
- Deploy with default settings (no environment variables needed)
- Your app will be available at:
https://your-project-name.vercel.app
-
Custom Domain (optional)
- Add your domain in Vercel dashboard
- Configure DNS records as instructed
The app can be deployed to any platform that supports Next.js:
- Netlify
- Railway
- Render
- Self-hosted with Docker
stegmoji/
├── app/ # Next.js App Router pages
│ ├── layout.jsx # Root layout with navigation
│ ├── page.jsx # Home page
│ ├── encode/page.jsx # Encoding interface
│ ├── decode/page.jsx # Decoding interface
│ ├── scan/page.jsx # Unicode analysis
│ ├── about/page.jsx # Documentation
│ └── sitemap.xml/ # SEO sitemap
├── components/ # React components
│ ├── ui/ # Reusable UI components
│ ├── theme-provider.jsx # Dark/light mode provider
│ └── client-layout.jsx # Client-side layout
├── lib/ # Core functionality
│ ├── steganography.js # Main steganography logic
│ ├── compression.js # DEFLATE compression
│ ├── encryption.js # AES-GCM encryption
│ ├── unicode.js # Unicode utilities
│ ├── use-dark-mode.js # Dark mode hook
│ └── utils.js # Helper functions
├── __tests__/ # Comprehensive test suite
├── .github/ # GitHub templates and workflows
└── public/ # Static assets
- Next.js 14: React framework with App Router
- Tailwind CSS: Utility-first CSS framework with dark mode support
- Radix UI: Accessible component primitives
- Framer Motion: Smooth animations and transitions
- grapheme-splitter: Unicode grapheme cluster splitting
- pako: DEFLATE compression library
- Web Crypto API: Browser-native encryption
- Jest: Testing framework with comprehensive test coverage
- ESLint: Code linting and formatting
- Chrome 60+
- Firefox 55+
- Safari 11+
- Edge 79+
Requires modern browsers with Web Crypto API support.
- Platform Compatibility: Some platforms strip invisible Unicode characters
- Detection: Steganography can be detected by analyzing character patterns
- Normalization: Text normalization may remove hidden data
- Not Cryptographically Secure: This is steganography, not cryptography
- Test on Target Platform: Verify that invisible characters survive copy-paste
- Use Strong Passphrases: For encrypted messages, use long, random passphrases
- Be Aware of Detection: Hidden data can be discovered through analysis
- Consider Legal Implications: Ensure compliance with local laws
We welcome contributions! Please see our Contributing Guide for details on how to get started.
- Fork the repository and clone your fork
- Create a feature branch:
git checkout -b feature/your-feature-name - Install dependencies:
pnpm install - Start development:
pnpm dev - Make your changes and test them
- Submit a pull request
- 🐛 Bug fixes - Fix issues and improve stability
- ✨ New features - Add new functionality
- 📚 Documentation - Improve docs and examples
- 🧪 Tests - Add or improve test coverage (currently 95%+)
- 🚀 Performance - Optimize code and improve speed
- 🎨 UI/UX - Improve user interface and experience
- ♿ Accessibility - Make the app more accessible
- 🔒 Security - Fix security vulnerabilities
- 🌙 Theme improvements - Enhance dark/light mode experience
# Clone your fork
git clone https://github.com/YOUR_USERNAME/stegmoji.git
cd stegmoji
# Install dependencies
pnpm install
# Start development server
pnpm dev
# Run tests with coverage
pnpm test --coverage
# Run linter
pnpm lint
# Build for production
pnpm build- 📖 Documentation: Check our Contributing Guide
- 💬 Discussions: Use GitHub Discussions for questions
- 🐛 Issues: Create an issue for bugs or feature requests
- 🔒 Security: See SECURITY.md for security issues
This project follows the Contributor Covenant Code of Conduct. By participating, you agree to uphold this code.
This project is licensed under the MIT License - see the LICENSE file for details.
This tool is for educational and legitimate purposes only. Users are responsible for complying with applicable laws and regulations. The authors are not responsible for any misuse of this software.
This application is optimized for performance:
- No obfuscation overhead - Clean, fast JavaScript
- Optimized builds - Source maps disabled in production
- Efficient algorithms - Fast steganography operations
- Modern browser APIs - Native Web Crypto and compression
- Dark mode optimization - Instant theme switching without flash
- Responsive animations - Smooth transitions with Framer Motion
- 🐛 Bug Reports: Use our bug report template
- ✨ Feature Requests: Use our feature request template
- ❓ Questions: Use our question template
- 💬 Discussions: Use GitHub Discussions for general questions
- 📖 Documentation: Check the About page and source code
- 🔒 Security Vulnerabilities: See SECURITY.md for reporting security issues
- 📧 Private Reporting: Email chinmaysonawane57@gmail.com for sensitive issues
- 📝 Contributing Guide: See CONTRIBUTING.md for detailed guidelines
- 🤝 Code of Conduct: See CODE_OF_CONDUCT.md for community guidelines
- 🔄 Pull Requests: Use our PR template
Stegmoji - Hide messages in plain sight with Unicode steganography 🔒
Live Demo: https://chinmay29hub-stegmoji.vercel.app