pqc-scan is a command-line tool designed for developers and security engineers to scan codebases for cryptographic algorithms that are vulnerable to quantum attacks. Below are 9 code review & quality apps with similar functionality to pqc-scan, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
pqc-check is an open-source command-line tool that scans cryptographic implementations for vulnerabilities to quantum attacks. It helps security engineers and developers assess and improve the quantum safety of their codebases. Distributed under the MIT license, it is freely available for integration into security workflows.
pqc-migration-scanner is an open-source CLI tool that scans codebases for vulnerabilities related to post-quantum cryptography. It helps security engineers and developers identify and address compliance issues in preparation for the post-quantum era. The tool is MIT licensed and suitable for integration into security workflows.
pqcheck is an open-source command-line tool that scans source code and dependency graphs to detect risks related to post-quantum cryptography. It helps security engineers and developers identify vulnerable algorithms and supply-chain issues, supporting SBOM and SARIF formats for integration into security workflows.
pqc-scanner is a command-line tool for automated timing side-channel scanning of NIST PQC standards ML-KEM and ML-DSA. It helps security researchers and cryptographers identify vulnerabilities in post-quantum cryptographic implementations.
pqcprobe is a command-line tool for probing server TLS configurations and evaluating readiness for post-quantum key exchanges, specifically ML-KEM. It helps security engineers and administrators audit cryptographic compliance and future-proof their infrastructure.
qorex is an open-source CLI tool that scans codebases for cryptography vulnerable to quantum attacks and provides guidance for migrating to NIST post-quantum cryptography standards. It is designed for security engineers and developers focused on future-proofing their applications.
Cryptographic Bill of Materials provides an in-browser tool to scan codebases for post-quantum cryptography vulnerabilities, grading readiness from A to F. It offers a free browser-based scan, a GitHub Action for CI integration, and exports CycloneDX CBOMs and SARIF reports. Security engineers can use it to assess and document cryptographic exposure without uploading sensitive code.
quantum-sniffer is an open-source command-line tool that inspects network handshakes for protocols like TLS, SSH, IKE, QUIC, and WireGuard, focusing on post-quantum cryptography. It helps security professionals assess cryptographic readiness and analyze packet captures for vulnerabilities.
pqsafe is an open-source Python SDK that provides tools for implementing post-quantum cryptography and agent-based payment systems. It supports ML-DSA and FIDO alliance standards, helping developers build secure, future-proof applications.