Short version
Get-FileHash <filename> for SHA256
Get-FileHash
Why?
File hashes are created by running a hashing algorithm against a file. Although the hash sizes are fixed, any change (even the smallest) will change the output. When you compare the file hash of a file you downloaded to the hash displayed on the source’s website you’ll know the file hasn’t been changed if the file hashes match.
Imagine if someone man in the middle’d a linux iso and you created a server VM template with it.
Example
Let’s make a test.txt file to use as an example.
test.txt
This is not a virus
PS C:\Users\aaron\Desktop> Get-FileHash .\test.txt Algorithm Hash Path --------- ---- ---- SHA256 3F65A201F0BC5FEE298421034CD6FB210BCDB29AE8642CFF4A1EE17B52BF75C1 C:\Users\aaron\Desktop\test.txt
Now let’s change a space character to alt+0160
test.txt
This is not a virus
PS C:\Users\aaron\Desktop> Get-FileHash .\test.txt Algorithm Hash Path --------- ---- ---- SHA256 689A3572BF7A1811359B006AB21A9F791722B02645CD87A3764E96817FE48296 C:\Users\aaron\Desktop\test.txt
Only one space was changed here. You might not be able to see the difference if you opened both versions of the file but the data is different so it changes the hash.
Command
You can use Get-FileHash <filename> in powershell to get file hash. Windows will use SHA256 by default.
There are other algorithms available by using the -Algorithm parameter.
Get-FileHash