Code Analysis
Scan source code for cryptographic usage with pqprobe-static.
pqprobe-static scan .
Scan current directory for crypto usage
pqprobe-static scan . --languages go,python
Scan only Go and Python files
pqprobe-static scan . --severity high
Only report high+ severity findings
pqprobe-static scan . --output json
JSON output for automation
pqprobe-static scan . --output sarif
SARIF output for GitHub/GitLab Code Scanning
160+ detection patterns across Go, Python, Java, C/C++, JavaScript, TypeScript, Rust, C#, Ruby, PHP. Detects insecure random, deprecated algorithms (MD5, SHA-1, DES, RC4, Blowfish), weak KDFs, hardcoded IVs/nonces, insecure TLS config, weak key sizes, and certificate pinning. Also scans config files (nginx, Apache, YAML, JSON) and certificates.
Dependency Audit
Scan dependency manifests for crypto library usage and PQC readiness.
pqprobe dep-audit .
Audit current project for crypto dependencies
pqprobe dep-audit /path/to/project
Audit a specific project directory
pqprobe dep-audit . --output json
JSON output for automation
Parses go.mod, package.json, requirements.txt, Pipfile, pyproject.toml, Cargo.toml, pom.xml, build.gradle, Gemfile, composer.json, and *.csproj. Reports algorithms used, PQC readiness, and minimum versions needed for PQC support across 8 ecosystems.
Local Scanning
Scan local filesystems for cryptographic artifacts.
pqprobe scan-local
Scan default paths for crypto files
sudo pqprobe scan-local --system
Scan system paths (requires root)
pqprobe scan-local /etc/ssl ~/.ssh
Scan specific directories
pqprobe scan-local --sensitivity 2
Critical data sensitivity (affects scoring)
pqprobe scan-local --output json
JSON output for automation
Finds certificates (.pem, .crt, .cer, .der, .p12, .pfx), private keys, Java keystores, SSH keys, GPG keyrings, and crypto config files. Works on Linux, macOS, and Windows.
Protocol Scanning
Scan individual hosts for cryptographic configuration across multiple protocols.
Web & TLS
pqprobe scan example.com
TLS/HTTPS - versions, ciphers, certificates, PQC detection
Remote Access
pqprobe scan-ssh server.example.com
SSH - key exchange, host keys, ciphers, MACs
pqprobe scan-rdp server.example.com
RDP - TLS, NLA, CredSSP, security protocol
pqprobe scan-smtp mail.example.com
SMTP - STARTTLS, TLS config, certificates
pqprobe scan-imap imap.example.com
IMAP - STARTTLS, implicit TLS (993)
pqprobe scan-pop3 mail.example.com
POP3 - STLS, POP3S (995)
Directory & Authentication
pqprobe scan-ldap ldap.example.com
LDAP - STARTTLS, LDAPS (636)
pqprobe scan-smb fileserver.example.com
SMB/NTLM - NTLMv1/v2, signing, encryption, ESS
Databases
pqprobe scan-mysql db.example.com
MySQL - SSL/TLS capability, auth plugins, ciphers
pqprobe scan-postgres db.example.com
PostgreSQL - SSL mode, TLS version, ciphers
pqprobe scan-mongodb mongo.example.com
MongoDB - TLS mode, server version, auth
pqprobe scan-redis redis.example.com
Redis - TLS (Redis 6+), version, auth
pqprobe scan-cassandra cassandra.example.com
Cassandra - CQL TLS (9142), version, auth
Message Queues
pqprobe scan-kafka kafka.example.com
Kafka - SSL/SASL_SSL (9093/9094), API versions
pqprobe scan-amqp rabbitmq.example.com
RabbitMQ/AMQP - AMQPS (5671), protocol version
pqprobe scan-xmpp xmpp.example.com
XMPP - STARTTLS, implicit TLS (5223), SASL
Healthcare
pqprobe scan-fhir fhir.hospital.org
FHIR - R4/R5, SMART on FHIR, TLS, HIPAA
pqprobe scan-hl7 hl7.hospital.org
HL7/MLLP - HL7v2, secure MLLP, PHI protection
pqprobe scan-dicom pacs.hospital.org
DICOM - Medical imaging, DICOM-TLS, AE titles
File Transfer
pqprobe scan-ftp ftp.example.com
FTP - AUTH TLS, FTPS (990), explicit/implicit
Network Discovery
Scan entire networks to discover cryptographic services.
pqprobe discover --cidr 10.0.0.0/24
Discover all crypto services in a subnet
pqprobe discover --cidr 10.0.0.0/24 --concurrency 50
Parallel scanning with 50 concurrent connections
Automatically detects 80+ service types including TLS, SSH, SMTP, IMAP, databases, message queues, healthcare protocols, and more.
Endpoint Auditing
Audit local machine cryptographic configuration.
Windows
pqprobe audit-windows
Audit Windows NTLM and crypto configuration
pqprobe audit-windows --output json
JSON output for automation
Checks LmCompatibilityLevel registry settings, NTLMv1/v2 policy, NTLM authentication events, and security configuration. Must be run locally on the Windows host.
Analysis
Analyze cryptographic posture and track changes over time.
pqprobe analyze example.com --days 90
Analyze crypto trends over the last 90 days
pqprobe priorities --tier EMERGENCY
Show highest-priority migration targets
pqprobe efficiency example.com
Analyze cryptographic efficiency
pqprobe history example.com
View scan history for a target
Inventory
Manage your cryptographic asset inventory.
pqprobe certificates --expiring 30
List certificates expiring within 30 days
pqprobe software
List detected software and versions
pqprobe targets
List all scan targets
pqprobe stats
Show inventory statistics
Export & Integration
Export data and integrate with existing tools.
Export Formats
pqprobe export --output inventory.csv
Export full inventory to CSV
pqprobe export-certificates
Export certificate inventory
pqprobe export-cbom output.json
Export CycloneDX Cryptographic Bill of Materials
pqprobe report example.com
Generate detailed report for a target
pqprobe scan example.com -o json
JSON output for automation
Tool Integration
pqprobe analyze-nmap scan.xml
Import and analyze nmap scan results
pqprobe --db inventory.db scan ...
Use SQLite for persistent storage
pqprobe --db postgres://... scan ...
Use PostgreSQL for persistent storage