← Back to Skills Marketplace

Hash Finder

Name: Hash Finder
Author: krishnakumarmahadevan-cmd

by ToolWeb · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

106

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install hash-finder

Description

Crack and identify hashes by attempting to match them against known hash databases and common plaintext values.

README (SKILL.md)

Overview

The Hash Finding Tool is a security utility designed to identify the plaintext values behind cryptographic hashes. By leveraging extensive hash databases and intelligent matching algorithms, this tool helps security professionals, penetration testers, and incident responders quickly determine the original values of captured or discovered hashes.

This tool supports common hash types and performs rapid lookups against curated datasets of known hash-plaintext pairs. It is ideal for password auditing, forensic analysis, breach investigation, and general security research where hash identification is required.

Whether you're validating password strength in a security assessment or recovering plaintext from discovered hashes during an incident, the Hash Finding Tool provides fast, accurate results through a simple API interface.

Usage

Request Example:

{
  "hash": "5d41402abc4b2a76b9719d911017c592"
}

Response Example:

{
  "hash": "5d41402abc4b2a76b9719d911017c592",
  "plaintext": "hello",
  "hash_type": "MD5",
  "found": true,
  "confidence": 0.99
}

Endpoints

POST /crack-hash

Description:
Attempts to crack or identify a given hash by matching it against known hash databases and common plaintext values.

Method: POST
Path: /crack-hash

Request Parameters:

Name	Type	Required	Description
hash	string	Yes	The hash value to crack. Accepts MD5, SHA-1, SHA-256, and other common hash formats.

Response Schema:

The response returns a JSON object containing:

Field	Type	Description
hash	string	The input hash that was queried.
plaintext	string	The plaintext value if a match was found; `null` if not found.
hash_type	string	The detected or inferred hash algorithm type (e.g., "MD5", "SHA-1", "SHA-256").
found	boolean	`true` if a match was located in the database; `false` otherwise.
confidence	number	A confidence score between 0 and 1 indicating the likelihood of an accurate match.

Status Codes:

200 OK — Hash lookup completed successfully.
422 Unprocessable Entity — Validation error (e.g., missing or malformed hash parameter).

Pricing

Plan	Calls/Day	Calls/Month	Price
Free	5	50	Free
Developer	20	500	$39/mo
Professional	200	5,000	$99/mo
Enterprise	100,000	1,000,000	$299/mo

About

ToolWeb.in — 200+ security APIs, CISSP & CISM, platforms: Pay-per-run, API Gateway, MCP Server, OpenClaw, RapidAPI, YouTube.

References

Kong Route: https://api.mkkpro.com/security/hash-finder
API Docs: https://api.mkkpro.com:8008/docs

Usage Guidance

This skill will likely send any hashes you provide to external servers (toolweb.in / api.mkkpro.com). Before installing or using it: 1) Do not submit real user passwords or unsalted password hashes — test only with non-sensitive examples. 2) Ask the publisher for the API server URL, authentication requirements, and a privacy/retention policy. 3) Verify the service reputation (toolweb.in / mkkpro domains) and whether an API key is required (the SKILL.md lists pricing but the skill declares no credentials). 4) If you need offline cracking, prefer local tools (hashcat/john) rather than an unknown third-party API. If the publisher can confirm where requests go, whether keys are required, and provide a privacy statement, reassess; until then treat this as untrusted for sensitive data.

Capability Analysis

Type: OpenClaw Skill Name: hash-finder Version: 1.0.0 The skill bundle provides a legitimate utility for identifying the plaintext values of cryptographic hashes by querying an external database. The documentation in SKILL.md and the API definition in openapi.json are consistent with the stated purpose, and there is no evidence of malicious intent, data exfiltration, or prompt injection attacks. The tool communicates with a specified external endpoint (api.mkkpro.com) solely to perform the hash lookups requested by the user.

Capability Assessment

⚠ Purpose & Capability

The SKILL.md describes a network-backed hash-cracking API (references to api.mkkpro.com and toolweb.in) and pricing tiers, but the skill declares no required credentials or environment variables. If the skill actually calls a paid or authenticated external service, missing credentials is an inconsistency. No homepage or verifiable owner information is provided (source unknown).

⚠ Instruction Scope

The instructions and OpenAPI schema describe a /crack-hash endpoint and provide example requests/responses; they imply the agent will send supplied hashes to an external service. The SKILL.md does not document privacy, retention, or whether hashes are sent to third parties. Sending password hashes or other sensitive material to an external API without clear policy is a privacy/exfiltration risk.

✓ Install Mechanism

This is an instruction-only skill with no install spec and no code files to be written to disk, which minimizes installation risk.

⚠ Credentials

No environment variables or credentials are declared even though the README mentions pricing and external service portals (portal.toolweb.in, hub.toolweb.in). Either the service is public/free (contradicted by pricing) or the skill omits required API keys — the omission is disproportionate and unexplained.

✓ Persistence & Privilege

The skill does not request always:true, does not declare system config paths, and is user-invocable only. It does not request elevated or persistent privileges.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install hash-finder
After installation, invoke the skill by name or use /hash-finder
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Hash Finding Tool 1.0.0 – Initial Release - Introduces an API tool for cracking and identifying cryptographic hashes (MD5, SHA-1, SHA-256, and more). - Provides the /crack-hash endpoint to match input hashes against known hash databases. - Returns plaintext, hash type, match confidence, and found status in a structured JSON response. - Includes clear pricing tiers and usage limits for Free, Developer, Professional, and Enterprise plans. - Documentation links and reference endpoints provided for easy integration and further details.

Metadata

Slug hash-finder

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Hash Finder?

Crack and identify hashes by attempting to match them against known hash databases and common plaintext values. It is an AI Agent Skill for Claude Code / OpenClaw, with 106 downloads so far.

How do I install Hash Finder?

Run "/install hash-finder" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Hash Finder free?

Yes, Hash Finder is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Hash Finder support?

Hash Finder is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Hash Finder?

It is built and maintained by ToolWeb (@krishnakumarmahadevan-cmd); the current version is v1.0.0.

More Skills