[wnewman]

There exist test suites which look for some typical problems. The http://en.wikipedia.org/wiki/Diehard_tests were well-known long ago when I last thought seriously about randomness, and a few minutes with wikipedia told me about http://www.phy.duke.edu/~rgb/General/dieharder.php too. But your dream of software that can truly automatically "tell you if the output is random-looking enough [for crypto]" is deep unrealistic, akin to the deep confusedness sometimes exhibited by business majors dreaming up copy protection features. Merely defining the notion of "random enough for crypto" is a cornucopia of interesting technical problems, and the useful definitions naturally tend to involve the boundaries of complexity classes and thus a bunch of open conjectures, and it gets worse from there. (Things like: Even if you could prove the conjecture that this complexity class is good enough, how are you going to test for nonmembership in it faster than your adversary can break it? Most people are not very interested in crypto which can be broken by an adversary in a month of CPU time, and most people are not interested in tests that take a month of CPU time to run.)