JPEGsnoop

About

Key Features

• JPEG Internal Structure Decoding: Parses and displays all JPEG markers and segments (SOI, DQT, DHT, SOS, etc.), giving a complete low-level view of the file's internal composition.
• Image Authenticity Detection: Identifies signs of double-compression or re-saving, helping forensics investigators determine whether an image has been altered or manipulated.
• Quantization Table Fingerprinting: Matches a JPEG's quantization tables against a community-sourced database of camera and software signatures to identify the originating device or application.
• EXIF Metadata Viewer: Reads and displays all embedded EXIF data including camera model, GPS location, capture timestamps, and lens details.
• Batch Directory Scanning: Supports scanning entire folders of JPEG images in one pass, making it practical for bulk forensic analysis workflows.

Pros

• Completely Free & Open Source: JPEGsnoop is free to download with no feature restrictions, and the source code is publicly available on GitHub for review or modification.
• Deep Technical Inspection: Provides one of the most thorough JPEG decoding outputs available, making it invaluable for developers, researchers, and forensics professionals.
• Community Signature Database: A crowd-sourced database of quantization table signatures enables accurate identification of the source camera or editing software for a wide range of devices.
• No Installation Required: Distributed as a standalone Windows executable that can be run without a formal installation process.

Cons

• Windows Only: The pre-built application targets Windows exclusively; macOS and Linux users must compile from source, which adds friction for non-developers.
• Dated User Interface: The UI is utilitarian and text-heavy, which may be off-putting for non-technical users who are not familiar with JPEG internals.
• JPEG Format Only: Analysis is limited to JPEG files; other common image formats such as PNG, HEIC, or WebP are not supported.