Documentation
How to use this tool, practical use cases, and technical notes.
The MD5 Hash Generator is deliberately simple — generating a hash takes under 30 seconds. Here is a complete walkthrough of every feature.
Step 1 — Enter Your Input Text
Click the Input Text field and type or paste the string you want to hash. This can be:
A plain text word or phrase (e.g., a password for educational testing)
A JSON payload or API string
A configuration value or file path
Any UTF-8 encoded string of any length
Important input behaviors to be aware of:
Input Detail | Behavior |
|---|---|
Case sensitivity |
|
Trailing whitespace | A space after your string changes the hash entirely |
Empty string | Valid input — each algorithm produces a well-defined hash for an empty string |
Unicode characters | Supported; hashed as UTF-8 bytes |
Very long strings | No length limit; browser handles arbitrarily long inputs |
Newlines | Included in the hash; a string with a newline ≠ the same string without |
Tip for penetration testing students: A common CTF exercise is to hash a known password (e.g., password123) across all algorithms and compare your output to a leaked hash in a database dump to identify the algorithm used.
Step 2 — Select Your Hash Algorithm(s)
The tool supports five hash algorithms selectable via checkboxes. You can generate hashes for one algorithm at a time or multiple simultaneously.
Algorithm | When to Select It |
|---|---|
MD5 | Legacy integrity checks; studying MD5 weaknesses; CTF hash identification |
SHA1 | Verifying old Git commit SHAs; studying SHA1 deprecation; legacy system testing |
SHA256 | All modern integrity verification; API HMAC testing; general-purpose hashing |
SHA512 | High-security contexts; comparing output length vs SHA256 |
NTLM | Windows Active Directory lab testing; studying Pass-the-Hash attacks; CTF challenges |
Step 3 — Click "Generate Hashes"
Click the Generate Hashes button. Results appear instantly for all selected algorithms. Each result is a lowercase hexadecimal string.
What the output looks like:
MD5: 5d41402abc4b2a76b9719d911017c592
SHA1: aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d
SHA256: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA512: 9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673ca7...
NTLM: f4d1c21b423c70a82fe42e3d8a7e4f6c(Example outputs for the string "hello" — run the tool to verify)
Step 4 — Copy and Use Your Hash
Click anywhere on a hash output to select it, then copy it to your clipboard. Common next steps after generating a hash:
Use Case | What to Do with the Hash |
|---|---|
File integrity check | Compare generated hash to the checksum published by the software vendor |
CTF / password cracking lab | Submit the hash to a hashcat or John the Ripper job to practice cracking |
API signature debugging | Compare your locally generated HMAC to what the API server expects |
Learning exercise | Change one character in your input, regenerate, and observe the avalanche effect |
Documentation | Record the hash of a known good configuration file for future comparison |
Step 5 — Experiment with the Avalanche Effect
One of the most educational uses of this tool is demonstrating the avalanche effect — the property that a tiny change in input produces a completely different hash output. Try the following sequence:
Input | MD5 Hash Output |
|---|---|
|
|
|
|
|
|
| Completely different 32-character hash |
This exercise visually demonstrates why hash functions cannot be reversed and why even a single-character password difference creates an entirely different stored hash.
Quick Reference: Empty String Hashes
A useful benchmark for verifying any hash tool is the well-known hash of an empty string (""). Use these to confirm the tool is working correctly:
Algorithm | Hash of Empty String |
|---|---|
MD5 |
|
SHA1 |
|
SHA256 |
|
SHA512 |
|
NTLM |
|
The MD5 Hash Generator is deliberately simple — generating a hash takes under 30 seconds. Here is a complete walkthrough of every feature.
Step 1 — Enter Your Input Text
Click the Input Text field and type or paste the string you want to hash. This can be:
A plain text word or phrase (e.g., a password for educational testing)
A JSON payload or API string
A configuration value or file path
Any UTF-8 encoded string of any length
Important input behaviors to be aware of:
Input Detail | Behavior |
|---|---|
Case sensitivity |
|
Trailing whitespace | A space after your string changes the hash entirely |
Empty string | Valid input — each algorithm produces a well-defined hash for an empty string |
Unicode characters | Supported; hashed as UTF-8 bytes |
Very long strings | No length limit; browser handles arbitrarily long inputs |
Newlines | Included in the hash; a string with a newline ≠ the same string without |
Tip for penetration testing students: A common CTF exercise is to hash a known password (e.g., password123) across all algorithms and compare your output to a leaked hash in a database dump to identify the algorithm used.
Step 2 — Select Your Hash Algorithm(s)
The tool supports five hash algorithms selectable via checkboxes. You can generate hashes for one algorithm at a time or multiple simultaneously.
Algorithm | When to Select It |
|---|---|
MD5 | Legacy integrity checks; studying MD5 weaknesses; CTF hash identification |
SHA1 | Verifying old Git commit SHAs; studying SHA1 deprecation; legacy system testing |
SHA256 | All modern integrity verification; API HMAC testing; general-purpose hashing |
SHA512 | High-security contexts; comparing output length vs SHA256 |
NTLM | Windows Active Directory lab testing; studying Pass-the-Hash attacks; CTF challenges |
Step 3 — Click "Generate Hashes"
Click the Generate Hashes button. Results appear instantly for all selected algorithms. Each result is a lowercase hexadecimal string.
What the output looks like:
MD5: 5d41402abc4b2a76b9719d911017c592
SHA1: aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d
SHA256: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
SHA512: 9b71d224bd62f3785d96d46ad3ea3d73319bfbc2890caadae2dff72519673ca7...
NTLM: f4d1c21b423c70a82fe42e3d8a7e4f6c(Example outputs for the string "hello" — run the tool to verify)
Step 4 — Copy and Use Your Hash
Click anywhere on a hash output to select it, then copy it to your clipboard. Common next steps after generating a hash:
Use Case | What to Do with the Hash |
|---|---|
File integrity check | Compare generated hash to the checksum published by the software vendor |
CTF / password cracking lab | Submit the hash to a hashcat or John the Ripper job to practice cracking |
API signature debugging | Compare your locally generated HMAC to what the API server expects |
Learning exercise | Change one character in your input, regenerate, and observe the avalanche effect |
Documentation | Record the hash of a known good configuration file for future comparison |
Step 5 — Experiment with the Avalanche Effect
One of the most educational uses of this tool is demonstrating the avalanche effect — the property that a tiny change in input produces a completely different hash output. Try the following sequence:
Input | MD5 Hash Output |
|---|---|
|
|
|
|
|
|
| Completely different 32-character hash |
This exercise visually demonstrates why hash functions cannot be reversed and why even a single-character password difference creates an entirely different stored hash.
Quick Reference: Empty String Hashes
A useful benchmark for verifying any hash tool is the well-known hash of an empty string (""). Use these to confirm the tool is working correctly:
Algorithm | Hash of Empty String |
|---|---|
MD5 |
|
SHA1 |
|
SHA256 |
|
SHA512 |
|
NTLM |
|