| Hash | Candidate Types | Copy |
|---|---|---|
| {{ row.hash }} | {{ c.name }} — | |
| No parsable items. | ||
| # | When | Items | Unique | Matched | Actions |
|---|---|---|---|---|---|
| {{ i + 1 }} | {{ new Date(h.ts).toLocaleString() }} | {{ h.items }} | {{ h.unique }} | {{ h.matched }} |
|
| No snapshots yet. Start typing above—snapshots are saved automatically. | |||||
Hash strings are structured fingerprints that often hint at their family through length, alphabet, and a few telltale prefixes, so investigators and engineers can narrow possibilities quickly. When you need to identify hash type from string during triage, the readout provides a fast directional answer without decoding or cracking.
Paste one or many lines and you will see candidate families for each value, then copy results or download a compact table for notes. A short example helps you notice ambiguous cases so you do not overinterpret a match.
A single line highlights a top match for a quick glance, and multiple lines show counts for items, unique entries, and those with matches. Use the history tab to revisit earlier inputs and compare runs across time.
Pattern cues are heuristic, so exact algorithms cannot be proven by shape alone. Treat hits as leads and confirm with context or known salts when available.
Cryptographic digests and password hash encodings are strings formed from hexadecimal or Base64 alphabets, sometimes prefixed with scheme markers that carry parameters. The engine inspects each line for length, character set, and well known signatures to propose likely families without computing any digest.
Classification is driven by regular expressions. A line may match multiple families when formats share the same length or alphabet, so outputs are named candidates rather than a single verdict. One extra heuristic flags “NTLM” only when at least one uppercase A to F is present in a 32‑hex string.
Results are deterministic for the same input text. For multi‑line input the tool de‑duplicates identical lines before analysis and tracks a compact summary of items, unique values, and how many lines produced at least one match.
5F4DCC3B5AA765D61D8327DEB882CF99da39a3ee5e6b4b0d3255bfef95601890afd80709| Name | Pattern (verbatim) | Notes |
|---|---|---|
| CRC‑32 | ^[a-f0-9]{8}$ (case‑insensitive) | 8 hex. |
| MD5 | ^[a-f0-9]{32}$ (case‑insensitive) | 32 hex. |
| NTLM | ^[a-f0-9]{32}$ + /[A-F]/ | Requires at least one uppercase A–F. |
| SHA‑1 | ^[a-f0-9]{40}$ (case‑insensitive) | 40 hex; overlaps with RIPEMD‑160. |
| RIPEMD‑160 | ^[a-f0-9]{40}$ (case‑insensitive) | 40 hex; overlaps with SHA‑1. |
| SHA‑224 | ^[a-f0-9]{56}$ (case‑insensitive) | 56 hex. |
| SHA‑256 | ^[a-f0-9]{64}$ (case‑insensitive) | 64 hex. |
| SHA‑384 | ^[a-f0-9]{96}$ (case‑insensitive) | 96 hex. |
| SHA‑512 | ^[a-f0-9]{128}$ (case‑insensitive) | 128 hex. |
| bcrypt | ^\$2[aby]?\$[0-9]{2}\$[./A-Za-z0-9]{53}$ | Cost is two digits; total length typically 60 chars. |
| Argon2 | ^\$argon2(?:id|i|d)\$.+ | Matches id, i, or d variants. |
| scrypt (crypt) | ^\$7\$.+ | POSIX crypt style. |
| PBKDF2 | ^\$pbkdf2-(?:sha1|sha256|sha512)\$.+$ (case‑insensitive) | SHA‑1/256/512 variants. |
| LDAP {SSHA} | ^\{SSHA\}[A-Za-z0-9+/=]+$ | Base64 payload. |
| LDAP {SHA} | ^\{SHA\}[A-Za-z0-9+/=]{28}$ | Fixed 28‑char Base64. |
| Base64‑MD5 | ^[A-Za-z0-9+/]{22}==$ | MD5 digest encoded as Base64. |
| Base64‑SHA1 | ^[A-Za-z0-9+/]{27}=$ | SHA‑1 digest encoded as Base64. |
| Field | Type | Min | Max | Step/Pattern | Error/Placeholder |
|---|---|---|---|---|---|
| Hash input | string (multi‑line) | 1 char | — | Any; patterns above drive recognition | Placeholder: “Paste one or more hashes, one per line…” |
| Upload file(s) | .txt (UTF‑8) | 0 B | — | One hash per line | — |
Share param h |
URL param (Base64 of text) | 0 | 2000 chars | Encoded via encodeURIComponent → btoa |
Decodes automatically on load |
| History snapshots | local storage array | 0 | 20 entries | Newest kept; roll‑off beyond 20 | Clearable by user |
| No match row | table message | — | — | — | “No parsable items.” |
| Input | Accepted Families | Output | Encoding/Precision | Rounding |
|---|---|---|---|---|
| Text area | Hex, Base64, modular‑crypt signatures | Table of candidates | Exact string match; case rules per pattern | Not applicable |
| .txt upload | UTF‑8, one line per hash | Same as above | Exact | Not applicable |
| JSON tab | — | Inputs, results, summary | Pretty‑printed with 2‑space indent | Not applicable |
| CSV actions | — | Results or history tables | Safe quoting for commas and quotes | Not applicable |
localStorage under a dedicated key and is user‑clearable.h) mirrors the current text in the URL.No data is transmitted or stored server‑side. History snapshots are kept in the browser’s local storage and can be cleared at any time.
Hash strings are inspected for likely families so you can triage quickly.
Do not paste live secrets. Prefer test values for demonstrations.
Analysis runs in your browser and snapshots live in local storage. You can clear history from the interface at any time.
No server copy is made.It is heuristic and format‑based. Overlapping lengths yield multiple candidates. Use context and known salts to confirm before acting.
Plain text lines and UTF‑8 .txt uploads. Hex digests, Base64 fingerprints, and modular‑crypt signatures are recognized.
Yes. Once the page is loaded, everything runs in the browser and continues to work without network access.
The package contains only client files and no payment code. Refer to the host’s site for any licensing terms that may apply.
Paste the value. If it matches, you will see a bcrypt candidate with a two‑digit cost and a fixed‑length payload.
It means formats share the same visible shape. The tool lists all candidates so you can weigh context and confirm elsewhere.
$argon2id$ or $2b$ that embeds parameters.