XowiaScan
Home Tools Pricing API Docs About Sign in Get started
← All tools

Hash Toolkit

Generators

Generate, identify and build crack-commands for hashes — a complete hash workbench in one client-side tool.

What is Hash Toolkit?

Hash Toolkit combines three jobs. Generate turns any text into MD5, NTLM, SHA-1/256/384/512 in your browser — handy for building test hashes or comparing a guessed password.

Identify recognises a hash from a database of 60+ signatures — MD5/SHA family, NTLM & NetNTLMv1/v2, LM, bcrypt, *crypt, Argon2/PBKDF2/scrypt, phpass & CMS (WordPress/Joomla/Drupal/Django/vBulletin), database (MySQL/MSSQL/Oracle/PostgreSQL), Kerberos (Kerberoast / AS-REProast), Cisco type 7/8/9, LDAP, JWT and file/archive captures (ZIP/RAR/Office/PDF/KeePass/SSH/WPA). Since many hashes share a format, it returns a ranked list of candidates rather than one guess.

For each candidate it builds copy-paste hashcat and John commands (wordlist, +rules, mask/brute, optimised kernel, --show), plus the right *2john extraction line for file hashes, crack-speed guidance (fast vs GPU vs slow KDF) and an online-lookup hint for unsalted hashes.

What it does

  • Generate — MD5, NTLM, SHA-1/256/384/512 from any text, in-browser.
  • Identify 60+ types — ranked candidates with the right hashcat mode + John format for each.
  • hashcat commands — wordlist, wordlist+rules, mask/incremental brute, optimised kernel, --show.
  • John commands — the matching --format and rule syntax.
  • File-hash extraction — the zip2john / office2john / keepass2john / ssh2john line to run first.
  • Crack-speed guidance — fast / GPU / slow-KDF, plus online-lookup hints for unsalted hashes.

Where it fits in your workflow

  • Generate a test hash, then identify it and build its cracking command — end to end.
  • Disambiguate look-alike hashes (MD5 vs NTLM vs MD4) before spending GPU time.
  • Get the extraction + crack workflow for a ZIP/Office/KeePass/SSH file.
Use Hash Toolkit

Free, in-browser — no sign-up needed to try.

Create free account Sign in

At a glance

CategoryGenerators
RunsIn your browser
Token cost Free — no tokens
AccessFree · no login to try
Status● Live

Frequently asked questions

Does this crack the hash for me?

No — it identifies the hash and generates the command to run locally with hashcat or John. Cracking happens on your own hardware (or, for unsalted hashes, via an online lookup it points you to).

Why does it show several candidate types?

Many hashes are indistinguishable by format alone — a 32-character hex string is equally MD5, NTLM or MD4. The tool ranks the most likely first and lets you pick; context (where you found it) usually decides.

Can it generate bcrypt / Argon2?

Those use random salts and many rounds, so they are best produced with a CLI (openssl passwd, mkpasswd, htpasswd). The Generate tab covers the fast unsalted algorithms (MD5/NTLM/SHA).

Explore more tools →