Checksums work like a fingerprint. It is used to verify file integrity. If the files have the same checksums, then they are identical. It can also be used to check if the file has been previously scanned as malicious.
<h3 id="heading-on-windows">On Windows:</h3>
<ol>
<li><a target="_blank" href="https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/certutil">certutil</a>:
<pre><code class="lang-bash"> certutil -hashfile &lt;filepath&gt; SHA256
</code></pre>
 <img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1681477053717/b0cbc661-ee41-412e-96fc-e3d2eeb5231c.png" alt />
</li>
<li><a target="_blank" href="https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/get-filehash?view=powershell-7.3">Get-FileHash</a>
<pre><code class="lang-bash"> Get-FileHash &lt;filepath&gt; -Algorithm SHA256
</code></pre>
 <img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1681477069290/3542a26e-81ac-4f80-9c26-7bb984dc77e4.png" alt />
</li>
</ol>
<h3 id="heading-on-linuxmacos">On Linux/macOS:</h3>
<ol>
<li><a target="_blank" href="https://man7.org/linux/man-pages/man1/sha256sum.1.html">sha256sum</a>
<pre><code class="lang-bash"> sha256sum &lt;filepath&gt;
</code></pre>
 <img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1681477392350/ffb8b37f-c6c2-4e6a-a09e-d2ea8ebac6fb.png" alt class="image--center mx-auto" />
</li>
<li><a target="_blank" href="https://opensource.apple.com/source/CPANInternal/CPANInternal-62/Digest-SHA/shasum.auto.html">shasum</a>
<pre><code class="lang-bash"> shasum -a 256 &lt;filepath&gt;
</code></pre>
 <img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1681477820614/6156ea96-77ac-4155-b095-11ba199c0ce2.png" alt class="image--center mx-auto" />
</li>
</ol>
The file hash can also be checked on <a target="_blank" href="https://www.virustotal.com/gui/home/search">VirusTotal</a> and <a target="_blank" href="https://labs.inquest.net/">InQuest</a>
f29bc64a9d3732b4b9035125fdb3285f5b6455778edca72414671e0ca3b2e0de
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1681478175894/2cfca925-2a53-4a38-8482-915bfb62b4f1.png" alt class="image--center mx-auto" />
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1681478260927/989289a1-d01f-417f-8209-5390164721f9.png" alt class="image--center mx-auto" />

Checksums work like a fingerprint. It is used to verify file integrity. If the files have the same checksums, then they are identical. It can also be used to check if the file has been previously scanned as malicious.

### On Windows:

1. [certutil](https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/certutil):
 
 ```bash
 certutil -hashfile <filepath> SHA256
 ```
 
 ![](https://cdn.hashnode.com/res/hashnode/image/upload/v1681477053717/b0cbc661-ee41-412e-96fc-e3d2eeb5231c.png align="left")
 
2. [Get-FileHash](https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.utility/get-filehash?view=powershell-7.3)
 
 ```bash
 Get-FileHash <filepath> -Algorithm SHA256
 ```
 
 ![](https://cdn.hashnode.com/res/hashnode/image/upload/v1681477069290/3542a26e-81ac-4f80-9c26-7bb984dc77e4.png align="left")
 

### On Linux/macOS:

1. [sha256sum](https://man7.org/linux/man-pages/man1/sha256sum.1.html)
 
 ```bash
 sha256sum <filepath>
 ```
 
 ![](https://cdn.hashnode.com/res/hashnode/image/upload/v1681477392350/ffb8b37f-c6c2-4e6a-a09e-d2ea8ebac6fb.png align="center")
 
2. [shasum](https://opensource.apple.com/source/CPANInternal/CPANInternal-62/Digest-SHA/shasum.auto.html)
 
 ```bash
 shasum -a 256 <filepath>
 ```
 
 ![](https://cdn.hashnode.com/res/hashnode/image/upload/v1681477820614/6156ea96-77ac-4155-b095-11ba199c0ce2.png align="center")
 

The file hash can also be checked on [VirusTotal](https://www.virustotal.com/gui/home/search) and [InQuest](https://labs.inquest.net/)

**f29bc64a9d3732b4b9035125fdb3285f5b6455778edca72414671e0ca3b2e0de**

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1681478175894/2cfca925-2a53-4a38-8482-915bfb62b4f1.png align="center")

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1681478260927/989289a1-d01f-417f-8209-5390164721f9.png align="center")

iamsywid

iamsywid

TIL: How to generate checksum?

On Windows:

On Linux/macOS: