How I packaged offline AI, Flask, and Cryptography into a single Python executable 🚀

Nour833 — Sun, 19 Apr 2026 15:09:46 +0000

If you have ever tried to share a complex Python project with a friend or a security analyst, you know the pain.

You hand them the code, and within five minutes, their terminal is throwing errors about missing pip packages, conflicting library versions, or broken machine learning dependencies.

As a Computer Science student, I recently ran into this exact wall while building my open-source digital forensics project, StegoForge. I wanted to build a tool that felt like it belonged in a spy movie—something that could hide AES-encrypted payloads inside the frequency domains of images, videos, and audio files, and hunt them down using artificial intelligence.

The Python code worked flawlessly. The distribution was a nightmare.

Here is how I engineered an architecture to package numpy, offline ML models, a web server, and a rich CLI into a single, zero-dependency executable.

🕵️‍♂️ The Problem: Fragmented Forensics

If you play CTFs (Capture The Flag) or work in DFIR, you know that extracting hidden data (steganography) usually requires piping together half a dozen unmaintained tools like steghide, zsteg, or binwalk.

I wanted to unify this into one framework.

[👇 See the cli demo in action]

🛠️ The Tech Stack

To make this work, the application needed to be heavy:

The Core: I used numpy and scipy to manipulate JPEG DCT (Discrete Cosine Transform) frequency blocks and audio phase spectrums.
The AI Forensics: Instead of relying on cloud APIs, I integrated onnxruntime. On the very first boot, the app pulls HuggingFace CNN models directly to the local machine, caching them so the spatial anomaly detection runs completely offline.
The Visuals: I utilized Pillow to build a diff engine that mathematically compares files and generates amplified, glowing heatmaps of the manipulated pixels.
The Interfaces: I built a modern terminal UI using click and rich, but I also embedded a local Flask server that spins up a glassmorphic Web UI with Server-Sent Events (SSE) for live terminal output in the browser.

📦 The Packaging Nightmare

The goal was to allow a user to simply download a binary and run a command like this without ever touching Python:

stegoforge ctf --file target.png

I used PyInstaller, but standard PyInstaller breaks when you introduce Flask templates and ML bindings. Here is how I solved it:

Hooking the Hidden Imports: I had to write custom .spec files to explicitly tell the compiler to bundle the Flask static and templates folders, ensuring the Web UI didn't just crash on launch.
ONNX Weights: Machine learning models are huge. I set up the architecture so the executable remains lightweight, and the heavy ML weights are only downloaded via ONNX once the user explicitly triggers an AI scan.
Automated CI/CD: I wired up GitHub Actions so that every time I push a new release, it automatically spins up Windows, Ubuntu, and macOS runners, compiles the PyInstaller binaries natively, and drops them into the GitHub releases tab.

🚀 The Result

You can now download the tool, run one command, and it will throw RS Analysis, Chi-square tests, AES brute-forcing, and offline AI at a file to blindly rip out the payload.

Building the steganography algorithms was incredibly fun, but solving the Python deployment puzzle was the real engineering victory.

🔗 You can check out the source code, the .spec files, and the binaries here:
👉 github.com/Nour833/StegoForge

I am always looking to improve the architecture. If you have any feedback on the codebase, the offline ML integration, or ideas for new carrier formats, I would love to hear them in the comments!

DEV Community: Nour833

How I packaged offline AI, Flask, and Cryptography into a single Python executable 🚀

🕵️‍♂️ The Problem: Fragmented Forensics

🛠️ The Tech Stack

📦 The Packaging Nightmare

🚀 The Result