Found an unknown hash and need to identify it? This guide covers everything about hash type identification via API, including how detection works, supported algorithms, and implementation examples.
Why Identify Hash Types?
When working with legacy systems, analyzing data, or performing security assessments, you often encounter hash values without documentation about their algorithm. Identifying the hash type is the first step to working with it.
Different hash algorithms have characteristic patterns: length, character set, prefixes, and structure that can reveal their type.
How Identification Works
Hash identification analyzes multiple characteristics:
Pattern Analysis
- Length: MD5 = 32 chars, SHA1 = 40 chars, SHA256 = 64 chars
- Prefixes: bcrypt starts with "$2a$", "$2b$", or "$2y$"
- Character Set: Hex only vs. base64 vs. special characters
- Structure: Delimiters, sections, embedded parameters
Using the Hash Identification API
TinyFn provides an intelligent endpoint for hash identification:
POST https://api.tinyfn.io/v1/hash/identify
Headers: X-API-Key: your-api-key
Content-Type: application/json
{
"hash": "$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy"
}{
"possible_types": [
{
"algorithm": "bcrypt",
"confidence": 0.99,
"description": "Blowfish-based password hash",
"parameters": {
"cost": 10,
"version": "2a"
}
}
],
"hash_length": 60,
"character_set": "base64_bcrypt"
}Parameters
| Parameter | Type | Description |
|---|---|---|
hash |
string | Hash string to identify (required) |
context |
string | Context hint: "password", "file", "api" (optional) |
Code Examples
JavaScript / Node.js
const response = await fetch(
'https://api.tinyfn.io/v1/hash/identify',
{
method: 'POST',
headers: {
'X-API-Key': 'your-api-key',
'Content-Type': 'application/json'
},
body: JSON.stringify({
hash: '5d41402abc4b2a76b9719d911017c592'
})
}
);
const { possible_types } = await response.json();
console.log(`Most likely: ${possible_types[0].algorithm}`);
console.log(`Confidence: ${possible_types[0].confidence * 100}%`);Python
import requests
response = requests.post(
'https://api.tinyfn.io/v1/hash/identify',
headers={'X-API-Key': 'your-api-key'},
json={'hash': '5d41402abc4b2a76b9719d911017c592'}
)
result = response.json()
top_match = result['possible_types'][0]
print(f"Most likely: {top_match['algorithm']}")
print(f"Confidence: {top_match['confidence'] * 100}%")cURL
curl -X POST "https://api.tinyfn.io/v1/hash/identify" \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"hash": "5d41402abc4b2a76b9719d911017c592"}'Common Use Cases
- Security Assessments: Identify password hash types during penetration testing
- Legacy Migration: Understand hash formats in old systems before migration
- Data Analysis: Classify hash values found in databases or logs
- Forensics: Identify hash types in digital forensic investigations
- Documentation: Document undocumented hash fields in systems
Best Practices
- Consider multiple possibilities: Review all returned types, not just the top one
- Use context hints: Provide context to improve identification accuracy
- Verify with test data: Generate a hash with known input to confirm the algorithm
- Handle ambiguity: Some hash types are indistinguishable by format alone
Use via MCP
Your AI agent can call this tool directly via Model Context Protocol — no HTTP code needed. Add TinyFn to Claude Desktop, Cursor, or any MCP client:
{
"mcpServers": {
"tinyfn-hash": {
"url": "https://api.tinyfn.io/mcp/hash/",
"headers": {
"X-API-Key": "your-api-key"
}
}
}
}See all hash tools available via MCP in our Hash MCP Tools for AI Agents guide.
Try the Hash Identification API
Get your free API key and start identifying hash types in seconds.
Get Free API Key