Hash Generator
Compute SHA-1, SHA-256, SHA-384, and SHA-512 hashes from text or a file.
————🔒 Hashing uses the SubtleCrypto API. Your data never leaves the browser.
</>Use this tool programmaticallycurl · JavaScript · MCP
Same tool, callable from any HTTP client or from Claude (via MCP). Anonymous: 100 req/day per IP. Sign up for 1,000 req/day.
curl https://api.b-e-a-d.com/tools/hash-generator/run \
-H "Content-Type: application/json" \
-d '{
"input": "your input here",
"encoding": "utf8"
}'const res = await fetch("https://api.b-e-a-d.com/tools/hash-generator/run", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
"input": "your input here",
"encoding": "utf8"
}),
});
const data = await res.json();
console.log(data.result);# In Claude Desktop / Claude Code, add to your MCP config:
{
"mcpServers": {
"bead": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://mcp.b-e-a-d.com"]
}
}
}
# Then ask Claude to call:
mcp__bead__bead_hash_generatorFull reference: developer docs · OpenAPI spec
About this tool
Uses the browser's SubtleCrypto.digestAPI. MD5 is not offered because it's broken for security uses and is not part of Web Crypto.
Verifying a download? Paste in the published checksum and use the inline comparison — it does a constant-character match so you don't need to eyeball 64 hex chars.
Frequently asked
▸Which algorithm should I use?
SHA-256 is the default for almost everything: checksums, fingerprints, content-addressed identifiers. Use SHA-512 only if you're following a specific spec that requires it. Avoid SHA-1 — see below.
▸Is SHA-1 still safe?
Not for security. SHA-1 has been broken in practice — researchers have produced collisions. It's still fine for non-security fingerprints (Git uses it for object IDs), but never use SHA-1 for signatures, passwords, or anything an attacker could try to forge.
▸How is this different from HMAC?
A plain hash takes one input. HMAC takes a message AND a secret key, and is the right primitive for authenticating messages or signing webhook payloads. BEAD has a dedicated HMAC Calculator.
You might also like
- HMAC CalculatorCompute HMAC-SHA1, SHA-256, SHA-384, or SHA-512 over a message and secret — for API signing or message auth.
- AES Encrypt / DecryptEncrypt or decrypt text with AES-GCM, deriving a key from a passphrase via PBKDF2 — all in your browser.
- Base64 Encoder / DecoderEncode or decode Base64 strings instantly.
- Escape / UnescapeEscape or unescape strings for JSON, JavaScript, HTML attribute, XML, and SQL contexts.