Hash & Encoder Tools
Compute MD5, SHA-1, SHA-256, SHA-384, SHA-512 hashes. Encode/decode Base64, URL, HTML entities, Hex, Binary. UTF-8 safe. Drop a file to hash it directly. No upload, no signup.
Input
Output
A developer's Swiss-army knife for hashing & encoding
Every day, developers need to compute a hash, encode a Base64 string, URL-encode a value, or unescape HTML entities. The usual workflow involves jumping between several scattered sites (each plastered with ads). This page brings the most common 15 operations into a single, consistent interface.
Hashes (MD5, SHA family)
We compute MD5, SHA-1, SHA-256, SHA-384 and SHA-512. SHA hashes use the browser's native Web Crypto API β fast and standardized. MD5 is shipped as a small in-house implementation since Web Crypto deliberately omits it (cryptographically broken since 2005, but still useful for file checksums and content addressing).
File hashing: drop any file into the input box, or click "Drop or pick a
file". We read it as raw bytes and hash directly β the result will match exactly what
md5sum, sha256sum and the corresponding macOS / Windows tools
produce.
Base64 (UTF-8 safe)
JavaScript's built-in btoa() throws on any Unicode character above U+00FF β
which means it fails on accents, emojis, kanji, anything outside Latin-1. Our encoder
round-trips through a UTF-8 byte buffer, so it handles any Unicode correctly.
Decoding also tolerates whitespace and the URL-safe variant (- instead of
+, _ instead of /).
URL encoding
Uses encodeURIComponent, which is the right choice for embedding values in URL
path segments or query parameters. Spaces become %20, ampersands become
%26, etc.
HTML entities
Escape converts the 5 dangerous characters (&,
<, >, ", ') to their entity form
β handy for sanitizing user input before inserting into HTML. Unescape
handles named entities (©, — β¦), numeric
(A) and hexadecimal (👋), including non-BMP
Unicode like emojis.
Hex & Binary
Converts text to a hexadecimal or binary representation of its UTF-8 bytes, and back. The
decoders are forgiving β they accept spaces, line breaks and 0x prefixes for
hex.
Privacy
Nothing is ever uploaded. Hashes, encodings and file reading all happen locally. We don't store anything, we don't log anything, we don't analyze anything β there isn't even a server component that could.
Common use cases
- Verify a download matches its published
sha256checksum. - Decode a Base64 string from a JWT, email header or config file.
- URL-encode a query value to test a problematic redirect.
- Strip HTML entities from text scraped from a webpage.
- Generate a deterministic content hash for caching or deduplication.
Frequently Asked Questions
- What hash algorithms does this tool support?
- MD5, SHA-1, SHA-256, SHA-384 and SHA-512. SHA hashes use the browser's native Web Crypto API for speed and security. MD5 is provided via a client-side implementation.
- Is it safe to hash sensitive data online?
- Yes. This tool runs entirely in your browser β your data is never sent to any server. There is no backend component that could store or intercept your input.
- What encoding formats are available?
- Base64 encode/decode (UTF-8 safe), URL encode/decode, HTML entity escape/unescape, Hex encode/decode and Binary encode/decode.
- Can I decode a hash back to the original text?
- No. Cryptographic hashes are one-way functions and cannot be reversed. You can, however, decode Base64, URL encoding, HTML entities, Hex and Binary back to the original text.
- Is this tool free to use?
- Yes, completely free with no usage limits, no sign-up and no watermarks.