Hashing can help to identify if a downloaded file is the same as the one sent. Most big download sites proved a hash sum prior to downloading. verifying it can prevent a man-in-the-middle attack. # SHAsums `sha1sum filename` there are many different SHA versions. such as `sha256/512`. these will produce longer results which may be more accurate as well as secure. you can append these results to another file and use `diff` to easily check if they are different... `sha256sum file1 >> sha-file1` `sha256sum file2 >> sha-file2` `diff file1 file2` # Hashcat `hashcat -a 0 hash.txt /usr/share/seclists/Passwords/Leaked-Databases/rockyou-75.txt` - **put the hash a file (hash.txt)** - wordlist most likely in `/usr/share/seclists` - use hashcat over john wherever possible, it is far faster as it uses the GPU - if output is not in stdout run `cat ~/.local/share/hashcat/hashcat.potfile`