"Harvest now, decrypt later."
The idea is to "Make an inventory where cryptography is used.
point it at any codebase, get a quantum-readiness grade in 30 seconds.
Also , the whole site is Matrix-themed — green text, scan lines, the works. Had a few extra tokens lying around and figured if we're going to inventory the crypto before quantum eats it, we might as well have fun with it.
What you actually get:
— Every RSA, ECDSA, ECDH, DH, AES-128, MD5, SHA-1 across 11 languages
— Quantum break time per algorithm, cited to peer-reviewed papers (RSA-2048 → ~8 hours, Gidney & Ekerå 2021)
— NIST 2030/2035 deadline tracking
— Migration plan pointed at FIPS 203/204/205 (ML-KEM, ML-DSA, SLH-DSA)
— SARIF + CycloneDX CBOM output for your existing security tooling
For anyone who wants to try out and check your favorite repo , I hosted it at https://qcrypt.dev and go paste any GitHub URL and check your favorite repo
right now, no install needed.
If you want to test it on your own private code, just fork the repo, run it on
your machine, and scan whatever you want — nothing leaves your laptop. You can also wire it into your CI so every PR gets scanned for new quantum-vulnerable crypto before it merges.
🌐 https://qcrypt.dev — paste a GitHub URL
⚡ Also available as an npm package: npx qcrypt-scan https://www.npmjs.com/package/qcrypt-scan— zero install, runs in seconds
💻 Fork https://github.com/varmabudharaju/qcrypt and run it locally on your own code