Haroon Ahmad Awan

World's first Artificial Intelligence (XSS) Cross Site Scripting powered by Machine Learning with extreme fine-tuning designed to detect Reflected, Stored, DOM, and Blind (XSS) vulnerabilities in servers/apps at RFC design, forms, crawls, and through advanced AI techniques with deep and reinforcement learning, (NLP) and automatic payload generation

Art of XSS – The Reinforcement

AISA-Scanner is an AI-powered autonomous vulnerability scanner that maps CVEs to metasploit exploits, MITRE, CEH, and SANS, delivering intelligent, real-time risk reports.

Pentest AI utilizes machine learning to fully automate penetration testing and exploitation for assessing port, web, and application security. It creates maps of identified CVEs, maps them into Metasploit payloads, and automatically deploys them. The system learns from responses to enable highly precised successful attacks, provides detailed report

A framework that exploits core network of Palo Alto/Cisco/Juniper to achieve total compromise and dominance even across routers, VLAN firewalls, switches, and air-gapped environments.

Config files for my GitHub profile.

Active Directory / Domain Controller - Test and do R&D کنٹرول فریم ورک

Detect, Divide, and Conquer Canary

A tool designed to bypass encryption protocols and advanced AI-based firewalls to accomplish critical SSH redirection

FlameMaster Pro is an all-in-one, multi-platform malware and security analysis tool that performs deep static and dynamic inspection across binaries, mobile apps, documents, and network captures.

Detects ALL Pegasus Variants • ANY Device • AI-Powered • Outsmarts Israeli Pegasus Spyware - Android and iPhone supported jailbroken or standard driven by next-level algorithms

A collection of proof-of-concept tools to explore and test IPv6 vulnerabilities.

AI-Powered 0-Day Discovery Modular Fuzzer for Safari, Chrome, and Firefox

AI-powered fuzzer that automates zero-day discovery, protocol fuzzing, binary analysis, and exploit generation for R&D for extreme coverage-guided fuzzing, binary disassembly, and protocol-aware testing

Blockchain Intelligence: Project Silent Storm is a professional blockchain security assessment platform designed for authorized security testing, vulnerability discovery, and posture evaluation across blockchain ecosystems within on chain or off chain

A comprehensive Python tool for extracting secrets, metadata, and sensitive data from ALL file types.

When Hping and Nmap fail miserably, especially in advanced AI/ML IPS, IDS, NDS environment. Use this tool to play with TCP/IP and AI/ML FWs and get 100% response

AI‑powered Web Exploit Engine + C2 Framework - Athena for 0-Day Fuzzer for modern apps, web, endpoints, api

XSSInspector can defeat any WAF in the world with its AI and 96 filter set. This open-source solution simplifies XSS vulnerability identification and mitigation, serving as a valuable asset for security experts and developers.

When your job can't be done by Burp, AFL, Peach, BooFuzz, Classic Fuzzers. Enjoy AI Powered Session Aware Fuzzer (Protocols, Encryptions, Binaries)

AI-Powered CVE-2024-38063 0-Day Discovery Fuzzer

AI-powered 0-day Various Cross Site Fuzzer for discovering known to unknown injection and mutations across modern Apps, APIs, and Endpoints.

AI-Powered Multi Request Forgeries Fuzzer for 0-Day Discovery in Modern Dynamic Web/Endpoint/Apps

Archer: Server-aware, WAF-aware, lightning-fast XSS hunter, zero false noise.

An advanced MAC-based wireless/network monitoring, featuring stealthy pentesting, intelligent camouflage techniques, and monitoring the presence of IDS, IPS, and alert systems.

AI‑Powered Multi Command Injection Fuzzer for 0 Day Discovery in Modern Dynamic Web/Endpoint/Apps

AI-Powered Multi-STI Turbo Charged Fuzzer for 0 Day Discovery in Modern Dynamic Web/Endpoint/Apps

AI-Powered Fuzzer for XXE 0 Day Discovery

AI-Powered Authentication Fuzzer

AI-Powered Race Condition Fuzzer for 0-Day Discovery