pqcheck is an open-source command-line tool that scans source code and dependency graphs to detect risks related to post-quantum cryptography. Below are 12 security & compliance platforms apps with similar functionality to pqcheck, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
pqc-check is an open-source command-line tool that scans cryptographic implementations for vulnerabilities to quantum attacks. It helps security engineers and developers assess and improve the quantum safety of their codebases. Distributed under the MIT license, it is freely available for integration into security workflows.
pqc-scan is a command-line tool designed for developers and security engineers to scan codebases for cryptographic algorithms that are vulnerable to quantum attacks. It provides static analysis and outputs results in SARIF format, helping teams improve their security posture. The tool is open source and distributed via PyPI.
pqcprobe is a command-line tool for probing server TLS configurations and evaluating readiness for post-quantum key exchanges, specifically ML-KEM. It helps security engineers and administrators audit cryptographic compliance and future-proof their infrastructure.
pqc-migration-scanner is an open-source CLI tool that scans codebases for vulnerabilities related to post-quantum cryptography. It helps security engineers and developers identify and address compliance issues in preparation for the post-quantum era. The tool is MIT licensed and suitable for integration into security workflows.
qorex is an open-source CLI tool that scans codebases for cryptography vulnerable to quantum attacks and provides guidance for migrating to NIST post-quantum cryptography standards. It is designed for security engineers and developers focused on future-proofing their applications.
Cryptographic Bill of Materials provides an in-browser tool to scan codebases for post-quantum cryptography vulnerabilities, grading readiness from A to F. It offers a free browser-based scan, a GitHub Action for CI integration, and exports CycloneDX CBOMs and SARIF reports. Security engineers can use it to assess and document cryptographic exposure without uploading sensitive code.
pqsafe is an open-source Python SDK that provides tools for implementing post-quantum cryptography and agent-based payment systems. It supports ML-DSA and FIDO alliance standards, helping developers build secure, future-proof applications.
quantinuum-qircheck is an open-source command-line tool designed to verify the compatibility of QIR (Quantum Intermediate Representation) code with Quantinuum quantum devices. It assists quantum computing developers in validating their code before deployment.
pqc-scanner is a command-line tool for automated timing side-channel scanning of NIST PQC standards ML-KEM and ML-DSA. It helps security researchers and cryptographers identify vulnerabilities in post-quantum cryptographic implementations.
PQCToolkit is a security application offering post-quantum encryption and digital signature capabilities using ML-KEM and ML-DSA. It operates entirely locally, ensuring privacy and no telemetry, and is available as a mobile app and browser extension.
pipeline-check is an open-source command-line tool that scans CI/CD pipelines and infrastructure-as-code (IaC) configurations for security vulnerabilities. It supports platforms like GitHub Actions, GitLab CI, Terraform, and Kubernetes, providing checks against the OWASP CI/CD Top 10. Designed for DevSecOps teams to improve pipeline security.
PostQ Labs offers a platform for enterprises to assess and manage their quantum vulnerability risk. It provides a comprehensive database, risk scoring, and compliance tools, with API access for integration. The service is aimed at security teams preparing for the post-quantum era.