Keccak is a standard hashing algorithm that is used in cryptographic protocols as Pseudo Random Functions (PRF), as Pseudo Random Number Generator (PRNG), to check data integrity or to create a Hash-based Message Authentication Code (HMAC). In many cryptographic constructions, secret data is processed with hashing functions. In these cases, recovering the input given to the hashing algorithm allows retrieving secret data. In this paper, we investigate the application of Soft Analytical Side-Channel Attacks (SASCA), based on a Belief Propagation (BP) framework, to recover the input of SHA-3 instances. Thanks to a simulation framework, we extend existing work on the Keccak-f permutation function by developing a comprehensive study of the attacker's recovery capacity depending on the hash function variant. Then, we study the security implications of SASCA on cryptosystems performing multiple calls to hashing functions with inputs derived from the same secret data. We show that such constructions can be exploited efficiently by an attacker and show typical use-cases by targeting Kyber's encryption routine and Dilithium's signing routine. We also show that increasing Kyber's security parameters implies weaker security against SASCA. Finally, our study gives insights about the minimal bit-level classification accuracy required for successful SASCA on Keccak.