HashWatch#

HashWatch maintains a continuously updated library of cryptographic hashes for widely-deployed software. Updated every day from official vendor sources — no login, no account, no API key required.

What it does#

HashWatch fetches the official hash of each software release directly from the vendor and publishes the results on a public dashboard. If a file on an endpoint matches a hash in HashWatch, you know it is the genuine vendor release.

Use it to answer one question quickly:

Is this file the real vendor binary, or has it been tampered with?

Using the dashboard#

Open the public dashboard in any browser. No account is needed.

Using the Public Dashboard

API access#

Integrate HashWatch into your SIEM, IR workflow, or security tooling using the authenticated API. Requires an API key — contact your administrator.

API Reference

Covered software#

HashWatch currently tracks 56 vendor fetchers across Windows, Linux, macOS, and Android.

Covered Software

Getting Started Forward