Jake Murray – Cybersecurity Blog

Cybersecurity | Threat Intelligence | Hacking

Hash Radish: A Secure Hashing Tool Built in Python

Hash Radish on GitHub

I recently completed a Python project called Hash Radish, a command-line tool for securely hashing text and files using NIST approved hashing algorithms. This project, inspired by my passion for protecting data integrity, is the first program I have ever written from scratch, and taught me valuable technical and problem-solving skills that I’m excited to share.

What is Hash Radish?

Hash Radish is a lightweight, platform independent, and user-friendly Python program that allows users to:

  • Choose between inputting text or selecting a file.
  • Select from several SHA-2 and SHA-3 algorithms to generate a hash.

I designed it to simulate real-world command line tools that are used every day for hashing files, with an easy to use menu system.

(For those wondering, the name is a nod to my daughter. She loves radishes!)

Key Lessons Learned

1. Structuring Code for Clarity and Maintainability

Initially, my program used procedural code, with everything in one python file. After some research on code and program organization, I refactored it into a class-based structure using a HashManager class. This taught me:

  • Object-Oriented Programming (OOP): Encapsulating functionality improved code organization and re-usability.
  • Readability: Clear method names and comments made the code accessible to collaborators or future employers reviewing my GitHub.

Challenge: For a first program, everything felt like a massive challenge. However, the most difficult was ensuring the menu system worked seamlessly with the classes/modules I created for the programs logic. I solved this by researching and implementing module import functionality, error checking, and a main loop that kept everything running smoothly while allowing for graceful menu navigation.

2. Enhancing User Experience

Creating an intuitive command-line interface was critical. I learned to:

  • Handle Errors: Added input validation to prevent crashes from invalid entries (e.g., non-existent files).
  • Improve Navigation: Modified the menu to show “back” only in submenus, streamlining the user experience.

Example: When users typed “x” to exit, the program initially got stuck. Debugging this taught me to refine loop conditions, ensuring smooth exits. I also had a difficult time figuring out how to implement the back functionality to return to the main menu. This is where I learned about sub-classes and inheritance and implemented the SubMenu subclass.

3. Applying Cybersecurity Principles

Hash Radish reinforced the importance of secure hashing in cybersecurity:

  • Data Integrity: I explored how hashing algorithms protect against tampering in file verification. I also learned about deprecated and unsafe algorithms. This is why I chose to stick with NIST approved algorithms, as they are all verified to be secure.
  • Practical Application: Adding file hashing functionality mimicked real-world use cases, like ensuring software downloads are safe. Hashes of suspicious files can also be uploaded to threat intelligence websites to be compared with a database of known malicious files.

This deepened my understanding of cryptographic concepts from my Security+ certification and current CySA+ studies, preparing me for tasks like data integrity verification in SOC roles.

You can explore the project on my GitHub repository.

How This Project Prepared Me for Cybersecurity

Building Hash Radish strengthened skills critical for cybersecurity:

  • Technical Proficiency: Advanced my Python skills, including file I/O, error handling, and OOP.
  • Analytical Thinking: Debugging issues like loop errors sharpened my problem-solving approach.
  • Cybersecurity Knowledge: Applying hashing concepts bridged theory from classes and certifications to practical application.
  • Professional Communication: Writing clear documentation prepared me to articulate my work in interviews.

What’s Next?

I am now planning out my next project from a list of ideas. I’d like to build something a bit more technical and useful as an analyst; such as a log parsing tool or network scanner/monitor.

I’d love to hear your feedback or suggestions for improving Hash Radish! Connect with me on LinkedIn.

More Posts

Leave a comment