Please list your hashes below...

Please input the NTLM hashes that you would like to look up. NOTE that the space character is replaced with [space].




Crack button disabled? We use Google reCAPTCHA v3.

HashKiller.co.uk is a hash lookup service. This allows you to input an NTLM hash and search for its corresponding plaintext ("found") in our database of already-cracked hashes.

It's like having your own massive password-cracking cluster - but with immediate results!

We have been building our hash database since August 2007.

Note that we do not use terms like "decrypted", "dehashed", or "reversed" - hashes can only be looked up quickly after they've been cracked the hard way.

In other words, we are not cracking your hash in realtime - we're just caching the hard work of many cracking enthusiasts over the years.

Output Formats:

  • Found: $hash[:$salt] $type $pass
  • Not found: $hash[:$salt] [No Match]
  • Invalid: $hash [Invalid]


The NTLM lookup results will be displayed in this box.
Please use the textbox above to specify the hashes you want cracked.

NT (New Technology) LAN Manager (NTLM) is a suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users. NTLM is the successor to the authentication protocol in Microsoft LAN Manager (LANMAN), an older Microsoft product. The NTLM protocol suite is implemented in a Security Support Provider, which combines the LAN Manager authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in a single package. Whether these protocols are used or can be used on a system is governed by Group Policy settings, for which different versions of Windows have different default settings. NTLM passwords are considered weak because they can be brute-forced very easily with modern hardware.