In today’s digital world, file security and data integrity are more important than ever. Every time you download software, transfer a file, or install an update, you’re trusting that the file hasn’t been altered, corrupted, or tampered with. That’s where file hashing comes in.
Method 1: Get File Hash Using certutil (Built-in Windows Tool)
Windows includes a built-in command-line utility called certutil that can generate file hashes without installing any additional software.
Step 1: Open Command Prompt or PowerShell
Win + R → type cmd → press Ctrl + Shift + Enter to run as Administrator
Or open PowerShell from the Start menu.
Step 2: Run the Hash Command
certutil -hashfile "filename.exe" ALGORITHMReplace “filename.exe” with your file name (include full path if needed).
Generate MD5 Hash
certutil -hashfile "filename.exe" MD5Generate SHA1 Hash
certutil -hashfile "filename.exe" SHA1Generate SHA256 Hash (Recommended)
certutil -hashfile "filename.exe" SHA256Generate SHA512 Hash
certutil -hashfile "filename.exe" SHA512After running the command, Windows will output the calculated hash value.
Step 3: Compare the File Size
Before trusting a file, you should also verify the file size.
dir "filename.exe"This will display:
- File size (in bytes)
- Date modified
- File attributes
Compare the file size with the official source. If the size differs, the file may be incomplete or modified.
Method 2: Get File Hash Using PowerShell (Modern Approach)
PowerShell includes a native cmdlet called Get-FileHash, which is often more convenient than certutil.
Generate SHA256 Hash (Default)
Get-FileHash "filename.exe"By default, PowerShell uses SHA256. Specify a Different Algorithm:
Get-FileHash "filename.exe" -Algorithm MD5Get-FileHash "filename.exe" -Algorithm SHA1Get-FileHash "filename.exe" -Algorithm SHA256Get-FileHash "filename.exe" -Algorithm SHA512Recommendation:
Use Get-FileHash if you’re working in PowerShell. Use certutil if you’re using Command Prompt or working in older environments.
Why Hash Verification Is Important
Here are the main reasons to check file hashes:
- Verify Download Integrity
- Detect File Tampering
- Ensure File Consistency Across Systems
When transferring files between systems or servers, hash comparison confirms the file remains identical.
Security Best Practices
- Prefer SHA256 or SHA512 over MD5 and SHA1.
- Always compare hashes from a trusted official source.
- Verify file size along with the hash.
- Avoid downloading executables from unverified websites.
