Perhaps this tool is well known within the community, but I was not aware of it until now. findmyhash is a Python script that searches for hashes in different online services, supporting the most common ones: MD5, SHA1, LM, NTLM, etc. (check the website for more details).

Looking at the source code, it uses many  websites I was not aware of.

It is kinda neat that you may not need to use brute force to crack a hash, but the downside ,of course, is that you are sending your hashes to services you may not trust 100%.  Would it be legit to use it during a pentest since we are sending data from our costumers to third party services?