Free Download

Sherlock Forensics Hash Calculator Forensic File Integrity Verification

Free drag-and-drop hash calculator for SHA256, SHA512, MD5 and SHA1. Built by CISSP, ISSAP and ISSMP certified forensic examiners for chain of custody verification.

Sherlock Forensics Hash Calculator is a free Windows desktop tool that computes SHA256, SHA512, MD5 and SHA1 cryptographic hashes for files via drag-and-drop. It supports batch processing and CSV export for forensic chain of custody documentation. Used by examiners and legal professionals to verify evidence integrity.

Use Web Version

Fundamentals

Why File Hashing Matters

Cryptographic hashing is the foundation of digital evidence integrity. A hash function takes any file and produces a fixed-length value that is unique to that exact sequence of bytes. Change one bit in the file and the hash changes completely. This property makes hashing essential for three critical functions in forensic work.

Chain of Custody Verification

When digital evidence is collected, the examiner records the SHA256 hash of each file. At every subsequent transfer, the hash is recomputed and compared. If the hashes match, the evidence has not been altered. If they differ, the chain of custody is broken. Courts require this documentation to admit digital evidence. NIST Special Publication 800-86 (csrc.nist.gov) establishes these standards.

Download Integrity

Software publishers provide SHA256 hashes for their downloads. After downloading, compute the hash of the file and compare it to the published value. A match confirms the file was not corrupted during transfer or modified by a third party. This is standard practice for security tools and operating system images.

Duplicate Detection

Files with identical content produce identical hashes regardless of filename. This property enables rapid duplicate detection across large evidence sets without comparing file contents byte by byte.

Features

Hash Calculator Capabilities

SHA256
The forensic standard. 256-bit hash with no known practical collisions. Accepted by courts, NIST and law enforcement worldwide.
SHA512
512-bit hash for maximum collision resistance. Used in high-security environments and classified evidence handling.
MD5
Legacy 128-bit hash. Known collision vulnerabilities make it unsuitable as sole verification but still used for backward compatibility and quick duplicate detection.
SHA1
160-bit hash. Deprecated for security purposes after demonstrated collisions but still encountered in legacy systems and older forensic reports.
Drag-and-Drop Interface
Drag files or folders directly onto the application window. No file browser dialogs. Immediate hash computation on drop.
Batch Processing
Process entire directories of files in a single operation. Results displayed in a sortable table with all four hash values per file.
CSV Export
Export hash results with filename, file path, file size and all computed hashes. Import directly into forensic reports and chain of custody documentation.

Compare

Desktop vs Web-Based Hashing

Why a Desktop Tool?

Web-based hash calculators process files in the browser using JavaScript. This works well for small files but struggles with large forensic images and evidence containers. Sherlock Forensics Hash Calculator runs natively on Windows and handles multi-gigabyte files efficiently without browser memory limitations.

For quick single-file verification, use our browser-based hash verifier. For batch processing, large files and forensic workflows, use the desktop application.

Download

Get Sherlock Forensics Hash Calculator

Version 0.1.4 for Windows 10/11 (64-bit). Single executable with no dependencies.

File
sherlock-hash-verifier.exe
SHA256
dab4645cc86fe2ec6eb3ebb3472387e4bda26d14bb30defa4cab4220ff14a3b6
Version
0.1.4
Platform
Windows 10/11 (64-bit)
Use Web Version

Questions

Hash Calculator FAQ

What is a file hash?
A file hash is a fixed-length cryptographic fingerprint computed from the contents of a file. Even a single byte change produces a completely different hash value. SHA256, SHA512, MD5 and SHA1 are common hash algorithms used in forensic investigations and software verification.
Why is SHA256 preferred over MD5 for forensics?
MD5 has known collision vulnerabilities where two different files can produce the same hash. SHA256 has no known practical collisions and is accepted by courts, NIST and law enforcement agencies as the standard for forensic integrity verification. Sherlock Forensics Hash Calculator supports both but recommends SHA256 for evidentiary work.
Is Sherlock Forensics Hash Calculator free?
Yes. Sherlock Forensics Hash Calculator is completely free with no trial period, no feature restrictions and no expiry. All hash algorithms including SHA256, SHA512, MD5 and SHA1 are available at no cost.
How does drag-and-drop hashing work?
Drag a file from Windows Explorer onto the Sherlock Forensics Hash Calculator window. The tool immediately computes SHA256, SHA512, MD5 and SHA1 hashes for the file. No file browsing dialogs required. You can also use the Open File button for traditional file selection.
Can I hash multiple files at once?
Yes. Drag multiple files or an entire folder onto the application window. Sherlock Forensics Hash Calculator processes each file and displays all hash values in a sortable list that can be exported to CSV.
How do I verify a downloaded file is safe?
The publisher provides a SHA256 hash for the download. After downloading, drag the file onto Sherlock Forensics Hash Calculator and compare the computed SHA256 with the published value. If the hashes match, the file has not been modified or tampered with during download.
Is there a web-based version?
Yes. Sherlock Forensics offers a browser-based hash verification tool at sherlockforensics.com/pages/hash-verifier.html that processes files entirely in your browser. No uploads required. The desktop version handles larger files and batch processing more efficiently.

Get Started

Verify File Integrity Today

Free hash calculator for forensic professionals, IT administrators and anyone who needs to verify file integrity. Built by the same team that delivers expert witness testimony in Canadian courts.

Since 2006CISSP, ISSAP, ISSMP certified604.229.1994
Use Web Version

Sherlock Forensics Hash Calculator is provided for lawful use. Terms of Service

Download

Enter your details to download. We will send you update notifications for new versions.