fatcousin
// industry vertical

post-quantum cryptography forensics

NIST ML-KEM/ML-DSA/SLH-DSA artifacts + hybrid migration traces — TLS/SSH/IPsec PQC negotiation · X509 chain migration · XMSS/LMS stateful signatures · liboqs benchmarks · Signal PQXDH sessions.

tools
12
priority
H
processing
local · in browser

start here · primary tools

ordered. work top-down. the first tool is the suggested entry point for this vertical.

  1. ml kem key metadata forensic analyzerdrop ml-kem/kyber key export · parse parameter set + public key fingerprint + alg id · runs locally
  2. hybrid pqc tls handshake forensic analyzerdrop tls clienthello/serverhello pcap text · parse classical + pqc group negotiation · runs locally
  3. pqc x509 certificate chain migration detectordrop x509 chain export · detect hybrid/pqc public keys + legacy fallback · runs locally
  4. ssh post quantum kex negotiation forensic analyzerdrop ssh kex debug log · parse hybrid kex method + host key alg · runs locally
  5. case report generatorfill in case number · examiner · dates · findings · drop evidence files for auto hash · generates structured forensic report PDF · runs locally

also useful · secondary tools

cross-cutting tools that surface depending on the specific investigation.

  1. ml dsa signature artifact forensic analyzerdrop ml-dsa/dilithium signature bundle · parse context string + sig length + verify hints · runs locally
  2. slh dsa signature log forensic analyzerdrop slh-dsa/sphincs signature log export · parse hash function + tree height + index · runs locally
  3. xmss lms stateful hash signature forensic analyzerdrop xmss/lms signature archive · parse index usage + one-time key consumption · runs locally
  4. ipsec post quantum transform log forensic analyzerdrop ike/ipsec sa negotiation log · parse pqc transform proposals + selected suite · runs locally
  5. signal protocol pqxdh session forensic analyzerdrop signal pqxdh session metadata export · parse kyber prekey + double ratchet epoch · runs locally
  6. liboqs pqc benchmark log forensic analyzerdrop liboqs benchmark csv/json · parse kem/sig timings + failure counts · runs locally
  7. evidence manifest generatordrop evidence files · compute md5 sha1 sha256 · chain of custody manifest · case number · analyst · export pdf and csv · runs locally

want deeper PQC coverage?

this vertical is intentionally sparse — deep-moat coverage grows over time. tracked in the forensics rollout.

ready