evilfonttool 2.0.0__tar.gz

evilfonttool-2.0.0/.github/workflows/python-publish.yml

@@ -0,0 +1,70 @@
+# This workflow will upload a Python Package to PyPI when a release is created
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: Upload Python Package
+
+on:
+  release:
+    types: [published]
+
+permissions:
+  contents: read
+
+jobs:
+  release-build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.x"
+
+      - name: Build release distributions
+        run: |
+          # NOTE: put your own distribution build steps here.
+          python -m pip install build
+          python -m build
+
+      - name: Upload distributions
+        uses: actions/upload-artifact@v4
+        with:
+          name: release-dists
+          path: dist/
+
+  pypi-publish:
+    runs-on: ubuntu-latest
+    needs:
+      - release-build
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
+
+    # Dedicated environments with protections for publishing are strongly recommended.
+    # For more information, see: https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules
+    environment:
+      name: pypi
+      # OPTIONAL: uncomment and update to include your PyPI project URL in the deployment status:
+      # url: https://pypi.org/p/YOURPROJECT
+      #
+      # ALTERNATIVE: if your GitHub Release name is the PyPI project version string
+      # ALTERNATIVE: exactly, uncomment the following line instead:
+      # url: https://pypi.org/project/YOURPROJECT/${{ github.event.release.name }}
+
+    steps:
+      - name: Retrieve release distributions
+        uses: actions/download-artifact@v4
+        with:
+          name: release-dists
+          path: dist/
+
+      - name: Publish release distributions to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          packages-dir: dist/

evilfonttool-2.0.0/.gitignore

@@ -0,0 +1,6 @@
+.venv
+__pycache__/
+*.egg-info/
+dist/
+build/
+*.pyc

evilfonttool-2.0.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Andrew Griess
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

evilfonttool-2.0.0/PKG-INFO

@@ -0,0 +1,149 @@
+Metadata-Version: 2.4
+Name: evilfonttool
+Version: 2.0.0
+Summary: Evil Font steganography tool for security research
+License-Expression: MIT
+License-File: LICENSE
+Requires-Python: >=3.9
+Requires-Dist: brotli
+Requires-Dist: fonttools
+Requires-Dist: python-docx
+Description-Content-Type: text/markdown
+
+# EvilFontTool
+
+> **A font-based deception tool for red teaming, security research, and whatever else.**
+
+EvilFontTool hides machine-readable text inside a document that displays completely different text to a human reader. It does this using **Evil Fonts** — fonts that intentionally deceive the viewer by rendering a different letter than understood by a computer. By remapping font glyphs, the document's visible characters show humans one thing while terminals, AI systems, and clipboard copy paste see another.
+
+## Evil Font Demo !!DON'T MISS THIS!!
+
+**[View the Demo → Here](https://doctoreww.github.io/EvilFontTool/)** *(hosted on GitHub Pages)*
+
+---
+
+## Table of Contents
+
+- [Installation](#installation)
+- [Usage](#usage)
+- [Ethical Use & Disclaimer](#ethical-use--disclaimer)
+- [Contributing](#contributing)
+
+---
+
+## [How It Works — Blog Post Coming Soon](#)
+
+---
+
+## Installation
+
+```bash
+git clone https://github.com/DoctorEww/EvilFontTool.git
+cd EvilFontTool
+pip install .
+```
+
+For development (editable install):
+
+```bash
+pip install -e .
+```
+
+### Dependencies
+- `fonttools` — font parsing and manipulation
+- `python-docx` — DOCX generation
+
+---
+## Where can I find fonts to use?
+
+* Ubuntu: `/usr/share/fonts`
+* Windows: `C:\Windows\Fonts`
+* https://fonts.google.com/
+* The internet??
+
+
+---
+
+
+## Usage
+
+All functionality is exposed via a single CLI with three subcommands.
+
+### `create` — Generate the font family for use in HTML or DOC files
+
+```bash
+evilfonttool create <reference_font> <output_dir> <font_name>
+```
+
+| Argument | Description |
+|---|---|
+| `reference_font` | Path to a `.ttf` or `.woff` source font |
+| `output_dir` | Directory to write fonts and CSS into |
+| `font_name` | Internal name prefix for the generated font family |
+
+**Example:**
+```bash
+evilfonttool create fonts/Arial.ttf output/ 'Arial'
+```
+
+Outputs:
+- `output/fonts/*.woff` — web fonts, one per character
+- `output/ttffonts/*.ttf` — TTF fonts for document embedding
+- `output/fonts.css` — `@font-face` declarations for web use
+
+---
+
+### `web` — Generate an evil font HTML file
+
+```bash
+evilfonttool web <human_file> <computer_file> <output_file>
+```
+
+> Requires `fonts.css` and the generated fonts to be in the output directory so the HTML file can use it (or change the path in the HTML file).
+
+**Example:**
+```bash
+evilfonttool web human.txt computer.txt output/index.html
+```
+
+---
+
+### `doc` — Generate a evil font DOCX file
+
+```bash
+evilfonttool doc <human_file> <computer_file> <output_file> <font_name>
+```
+
+> The `font_name` must match the name used in the `create` step. The TTF fonts must be installed on the system or embedded in the document. When saving the doc file you can choose in the file -> options -> save to embed the fonts in the file so its portable. 
+
+**Example:**
+```bash
+evilfonttool doc human.txt computer.txt output/secret.docx MyFont
+```
+
+---
+
+### Input File Format
+
+- Plain `.txt` files, one sentence or phrase per line
+- Each line in `computer_file` must be **equal to or longer** than the corresponding line in `human_file`
+- Lines are matched positionally (line 1 to line 1, etc.)
+
+---
+
+## Ethical Use & Disclaimer
+
+**You are responsible for how you use this tool.** Deploying this technique against systems or individuals without explicit authorization is unethical and may be illegal. The authors provide this tool to help defenders understand and test for this class of vulnerability — not to enable attacks.
+
+---
+
+## Contributing
+
+Contributions are welcome. If you've found a new attack surface, an improvement to the font generation pipeline, or a defense technique worth documenting, please open an issue or PR.
+
+1. Fork the repo
+2. Create a feature branch (`git checkout -b feature/my-feature`)
+3. Commit your changes
+4. Open a pull request with a clear description of what changed and why
+
+

evilfonttool-2.0.0/README.md

@@ -0,0 +1,137 @@
+# EvilFontTool
+
+> **A font-based deception tool for red teaming, security research, and whatever else.**
+
+EvilFontTool hides machine-readable text inside a document that displays completely different text to a human reader. It does this using **Evil Fonts** — fonts that intentionally deceive the viewer by rendering a different letter than understood by a computer. By remapping font glyphs, the document's visible characters show humans one thing while terminals, AI systems, and clipboard copy paste see another.
+
+## Evil Font Demo !!DON'T MISS THIS!!
+
+**[View the Demo → Here](https://doctoreww.github.io/EvilFontTool/)** *(hosted on GitHub Pages)*
+
+---
+
+## Table of Contents
+
+- [Installation](#installation)
+- [Usage](#usage)
+- [Ethical Use & Disclaimer](#ethical-use--disclaimer)
+- [Contributing](#contributing)
+
+---
+
+## [How It Works — Blog Post Coming Soon](#)
+
+---
+
+## Installation
+
+```bash
+git clone https://github.com/DoctorEww/EvilFontTool.git
+cd EvilFontTool
+pip install .
+```
+
+For development (editable install):
+
+```bash
+pip install -e .
+```
+
+### Dependencies
+- `fonttools` — font parsing and manipulation
+- `python-docx` — DOCX generation
+
+---
+## Where can I find fonts to use?
+
+* Ubuntu: `/usr/share/fonts`
+* Windows: `C:\Windows\Fonts`
+* https://fonts.google.com/
+* The internet??
+
+
+---
+
+
+## Usage
+
+All functionality is exposed via a single CLI with three subcommands.
+
+### `create` — Generate the font family for use in HTML or DOC files
+
+```bash
+evilfonttool create <reference_font> <output_dir> <font_name>
+```
+
+| Argument | Description |
+|---|---|
+| `reference_font` | Path to a `.ttf` or `.woff` source font |
+| `output_dir` | Directory to write fonts and CSS into |
+| `font_name` | Internal name prefix for the generated font family |
+
+**Example:**
+```bash
+evilfonttool create fonts/Arial.ttf output/ 'Arial'
+```
+
+Outputs:
+- `output/fonts/*.woff` — web fonts, one per character
+- `output/ttffonts/*.ttf` — TTF fonts for document embedding
+- `output/fonts.css` — `@font-face` declarations for web use
+
+---
+
+### `web` — Generate an evil font HTML file
+
+```bash
+evilfonttool web <human_file> <computer_file> <output_file>
+```
+
+> Requires `fonts.css` and the generated fonts to be in the output directory so the HTML file can use it (or change the path in the HTML file).
+
+**Example:**
+```bash
+evilfonttool web human.txt computer.txt output/index.html
+```
+
+---
+
+### `doc` — Generate a evil font DOCX file
+
+```bash
+evilfonttool doc <human_file> <computer_file> <output_file> <font_name>
+```
+
+> The `font_name` must match the name used in the `create` step. The TTF fonts must be installed on the system or embedded in the document. When saving the doc file you can choose in the file -> options -> save to embed the fonts in the file so its portable. 
+
+**Example:**
+```bash
+evilfonttool doc human.txt computer.txt output/secret.docx MyFont
+```
+
+---
+
+### Input File Format
+
+- Plain `.txt` files, one sentence or phrase per line
+- Each line in `computer_file` must be **equal to or longer** than the corresponding line in `human_file`
+- Lines are matched positionally (line 1 to line 1, etc.)
+
+---
+
+## Ethical Use & Disclaimer
+
+**You are responsible for how you use this tool.** Deploying this technique against systems or individuals without explicit authorization is unethical and may be illegal. The authors provide this tool to help defenders understand and test for this class of vulnerability — not to enable attacks.
+
+---
+
+## Contributing
+
+Contributions are welcome. If you've found a new attack surface, an improvement to the font generation pipeline, or a defense technique worth documenting, please open an issue or PR.
+
+1. Fork the repo
+2. Create a feature branch (`git checkout -b feature/my-feature`)
+3. Commit your changes
+4. Open a pull request with a clear description of what changed and why
+
+

evilfonttool-2.0.0/pyproject.toml

@@ -0,0 +1,22 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "evilfonttool"
+version = "2.0.0"
+description = "Evil Font steganography tool for security research"
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.9"
+dependencies = [
+    "fonttools",
+    "python-docx",
+    "brotli",
+]
+
+[project.scripts]
+evilfonttool = "evilfonttool.cli:main"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/evilfonttool"]

evilfonttool-2.0.0/src/evilfonttool/__init__.py

@@ -0,0 +1,8 @@
+from evilfonttool._core import (
+    createfonts,
+    createstealthfont,
+    createhtml,
+    create_doc,
+)
+
+__all__ = ["createfonts", "createstealthfont", "createhtml", "create_doc"]

evilfonttool-2.0.0/src/evilfonttool/__main__.py

@@ -0,0 +1,3 @@
+from evilfonttool.cli import main
+
+main()

evilfonttool-2.0.0/src/evilfonttool/_core.py

@@ -0,0 +1,363 @@
+import copy
+import logging
+import pathlib
+import string
+
+from fontTools.ttLib import TTFont
+from docx import Document
+from docx.oxml.ns import qn
+
+logger = logging.getLogger(__name__)
+
+
+# ---------------------------------------------------------------------------
+# Configuration
+# ---------------------------------------------------------------------------
+
+# The set of characters to include in the font family.
+# Modify this to limit which characters are processed.
+LETTERS = (
+    string.ascii_lowercase
+    + " "
+    + string.punctuation
+    + string.ascii_uppercase
+    + string.digits
+)
+
+# Advance width for invisible (stealth) characters.
+# 0 works for most renderers, but some applications may behave unexpectedly.
+WIDTH = 0
+
+# Path to the bundled HTML template.
+_TEMPLATE = pathlib.Path(__file__).parent / "data" / "template.html"
+
+
+# ---------------------------------------------------------------------------
+# Font helpers
+# ---------------------------------------------------------------------------
+
+def _get_unicode_cmap(font):
+    """Return the first suitable Windows Unicode cmap subtable (format 4 or 12).
+
+    Raises ValueError if none is found.
+    """
+    for table in font['cmap'].tables:
+        if (table.format in (4, 12)
+                and table.platformID == 3
+                and table.platEncID in (1, 10)):
+            return table
+    raise ValueError("No suitable Unicode cmap subtable found in the font.")
+
+
+def _remove_layout_tables(font):
+    """Remove OpenType tables that control ligatures, kerning, and substitution.
+
+    These tables operate on glyph names rather than cmap entries, so they can
+    override our remapping in unpredictable ways depending on surrounding characters.
+    """
+    for tag in ('GSUB', 'GPOS', 'kern', 'GDEF'):
+        if tag in font:
+            del font[tag]
+
+
+def _rename_font(font, new_name):
+    """Overwrite the family name records in the font's name table."""
+    for record in font['name'].names:
+        if record.nameID in (1, 4, 6):
+            record.string = new_name.encode("utf-16-be")
+
+
+# ---------------------------------------------------------------------------
+# Core font generation
+# ---------------------------------------------------------------------------
+
+def createstealthfont(reference_font, output_dir, font_name):
+    """Generate a stealth font where every character renders as an invisible space.
+
+    The stealth font is used to hide the extra computer-file characters that
+    have no corresponding human-file character to disguise themselves as.
+    It is saved as both WOFF (web) and TTF (document/desktop).
+    """
+    font = TTFont(reference_font)
+    unicode_cmap = _get_unicode_cmap(font)
+
+    # Use the space glyph as the target — all other characters will map to it
+    space_glyph_name = unicode_cmap.cmap.get(ord(" "))
+
+    # Remap every character in LETTERS to the space glyph and zero its advance width
+    for table in font['cmap'].tables:
+        for char in LETTERS:
+            if ord(char) in table.cmap:
+                table.cmap[ord(char)] = space_glyph_name
+                font['hmtx'].metrics[space_glyph_name] = (
+                    WIDTH,
+                    font['hmtx'].metrics[space_glyph_name][1],
+                )
+
+    _remove_layout_tables(font)
+
+    # Internal font name for the stealth variant uses "0" as a sentinel
+    new_name = f'{font_name} 0'
+    _rename_font(font, new_name)
+    logger.debug(f"  Stealth font internal name: {new_name}")
+
+    # Append the @font-face CSS rule for the stealth font
+    with open(f'{output_dir}/fonts.css', "a") as css_file:
+        css_file.write(
+            "@font-face {"
+            'font-family: "0";'
+            'src: url("fonts/0.woff") format(\'woff\');'
+            "}"
+        )
+
+    # Save WOFF (flavor must be set explicitly) then TTF
+    font.flavor = 'woff'
+    font.save(f'{output_dir}/fonts/0.woff')
+    font.flavor = None
+    font.save(f'{output_dir}/ttffonts/0.ttf')
+
+    logger.debug(f"[DONE] stealth font -> {output_dir}/fonts/0.woff + ttffonts/0.ttf")
+
+
+def createfonts(reference_font, output_dir, font_name):
+    """Generate one Evil Font variant per character in LETTERS.
+
+    In each variant, every character's glyph is replaced with the glyph for
+    `currentletter`. This means that no matter what Unicode byte is stored in
+    the document, the renderer will draw `currentletter` — the core Evil Font trick.
+
+    Also writes all @font-face rules to fonts.css (overwrites any existing file).
+    """
+    logger.debug(f"Source font:  {reference_font}")
+    logger.debug(f"Output dir:   {output_dir}")
+    logger.debug(f"Characters:   {len(LETTERS)} variants to generate")
+
+    with open(f'{output_dir}/fonts.css', "w") as css_file:
+
+        for currentletter in LETTERS:
+            # Load a fresh copy of the font for each variant to avoid cross-contamination
+            font = TTFont(reference_font)
+            font.recalcBBoxes = False
+
+            unicode_cmap = _get_unicode_cmap(font)
+
+            # Get the source glyph and its advance width for this letter
+            source_glyph_name = unicode_cmap.cmap.get(ord(currentletter))
+            source_width = font['hmtx'].metrics[source_glyph_name][0]
+
+            # Take a deep copy of the source glyph to use as a stamp
+            source_glyph = copy.deepcopy(font['glyf'][source_glyph_name])
+
+            # Remap every other character in LETTERS to look like currentletter
+            for table in font['cmap'].tables:
+                for char in LETTERS:
+                    if char == currentletter:
+                        continue
+                    if ord(char) not in table.cmap:
+                        continue
+
+                    target_glyph_name = table.cmap[ord(char)]
+                    target_original = font['glyf'][target_glyph_name]
+
+                    # Preserve the target's original bounding box so that
+                    # spacing and baseline positioning remain correct
+                    orig_xMin = getattr(target_original, 'xMin', 0)
+                    orig_yMax = getattr(target_original, 'yMax', 0)
+                    orig_yMin = getattr(target_original, 'yMin', 0)
+
+                    # Stamp a copy of the source glyph into the target slot
+                    font['glyf'][target_glyph_name] = copy.deepcopy(source_glyph)
+
+                    # Restore the vertical bounds (keeps line height consistent)
+                    font['glyf'][target_glyph_name].yMax = orig_yMax
+                    font['glyf'][target_glyph_name].yMin = orig_yMin
+
+                    # Match advance width to source; preserve original LSB for positioning
+                    font['hmtx'].metrics[target_glyph_name] = (source_width, orig_xMin)
+
+            _remove_layout_tables(font)
+
+            # Each font variant is named using the hex encoding of the letter
+            # so the name is unique and safely usable as a filename
+            letter_hex = currentletter.encode().hex()
+            new_name = f'{font_name} {letter_hex}'
+            _rename_font(font, new_name)
+
+            # Save as WOFF for web use and TTF for document/desktop use
+            font.flavor = 'woff'
+            font.save(f'{output_dir}/fonts/{letter_hex}.woff')
+            font.flavor = None
+            font.save(f'{output_dir}/ttffonts/{letter_hex}.ttf')
+
+            # Write the @font-face rule for this variant
+            css_file.write(
+                f'@font-face {{'
+                f'font-family: "{letter_hex}";'
+                f'src: url("fonts/{letter_hex}.woff") format(\'woff\');'
+                f'}}'
+            )
+
+            logger.debug(f"  [{letter_hex}] '{currentletter}' -> {output_dir}/fonts/{letter_hex}.woff + ttffonts/{letter_hex}.ttf")
+
+
+# ---------------------------------------------------------------------------
+# HTML output
+# ---------------------------------------------------------------------------
+
+def _write_html(output_file, content):
+    """Inject `content` into the bundled HTML template and write to `output_file`."""
+    html = _TEMPLATE.read_text()
+    html = html.replace("<!-- #STUFF HERE -->", content)
+    with open(output_file, "w") as f:
+        f.write(html)
+
+
+def createhtml(input_human_file, input_computer_file, output_file):
+    """Build a steganographic HTML file from human and computer text files.
+
+    Each character from the computer file is wrapped in a <span> that applies
+    an Evil Font chosen by the corresponding human file character. To a human
+    reading the rendered page, the text looks like the human file. A machine
+    parsing the raw HTML sees the computer file.
+
+    Lines where the computer text is shorter than the human text are skipped.
+    Extra computer characters (beyond the human line length) are hidden using
+    the stealth font (font-family: '0').
+    """
+    logger.debug(f"Human file:    {input_human_file}")
+    logger.debug(f"Computer file: {input_computer_file}")
+    logger.debug(f"Output file:   {output_file}")
+
+    spans = []
+    lines_processed = 0
+    total_hidden = 0
+    line_number = 0
+
+    with open(input_human_file, "r") as human_file, \
+         open(input_computer_file, "r") as computer_file:
+
+        for human_line, computer_line in zip(
+            (l.rstrip('\n') for l in human_file),
+            (l.rstrip('\n') for l in computer_file),
+        ):
+            h_len = len(human_line)
+            c_len = len(computer_line)
+
+            line_number += 1
+            logger.debug(f"Human   ({h_len} chars): {human_line}")
+            logger.debug(f"Computer({c_len} chars): {computer_line}")
+
+            if c_len < h_len:
+                logger.warning(f"  Skipping line {line_number}: computer line must be >= human line length.")
+                continue
+
+            # Extra computer characters are inserted at the midpoint of the human text
+            diff = c_len - h_len
+            mid = h_len // 2
+
+            logger.debug(f"  diff={diff}, hidden chars inserted at mid={mid}")
+
+            line_spans = []
+            h_index = 0
+
+            for i, computer_char in enumerate(computer_line):
+                if mid <= i < mid + diff:
+                    # Hidden character — rendered invisibly using the stealth font
+                    line_spans.append(
+                        f"<span style=\"font-family: '0';\">{computer_char}</span>"
+                    )
+                else:
+                    # Visible character — disguised as the corresponding human character
+                    human_char = human_line[h_index]
+                    letter_hex = human_char.encode().hex()
+                    line_spans.append(
+                        f"<span style=\"font-family: '{letter_hex}';\">{computer_char}</span>"
+                    )
+                    h_index += 1
+
+            spans.append("".join(line_spans))
+            lines_processed += 1
+            total_hidden += diff
+
+    _write_html(output_file, "\n<br>\n".join(spans))
+    logger.debug(f"[DONE] HTML written -> {output_file} ({lines_processed} lines, {total_hidden} hidden chars)")
+
+
+# ---------------------------------------------------------------------------
+# DOCX output
+# ---------------------------------------------------------------------------
+
+def create_doc(input_human_file, input_computer_file, output_file, font_name_in):
+    """Build a steganographic DOCX file from human and computer text files.
+
+    Works identically to createhtml() but outputs a Word document. Each run is
+    assigned an Evil Font by setting all four font slots (ascii, hAnsi, eastAsia,
+    cs) to prevent Word from falling back to a system font.
+
+    The TTF variants of the Evil Fonts must be installed on the system (or
+    embedded in the document) for the deception to render correctly in Word.
+
+    Lines where the computer text is shorter than the human text are skipped.
+    """
+    logger.debug(f"Human file:    {input_human_file}")
+    logger.debug(f"Computer file: {input_computer_file}")
+    logger.debug(f"Output file:   {output_file}")
+    logger.debug(f"Font family:   {font_name_in}")
+
+    doc = Document()
+    lines_processed = 0
+    total_hidden = 0
+    line_number = 0
+
+    with open(input_human_file, "r") as human_file, \
+         open(input_computer_file, "r") as computer_file:
+
+        for human_line, computer_line in zip(
+            (l.rstrip('\n') for l in human_file),
+            (l.rstrip('\n') for l in computer_file),
+        ):
+            h_len = len(human_line)
+            c_len = len(computer_line)
+
+            line_number += 1
+            logger.debug(f"Human   ({h_len} chars): {human_line}")
+            logger.debug(f"Computer({c_len} chars): {computer_line}")
+
+            if c_len < h_len:
+                logger.warning(f"  Skipping line {line_number}: computer line must be >= human line length.")
+                continue
+
+            diff = c_len - h_len
+            mid = h_len // 2
+
+            logger.debug(f"  diff={diff}, hidden chars inserted at mid={mid}")
+
+            p = doc.add_paragraph()
+            h_index = 0
+
+            for i, computer_char in enumerate(computer_line):
+                if mid <= i < mid + diff:
+                    # Hidden character — use the stealth (zero-width) font
+                    font_name = f'{font_name_in} 0'
+                else:
+                    # Visible character — disguised as the corresponding human character
+                    human_char = human_line[h_index]
+                    font_name = f'{font_name_in} {human_char.encode().hex()}'
+                    h_index += 1
+
+                # Add a run and explicitly set all four font slots.
+                # Word will fall back to a system font if any slot is unset,
+                # which would break the illusion.
+                run = p.add_run(computer_char)
+                run.font.name = font_name
+                rFonts = run._element.rPr.rFonts
+                rFonts.set(qn("w:ascii"),   font_name)
+                rFonts.set(qn("w:hAnsi"),   font_name)
+                rFonts.set(qn("w:eastAsia"), font_name)
+                rFonts.set(qn("w:cs"),      font_name)
+
+            lines_processed += 1
+            total_hidden += diff
+
+    doc.save(output_file)
+    logger.debug(f"[DONE] DOCX written -> {output_file} ({lines_processed} lines, {total_hidden} hidden chars)")

evilfonttool-2.0.0/src/evilfonttool/cli.py

@@ -0,0 +1,107 @@
+import argparse
+import logging
+import os
+import sys
+
+from evilfonttool._core import createfonts, createstealthfont, createhtml, create_doc
+
+logger = logging.getLogger(__name__)
+
+
+def setup_parser():
+    parser = argparse.ArgumentParser(
+        description="EvilFontTool — Evil Font steganography tool for security research.",
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+    )
+    parser.add_argument(
+        '--log',
+        default='WARNING',
+        metavar='LEVEL',
+        help='Log level: DEBUG, INFO, WARNING, ERROR (default: WARNING).',
+    )
+    subparsers = parser.add_subparsers(dest='command', required=True)
+
+    # --- create ---
+    create_parser = subparsers.add_parser(
+        'create',
+        help='Generate an Evil Font family from a reference font.',
+        description=(
+            'Produces one font variant per printable character plus a stealth font, '
+            'along with a fonts.css file for web use.'
+        ),
+    )
+    create_parser.add_argument('reference_font', help='Path to the source .ttf font file.')
+    create_parser.add_argument('output_dir',     help='Directory to write fonts and CSS into.')
+    create_parser.add_argument('font_name',      help='Internal name prefix for the font family.')
+
+    # --- web ---
+    web_parser = subparsers.add_parser(
+        'web',
+        help='Generate a steganographic HTML file.',
+        description=(
+            'Wraps computer-file characters in Evil Font spans so the page displays '
+            'human-file text visually while the raw HTML contains the computer text. '
+            'fonts.css must be present in the output directory.'
+        ),
+    )
+    web_parser.add_argument('input_human_file',    help='Text visible to human readers.')
+    web_parser.add_argument('input_computer_file', help='Text visible to machines / AI.')
+    web_parser.add_argument('output_file',         help='Path for the generated HTML file.')
+
+    # --- doc ---
+    doc_parser = subparsers.add_parser(
+        'doc',
+        help='Generate a steganographic DOCX file.',
+        description=(
+            'Produces a Word document using Evil Fonts so the displayed text differs '
+            'from the underlying Unicode. font_name must match the value used in create.'
+        ),
+    )
+    doc_parser.add_argument('input_human_file',    help='Text visible to human readers.')
+    doc_parser.add_argument('input_computer_file', help='Text visible to machines / AI.')
+    doc_parser.add_argument('output_file',         help='Path for the generated DOCX file.')
+    doc_parser.add_argument('font_name',           help='Font family name (must match create step).')
+
+    return parser
+
+
+def main():
+    parser = setup_parser()
+    args = parser.parse_args()
+
+    level = getattr(logging, args.log.upper(), None)
+    if not isinstance(level, int):
+        print(f"Error: invalid log level '{args.log}'. Choose from DEBUG, INFO, WARNING, ERROR.", file=sys.stderr)
+        sys.exit(1)
+
+    logging.basicConfig(level=level, format='%(message)s', stream=sys.stderr)
+
+    if args.command == 'create':
+        if not os.path.isfile(args.reference_font):
+            logger.error("'%s' does not exist.", args.reference_font)
+            sys.exit(1)
+
+        for subdir in ('', '/fonts', '/ttffonts'):
+            os.makedirs(args.output_dir + subdir, exist_ok=True)
+
+        createfonts(args.reference_font, args.output_dir, args.font_name)
+        createstealthfont(args.reference_font, args.output_dir, args.font_name)
+
+    elif args.command == 'web':
+        for path in (args.input_human_file, args.input_computer_file):
+            if not os.path.isfile(path):
+                logger.error("'%s' does not exist.", path)
+                sys.exit(1)
+        createhtml(args.input_human_file, args.input_computer_file, args.output_file)
+
+    elif args.command == 'doc':
+        for path in (args.input_human_file, args.input_computer_file):
+            if not os.path.isfile(path):
+                logger.error("'%s' does not exist.", path)
+                sys.exit(1)
+        create_doc(
+            args.input_human_file,
+            args.input_computer_file,
+            args.output_file,
+            args.font_name,
+        )

evilfonttool-2.0.0/src/evilfonttool/data/template.html

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+
+<link rel="stylesheet" href="fonts.css">
+
+
+<html>
+<body>
+
+<!-- #STUFF HERE -->
+
+</body>
+</html>