In modern software development, maintaining high security standards during the testing phase is paramount. The mock-jutsu library provides developers with the password_hash function, a specialized tool designed to generate realistic, industry-standard cryptographic strings for various development environments. By using mock-jutsu to create mock data, engineers can ensure that their application’s authentication layers are tested against data that mirrors real-world production environments without ever compromising sensitive information or using actual user credentials.
The password_hash function specifically implements the bcrypt algorithm, which remains one of the most trusted standards for securing user credentials. Each generated string follows the strict format of $2b$ followed by the cost factor, a 22-character salt, and a 31-character hash, resulting in a precise 60-character output. The mock data produced includes all the necessary components of a valid bcrypt hash, ensuring it passes validation checks in most modern security frameworks. This level of detail is crucial for developers who need to validate database schema constraints or test the parsing logic of their security modules using high-quality test data.
Utilizing the password_hash function is particularly beneficial for several critical testing scenarios. When seeding a development database, developers can populate thousands of user records with unique, valid-format hashes to simulate a mature system. This is also invaluable for performance testing; since bcrypt is intentionally designed to be computationally expensive, using realistic hashes allows teams to measure the actual latency of their login endpoints under heavy load. Furthermore, it aids in security audits and UI development by providing a safe way to test hash-handling logic and display constraints without touching live secrets.
Flexibility is a core advantage of mock-jutsu, as the password_hash function is accessible across multiple interfaces to suit different workflows. Whether you are working directly in a Python script, running a quick command through the CLI to generate a one-off string, or conducting large-scale stress tests in JMeter with the custom function plugin, the library ensures consistent and reliable results. By integrating these automated tools into your CI/CD pipeline, you can generate reliable test data on the fly, significantly reducing the manual overhead of managing security-related mock data while maintaining a robust and professional security posture.
mockjutsu generate password_hashmockjutsu bulk password_hash --count 10mockjutsu export password_hash --count 10 --format jsonmockjutsu export password_hash --count 10 --format csvmockjutsu export password_hash --count 10 --format sql# --mask: regulation-compliant output (PCI DSS / GDPR / KVKK)mockjutsu generate password_hash --maskmockjutsu bulk password_hash --count 5 --maskfrom mockjutsu import jutsujutsu.generate('password_hash')jutsu.bulk('password_hash', count=10)jutsu.template(['password_hash'], count=5)# mask=True: regulation-compliant outputjutsu.generate('password_hash', mask=True)jutsu.bulk('password_hash', count=5, mask=True)${__mockjutsu_security(password_hash)}# JMeter Function: __mockjutsu_security# Parameter 1: password_hash# Parameter 2: (not required for this function)# Add 'mask' keyword to get a regulation-compliant masked value${__mockjutsu_security(password_hash,mask)}GET /generate/password_hash# → {"type":"password_hash","result":"...","status":"ok"}GET /bulk/password_hash?count=10POST /template {"types":["password_hash"],"count":1}# mask=true: regulation-compliant outputGET /generate/password_hash?mask=trueGET /bulk/password_hash?count=5&mask=true| Parameter | Values | Description |
|---|---|---|
| --mask | true | false | Return a regulation-compliant masked value (PCI DSS, GDPR, KVKK…) |