Hash & CVE Analyzer

Paste any hash or CVE ID. Auto-detects hash type, looks up CVE details from NVD and CIRCL, checks against SSLBL malicious certificate blocklist. Enter an IP or domain to be routed to the appropriate recon tool.

Last updated:

Supports: MD5, SHA-1, SHA-256, SHA-512, bcrypt, NTLM hashes · CVE-YYYY-NNNNN · IPv4 addresses · domain names

Why analyze hashes and CVEs?

Hash analysis is fundamental to digital forensics and incident response. When you encounter an unknown hash in logs, malware analysis, or threat intel feeds, the first step is identifying its algorithm. This tool auto-detects whether a hash is MD5, SHA-1, SHA-256, bcrypt, NTLM, or other formats, then cross-references it against known malicious indicators. For CVE identifiers, it fetches full vulnerability details including severity scores, affected products, and descriptions.

Key Terminology

SSLBL
SSL Blocklist — maintained by abuse.ch, it contains SHA-1 fingerprints of SSL/TLS certificates associated with malware command-and-control servers and other malicious infrastructure.
CVE
Common Vulnerabilities and Exposures — a standardized identifier for publicly known security vulnerabilities. Format: CVE-YYYY-NNNNN where YYYY is the year and NNNNN is a sequential number.
NVD
National Vulnerability Database — NIST's comprehensive database of CVEs with severity scoring (CVSS), affected product lists (CPE), and technical references.

🔐 Hash & CVE Analyzer — Frequently Asked Questions

What hash types can this tool identify?

The tool auto-detects hash algorithms by querying hashes.com and by local pattern matching. It recognizes MD5 (32 hex chars), SHA-1 (40 hex chars), SHA-256 (64 hex chars), SHA-512 (128 hex chars), bcrypt ($2a$/$2b$ prefix), NTLM (32 hex chars), and many other formats. For CVE IDs (CVE-YYYY-NNNNN format), it automatically fetches vulnerability details from NVD and CIRCL databases.

What hash types does the analyzer support?

The tool auto-detects and analyzes MD5 (32 hex), SHA-1 (40 hex), SHA-256 (64 hex), and SHA-512 (128 hex) hashes. It cross-references them against VirusTotal, MalwareBazaar, ThreatFox, AlienVault OTX, and other threat intelligence databases.

Can I check if a file hash is associated with malware?

Yes. Submit any file hash and the tool queries multiple malware databases simultaneously. It shows detection ratios, malware family names, first-seen dates, and associated indicators of compromise (IOCs).

Threat Feeds

Check against threat feeds.

CVE Intelligence

Vulnerability lookup.

Hash Identifier App

Identify hash types.

Default Credentials

Search default passwords.