Security Tools

MD5 Hash Generator

Generate MD5 hashes for data integrity and security verification.

beginner2-5 minutesRuns in your browser

Interactive workspace

Inputs stay on your device — nothing is sent to our servers unless you choose to share.

Client-side only

Security Notice

  • • MD5 and SHA1 are cryptographically broken and should not be used for security purposes
  • • SHA256 and SHA512 are recommended for secure hashing
  • • NTLM is primarily used for Windows authentication
  • • This tool is for educational and testing purposes only

About Hash Functions

Hash functions are mathematical algorithms that convert input data of any size into a fixed-size string of characters. They are commonly used for data integrity verification, password storage, digital signatures, and blockchain technology.

Documentation

How to use this tool, practical use cases, and technical notes.

The MD5 Hash Generator is deliberately simple — generating a hash takes under 30 seconds. Here is a complete walkthrough of every feature.

Step 1 — Enter Your Input Text

Click the Input Text field and type or paste the string you want to hash. This can be:

  • A plain text word or phrase (e.g., a password for educational testing)

  • A JSON payload or API string

  • A configuration value or file path

  • Any UTF-8 encoded string of any length

Important input behaviors to be aware of:

Input Detail

Behavior

Case sensitivity

"Password" and "password" produce completely different hashes

Trailing whitespace

A space after your string changes the hash entirely

Empty string

Valid input — each algorithm produces a well-defined hash for an empty string

Unicode characters

Supported; hashed as UTF-8 bytes

Very long strings

No length limit; browser handles arbitrarily long inputs

Newlines

Included in the hash; a string with a newline ≠ the same string without

Tip for penetration testing students: A common CTF exercise is to hash a known password (e.g., password123) across all algorithms and compare your output to a leaked hash in a database dump to identify the algorithm used.

Step 2 — Select Your Hash Algorithm(s)

The tool supports five hash algorithms selectable via checkboxes. You can generate hashes for one algorithm at a time or multiple simultaneously.

Algorithm

When to Select It

MD5

Legacy integrity checks; studying MD5 weaknesses; CTF hash identification

SHA1

Verifying old Git commit SHAs; studying SHA1 deprecation; legacy system testing

SHA256

All modern integrity verification; API HMAC testing; general-purpose hashing

SHA512

High-security contexts; comparing output length vs SHA256

NTLM

Windows Active Directory lab testing; studying Pass-the-Hash attacks; CTF challenges

Step 3 — Click "Generate Hashes"

Click the Generate Hashes button. Results appear instantly for all selected algorithms. Each result is a lowercase hexadecimal string.

What the output looks like:

MD5:     5d41402abc4b2a76b9719d911017c592
SHA1:    aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d
SHA256:  2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA512:  9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673ca7...
NTLM:    f4d1c21b423c70a82fe42e3d8a7e4f6c

(Example outputs for the string "hello" — run the tool to verify)

Step 4 — Copy and Use Your Hash

Click anywhere on a hash output to select it, then copy it to your clipboard. Common next steps after generating a hash:

Use Case

What to Do with the Hash

File integrity check

Compare generated hash to the checksum published by the software vendor

CTF / password cracking lab

Submit the hash to a hashcat or John the Ripper job to practice cracking

API signature debugging

Compare your locally generated HMAC to what the API server expects

Learning exercise

Change one character in your input, regenerate, and observe the avalanche effect

Documentation

Record the hash of a known good configuration file for future comparison

Step 5 — Experiment with the Avalanche Effect

One of the most educational uses of this tool is demonstrating the avalanche effect — the property that a tiny change in input produces a completely different hash output. Try the following sequence:

Input

MD5 Hash Output

hello

5d41402abc4b2a76b9719d911017c592

Hello

8b1a9953c4611296a827abf8c47804d7

hello (with space)

b1946ac92492d2347c6235b4d2611184

hell0 (zero not 'o')

Completely different 32-character hash

This exercise visually demonstrates why hash functions cannot be reversed and why even a single-character password difference creates an entirely different stored hash.

Quick Reference: Empty String Hashes

A useful benchmark for verifying any hash tool is the well-known hash of an empty string (""). Use these to confirm the tool is working correctly:

Algorithm

Hash of Empty String ""

MD5

d41d8cd98f00b204e9800998ecf8427e

SHA1

da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512

cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

NTLM

31d6cfe0d16ae931b73c59d7e0c089c0