Test should be based on National Institute of Standard Technology (NIST) randomness tests.
A. Rukhin, et al. "A Statistical Test Suite for Random and Pseudo-random Number Generators for Cryptographic Applications”, NIST Special Publication 800-22, 2001.
There are indeed for PRNG. However, if you mean testing symmetric and asymmetric cryptosystems for trapdoors and security holes, i think this must be done through cryptanalysis and analytical simulations.
To conduct the proper cryptoattack in conjunction with the analytical simulation. You may consider developing an reverse engineering algorithm and assess each based on the volume of computation and its duration.
Such software does not exist. Some cryptanalysts may have piece of code that looks for the best linear/differential path or looks for the best biclique attack complexity or looks for rebound distinguishers or derives a polynomial system describing part of the cipher, ...
As you see there is a large panel of known attacks. to evaluate a symmetric algorithm you should first take a look at the best attacks you could mount for each of the known techniques then you should publish the algorithm and hope it will attract some of the cryptanalysts of the community.
Then, if after few years nobody found something (and indeed people did took a look) then may be the algorithm is secure.
Security of PRNG or NIST's randomness tests are irrelevant to the original question of "the strength of cryptography algorithms". AVISPA is one tool but there are others. Yet, none of them can detect all vulnerabilities. And once you say E(message, key), the tools assume your encryption function E() is secure. May be you want to use a tool like the one at cryptool.org. It is a lower level software test for cryptographic algorithms.
"An authenticated, secure, and mutable multiple‐session‐keys protocol based on elliptic curve cryptography and text‐to‐image encryption algorithm" for more information.