Security●●●Banger
Find quantum-vulnerable crypto in your code before 2030 hits
Context-aware crypto risk: knows MD5 in UUID differs from MD5 in passwords.
Solve My ProblemWizardryBig Brain
postquant
113mo ago
Back to browse
GitHub Repository
Scan codebases for quantum-vulnerable cryptography. Detect RSA, ECDSA, Ed25519, ECDH before Q-Day. CycloneDX CBOM + SARIF output.
2 starsTypeScript
pqaudit – scan your codebase for quantum-vulnerable cryptography
by xMKx·Apr 1, 2026·2 points·1 comment
AI Analysis
●●SolidSolve My ProblemNiche Gem
Security scanner for Q-Day migration when Snyk doesn't track this yet.
Strengths
- •CycloneDX CBOM and SARIF output integrates with existing GitHub Code Scanning workflows
- •Detects both vulnerable algorithms AND already-migrated PQC usage for tracking progress
Weaknesses
- •Only scans npm dependencies by default — needs language expansion for enterprise use
- •Quantum threat remains theoretical for most companies despite NSA 2027 mandate
Category
Target Audience
Security engineers, compliance teams preparing for CNSA 2.0
Similar To
Snyk · Dependabot · Semgrep
Similar Projects
Security●Mid
Lateos/NPM-scan – open-source NPM supply chain scanner, v0.18.3
NPM supply chain scanner competing against Socket, Snyk, and npm audit.
Ship It
lateos-ai
1011d ago
Security●●Solid
MCP-scan – Security scanner for MCP server configs
First security scanner for MCP configs as the protocol gains adoption.
Niche GemShip It
AbanoubRodolf
102mo ago
Security●●Solid
Nelson, a Ralph-like loop for finding vulnerabilities
Review mode filters false positives before escalating to humans.
Big BrainNiche Gem
SwellJoe
412mo ago
Developer Tools●●Solid
Keep .env.example in sync with Codebase
Catches missing env vars and even warns when API keys expire.
Solve My Problem
chrillemn
112mo ago
Security●●Solid
An open source tool that checks for post-quantum crypto
Dedicated PQC scanner for TLS and SSH when testssl.sh lags behind.
Solve My ProblemShip It
cs02rm0
2023d ago