Free PQC check · Post-quantum TLS scanner · No signup

PQC check for any website, server or organization

Scan any public host and instantly see whether its TLS handshake is Post-Quantum ready — hybrid X25519MLKEM768 (RFC 9794), pure ML-KEM, server preference, classical fallback, and legacy-TLS advisory. 12 parallel handshakes finish in under 100 ms.

10 of 10 scans left for your IP today (rolling 24h window). Sign in for 50/day →

What we test

  1. TLS 1.3 negotiation — required for hybrid PQC.
  2. Hybrid groups — X25519MLKEM768, SecP256r1MLKEM768, SecP384r1MLKEM1024.
  3. Pure ML-KEM — MLKEM768, MLKEM1024.
  4. Server preference — when offered the full menu, which group does your server actually pick?
  5. Classical fallback — old clients still need to connect.
  6. Legacy TLS 1.0/1.1 — raw-socket detection (advisory).
  7. Certificate signature — is it ML-DSA / SLH-DSA, or still classical RSA/ECDSA?

Why hybrid?

Pure ML-KEM is a brand-new primitive — if a flaw is discovered, anything protected by it alone breaks retroactively (harvest-now-decrypt-later). The IETF-standardised hybrid combines ML-KEM-768 with X25519: an attacker has to break both.

"Hybrid is the prudent path for the migration period." — IETF TLS WG, 2024.

Your scans

Counts below are for your IP only.

last 24h0
last 30d0
all time0

Frequently asked questions about PQC checking

What is a PQC check, and why do I need one?

A PQC check (Post-Quantum Cryptography check) tests whether a website, server or enterprise system can negotiate a quantum-safe TLS handshake. Today's classical key-exchange (RSA, ECDH over X25519 or P-256) is vulnerable to "harvest-now, decrypt-later" attacks once a cryptographically-relevant quantum computer exists. A PQC scan tells you, in seconds, whether your endpoint already supports ML-KEM (FIPS 203) — alone or in a hybrid construction like X25519MLKEM768 standardised in RFC 9794.

How do I scan a website for PQC support for free?

Type your domain (e.g. example.com) or IP in the box at the top of this page and press Run scan. No signup is required for a small daily quota; signing in raises the limit. The scanner runs 12 parallel TLS handshakes — TLS 1.2 and 1.3, server-preferred and client-forced, hybrid and pure ML-KEM groups, plus a legacy TLS 1.0/1.1 advisory probe — and returns a verdict in under a second.

Which post-quantum algorithms does this PQC scanner test?

The scanner probes the standardised post-quantum key-exchange groups defined for TLS 1.3:

  • X25519MLKEM768 — RFC 9794 hybrid (preferred, what modern browsers use).
  • SecP256r1MLKEM768 and SecP384r1MLKEM1024 — hybrid on classical NIST curves.
  • MLKEM768 and MLKEM1024 — pure ML-KEM (FIPS 203).
  • Classical fallback (X25519, secp256r1, secp384r1) for compatibility scoring.

Certificate signatures are also inspected for ML-DSA (FIPS 204) and SLH-DSA (FIPS 205).

How is the PQC verdict assigned?

In severity order: ready (server prefers a hybrid PQC group), capable (hybrid supported but classical preferred), pure_only, not_ready, insecure (legacy TLS 1.0/1.1 and no PQC), unreachable. If both legacy TLS and PQC are detected the verdict stays at the PQC level and a legacy advisory is added — many CDN edges genuinely keep TLS 1.0/1.1 for old enterprise clients while doing ML-KEM with everyone else.

Can I check if my organization or enterprise system supports PQC at scale?

Yes. Signed-in members get a higher quota, scan history, a private domain inventory with DNS-TXT ownership verification, and passive subdomain discovery — useful for auditing every public surface of an organization. For internal / non-public assets (mail, database, OT, IoT, IPsec, SSH, STARTTLS), use the broader QSense QES & QSense In tooling.

Is "post-quantum ready" the same as "quantum safe"?

Roughly, yes — both refer to TLS using cryptography believed to resist attacks from a future cryptographically-relevant quantum computer (CRQC). The IETF prefers the term post-quantum; NIST also uses quantum-resistant. A passing PQC check on this scanner means the server completes a TLS 1.3 handshake using ML-KEM either in pure or hybrid form.

ตรวจสอบ PQC คืออะไร และทำไมต้องเช็ค?

การตรวจสอบ PQC (Post-Quantum Cryptography) คือการทดสอบว่าเว็บไซต์หรือระบบของคุณรองรับการแลกกุญแจแบบ ทนต่อควอนตัม หรือยัง การเข้ารหัสแบบเดิม (RSA, ECDH) เสี่ยงต่อการโจมตีแบบ harvest-now, decrypt-later เมื่อมีคอมพิวเตอร์ควอนตัมที่ใช้งานจริงได้ การทดสอบ PQC ฟรีบนหน้านี้จะบอกในไม่กี่วินาทีว่าเซิร์ฟเวอร์ของคุณรองรับ ML-KEM และ X25519MLKEM768 ตามมาตรฐาน RFC 9794 แล้วหรือยัง

ทดสอบ PQC ฟรี — ใช้งานยังไง?

พิมพ์โดเมน เช่น example.com ที่ช่องด้านบนแล้วกด Run scan ระบบจะทำ TLS handshake 12 รอบขนานพร้อมกัน ครอบคลุมทั้ง hybrid และ pure ML-KEM พร้อมตรวจ TLS 1.0/1.1 ผลสรุปออกในไม่ถึง 1 วินาที ไม่ต้องสมัครสมาชิก (สมาชิกได้ quota สูงกว่า + เก็บประวัติได้)