HashCrackRef

Hash identification and cracking command reference (does NOT crack)

v1.0.1

Linux

Quick Start

Install

curl -fsSL https://cli.johlem.net/install.sh | bash -s -- hashcrackref

Uninstall

curl -fsSL https://cli.johlem.net/uninstall.sh | bash -s -- hashcrackref

NixOS / Nix

nix profile install "tarball+https://cli.johlem.net/releases/cli-johlem-net-latest.tar.gz#hashcrackref"

Features

38 hash types: MD4/5, SHA-1/224/256/384/512, RIPEMD-160, Whirlpool, CRC32, NTLM, LM, NetNTLMv1/v2, DCC2, Kerberos AS-REP/TGS-REP, MD5crypt/sha256crypt/sha512crypt, bcrypt, yescrypt, descrypt, MySQL 4/5, PostgreSQL, WordPress, Drupal 7, Django, PBKDF2 family, scrypt, Argon2id/i, JWT HS256, LDAP {SSHA}/{SHA}/{MD5}
Three-tier confidence ranking (HIGH / MEDIUM / LOW) with security risk note per type
identify: prefix → structured-regex → length + commonality
Batch identify mode: --input <FILE> or stdin with summary table
Command generator for hashcat (-m mode) and John the Ripper (--format)
Attack modes: dictionary, rules, bruteforce, all
Reference table with --category and --search filters
verify: confirm a plaintext against a hash (RustCrypto MD5/SHA1/SHA2/MD4/NTLM)
generate: produce MD5/SHA1/SHA256/SHA512/NTLM hashes from a plaintext
Three output formats: text, JSON, CSV
Zero runtime dependencies — single static binary

Requirements

Runtime

Linux x86_64 (zero runtime deps)

Dependencies

Zero third-party dependencies — Python standard library only.

Usage

hashcrackref <command> [OPTIONS]

Run hashcrackref --help to see every subcommand and flag, or hashcrackref help <command> for per-command help.

Examples

Identify a hash

$ hashcrackref identify 5d41402abc4b2a76b9719d911017c592
Hash:    5d41402abc4b2a76b9719d911017c592
Length:  32 characters
Charset: hex (lowercase)

Possible types (by likelihood):
  [HIGH  ] MD5    (hashcat=0,    john=raw-md5)
  [MEDIUM] NTLM   (hashcat=1000, john=nt)
  [MEDIUM] LM     (hashcat=3000, john=lm)
  [MEDIUM] MD4    (hashcat=900,  john=raw-md4)

Generate hashcat / john commands

$ hashcrackref command 5d41402abc4b2a76b9719d911017c592 --tool both
# Identified as: MD5 (hashcat=0, john=raw-md5)

# Hashcat
hashcat -m 0 -a 0 hash.txt /usr/share/wordlists/rockyou.txt
hashcat -m 0 -a 0 hash.txt /usr/share/wordlists/rockyou.txt -r best64.rule

# John the Ripper
john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hash.txt

Verify a plaintext

$ hashcrackref verify 5d41402abc4b2a76b9719d911017c592 hello
Hash:      5d41402abc4b2a76b9719d911017c592
Type:      MD5
Plaintext: hello
Computed:  5d41402abc4b2a76b9719d911017c592
Result:    MATCH

Install Layout

# Standard layout for all cli.johlem.net tools
~/.local/lib/hashcrackref/                       # Tool source files
~/.local/bin/hashcrackref                        # Executable wrapper
~/.local/log/cli.johlem.net/hashcrackref_*.log   # Install/uninstall logs

After install, run hashcrackref --help (requires ~/.local/bin in your PATH).

Changelog

Integrity

Verify your download against these SHA256 checksums:

File	SHA256

This tool is provided as-is with no warranty. Use at your own risk. Always review scripts before running them. Not responsible for any damage or data loss. Intended for authorized security testing, research, and educational purposes only.