Verify Any File Hasn't Been Altered — In Seconds, Offline

What File Hashing Proves

A cryptographic hash is a fixed-length fingerprint computed over a file's exact bytes. Change a single byte — a tweaked timestamp, an edited pixel, a flipped bit from a bad disk — and the hash changes completely. That property makes hashing the cleanest way to answer one blunt question: is this file exactly what it was when it was collected? Record the hash when you acquire a file, recompute it later, and a matching value is strong proof the file is unaltered. For auditors, investigators, lawyers and security teams, that is the foundation everything else builds on.

SHA-256, SHA-512 and BLAKE3 — Explained Simply

SHA-256 is the everyday standard: a 256-bit digest that is fast, widely recognised and collision-resistant, which is why it is the default for most forensic and integrity work. SHA-512 works the same way but produces a longer 512-bit digest for an extra margin of assurance. BLAKE3 is a modern algorithm built for speed — it hashes very large files noticeably faster while staying cryptographically strong. The tool also offers SHA-384, SHA-224, SHA3 and MD5; reach for MD5 only when you need to match an older record, since it is no longer collision-resistant. In practice, pick SHA-256 unless someone gave you a value in another algorithm.

Verify vs Compute — The Workflow

There are two things you can do with the tool. Compute means generating a hash for a file you are recording for the first time — you keep that value as the baseline. Verify means checking a file against a value you already have. To verify, compute the file's hash, then paste the known original into the Compare box. The tool lines the two up and prints the result: MATCH if every byte is identical, NO MATCH if anything has changed. No squinting at two columns of hex — the verdict is stated plainly so you can act on it immediately.

Why Offline Matters — No Upload, No Leak

Many online hash tools ask you to upload your file to their server. For sensitive evidence, confidential case material or regulated data, that is exactly what you must avoid. The e-Dex hash tool computes everything in your browser, on your own device, using built-in cryptography — the file never leaves your computer. The desktop app goes further and runs fully offline on Windows. No upload, no leak, no third party touching your data. That is the difference between a casual checksum and a defensible verification you can stand behind.

Get a Signed Verification Certificate

When you need more than an on-screen verdict, the e-Dex desktop app turns the result into a one-page evidence integrity certificate: multi-algorithm hashes per file, an overall MATCH / NO MATCH result, and optional PAdES digital signature and RFC-3161 trusted timestamp. It is the document auditors, investigators and lawyers attach to prove a file is exactly what it should be. To understand where hashing fits in a full investigation, see the role of hashing in digital forensics. Download e-Dex free to produce one offline on your own machine.

Frequently Asked Questions

What is a hash calculator for forensic files?
It is a tool that computes a cryptographic fingerprint — such as SHA-256, SHA-512 or BLAKE3 — over a file's exact contents. Because changing a single byte changes the whole hash, recomputing the value and comparing it to a previously recorded one proves whether the file is bit-for-bit unaltered. The e-Dex hash tool runs in your browser and offline on Windows, so it suits forensic, audit and evidence work.

Are my files uploaded when I use the in-browser hash tool?
No. The hash is computed entirely on your own device using the browser's built-in cryptography. The file never leaves your computer and nothing is sent to any server, so there is no upload, no leak and no exposure of sensitive evidence.

Which hash algorithm should I use to verify a file?
SHA-256 is the standard default and is recommended for most forensic and integrity work. SHA-512 offers a longer digest, and BLAKE3 is faster on large files. The tool also supports SHA-384, SHA-224, SHA3 and MD5; use MD5 only to match against older records, since it is no longer collision-resistant.

What does MATCH or NO MATCH mean?
After computing a file's hash you paste the known, original value into the Compare box. MATCH means every byte is identical and the file is unchanged since it was recorded. NO MATCH means at least one byte differs, so the file has been altered or corrupted.