Scan in your browser — your code, keys and passwords never leave this machine.
PQLens
Sign in with your email — no password, just a one-time link.
Already purchased a plan? Paste the licence key from your email — it attaches to this account once.
Scans source code (Python, JavaScript/TypeScript, Java/Kotlin, Go) for crypto usage and classifies each by quantum risk.
0
Broken
0
Quantum-vulnerable
0
Quantum-weakened
0
PQC-ready
Findings
Status
Algorithm
Library
Location
No crypto usage found. 🎉
You're on the Free plan: results are view-only here (no export or copy) and only your most recent scan per surface is kept.
See plans →
Cryptographic inventory
Every algorithm across every scan you've synced — not one scan, the whole estate. Computed right here in your
browser from your account's saved findings.
Every synced scan, kept in your account. Drift compares a source's two most recent scans.
PQC Readiness Assessment
–/ 100
Signed evidence
Once a key exists, your HTML and PDF exports above automatically carry a real ML-DSA-65 signature line —
readable AND provable. "Sign current inventory" below produces the separate machine-verifiable JSON pack
(for the Verify box, or an auditor's own tooling).
Verify a report
Check any PQLens evidence pack — including one someone sent you. Free, always, no signing key needed.
PQLens never claims "quantum-proof." Verdicts follow NIST FIPS 203–205 and CNSA 2.0.