19 November 2013 | 7,973 views

HashTag – Password Hash Type Identification (Identify Hashes)

Check Your Web Security with Acunetix

HashTag.py is a Python script written to parse and identify the password hash type used.

HashTag supports the identification of over 250 hash types along with matching them to over 110 hashcat modes (use the command line switch -hc to output the hashcat modes). It is also able to identify a single hash, parse a single file and identify the hashes within it, or traverse a root directory and all subdirectories for potential hash files and identify any hashes found.

One of the biggest aspects of this tool is the identification of password hashes. The main attributes used to distinguish between hash types are character set (hexadecimal, alphanumeric, etc.), hash length, hash format (e.g. 32 character hash followed by a colon and a salt), and any specific substrings (e.g. ‘$1$’). A lot of password hash strings can’t be identified as one specific hash type based on these attributes. For example, MD5 and NTLM hashes are both 32 character hexadecimal strings. In these cases the author made an exhaustive list of possible types and has the tool output reflect that.


It has three main arguments:

  • Identifying a single hash type (-sh)
  • Parsing and identifying multiple hashes from a file (-f)
  • Traversing subdirectories to locate files which contain hashes and parse/identify them (-d)


You can download HashTag here:


Or read more here.


Recent in Cryptography:
- The Logjam Attack – ANOTHER Critical TLS Weakness
- BitTorrent Bleep – Encrypted, Decentralized Voice & Text App
- Google Revoking Trust In CNNIC Issued Certificates

Related Posts:
- hash-identifier – Identify Types Of Hashes Used To Encrypt Passwords
- vBulletin.com Hacked – Forum User Emails & Encrypted Passwords Leaked
- Blackhash – Audit Passwords Without Hashes

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,301 views
- Hackers Crack London Tube Oyster Card - 43,486 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 32,307 views

Low-cost VPS Hosting

Comments are closed.