Most of the time a file’s checksum is listed on the file’s download page. Validating a file’s checksum ensures the file was not corrupted during the download.
The developers provide the sha256 checksum on the download page to make it easy to validate after the operating system is downloaded.
For our example we will validate the sha256 checksum of a kali linux iso.
To validate a new Kali linux download use the following commands for each respective operating system. Also, at this point I’m assuming you already downloaded a kali linux iso.
Openssl dgst -sha256 /path/to/kali.iso
As you can see in the image above the hashes for the “kali-linux-2018.2-am64.iso match.
certutil.exe -hashfile .\kali-linux-2018.2-amd64.iso sha256
As you can see in this example the hashes for the ““kali-linux-2018.2-am64.iso” match as well.
Validating different Checksum Algorithms
When validating other files or different checksums just swap the filename and/or the algorithm.
Openssl dgst -sha256 /path/to/your/file.iso
Openssl dgst -md5 /path/to/your/file.txt
As you can see from the above examples you can generate a checksum for any file you want.