We have a 29B MD5 database and 2.19B entries for NTLM and SHA-1. We are updating the NTLM and SHA-1 datasets and adding support for additional hash modes.
Jump to hash lookup, generator, identifier, JWT pentesting and encryption
Decode and review JSON Web Tokens (JWTs) locally, run pentesting checks, and flag common configuration risks.
The script also performs a client-side brute-force attack against JWTs using a list of 100,000 most commonly used JWT secrets.
Decode claims, run validation checks, perform vulnerability testing, and verify signatures when you have the key.
Client-side tools for hashing and identification, built to run fully in the browser.
Generate common hashes in your browser. Nothing is uploaded.
MD4(UTF-16LE(password)).Hash identification based on length, charset, and patterns.
Encrypt/decrypt text and files locally (client-side) using modern crypto defaults.
Encrypt & decrypt text locally in your browser (no uploads)
CCRYPT1|AES-GCM|iterations|salt_b64|iv_b64|ciphertext_b64
Encrypt & decrypt files locally (AES-256-GCM)
.ccrypt container that includes salt + IV + metadata.
Keep your password safe there is no recovery.
Coverage notes and performance highlights for the lookup engine.
Our current hash database capabilities
We utilize wordlists from trusted security sources including:
WeakPass Collections - Professional wordlists with 90% crack rate
Also we have wordlists data from the best community Hashmob.net
All data is used in accordance with security research best practices.
For the most effective wordlists, visit WeakPass.com and hashmob.net and explore their professionally curated collections.
Questions, feedback, or reporting an issue with the site.
For technical support, security research inquiries, or to report issues:
[email protected]Please include "Security Research" in your subject line for faster response.