CVE-2025-30065//Apache Parquet · Remote Code Execution · CVSS 10.0
$4.88M//Global average cost of a data breach in 2024 — IBM Security
CVE-2024-3400//Palo Alto PAN-OS · Unauthenticated RCE via cmd injection · CVSS 10.0
280 DAYS//Average time to detect & contain a breach without an IR team
CVE-2024-6387//OpenSSH regreSSHion · Unauthenticated RCE · CVSS 8.1
83%//of organizations experienced more than one breach — Verizon DBIR 2024
CVE-2024-23897//Jenkins arbitrary file read → RCE · CVSS 9.8
RED TEAM//Adversarial simulation finds 3× more critical flaws than automated scans
CVE-2025-30065//Apache Parquet · Remote Code Execution · CVSS 10.0
$4.88M//Global average cost of a data breach in 2024 — IBM Security
CVE-2024-3400//Palo Alto PAN-OS · Unauthenticated RCE via cmd injection · CVSS 10.0
280 DAYS//Average time to detect & contain a breach without an IR team
CVE-2024-6387//OpenSSH regreSSHion · Unauthenticated RCE · CVSS 8.1
83%//of organizations experienced more than one breach — Verizon DBIR 2024
CVE-2024-23897//Jenkins arbitrary file read → RCE · CVSS 9.8
RED TEAM//Adversarial simulation finds 3× more critical flaws than automated scans
AI-AUGMENTED APPSEC RESEARCH PLATFORM

NULLAI
LAB

An open research platform at the intersection of application security, adversarial tooling, and large language models — built to explore what happens when a fine-tuned AI joins the pentest pipeline.

// from idea to scale → automated, secured, delivered

OWASP Top 10 LoRA Fine-tuned LLM CVSS 3.1 Auto-scoring Custom Nuclei Templates OOB DNS/HTTP Detection Burp Suite Extension
nullai_lab / life.py
from life import Creativity   class Life(Creativity): def __init__(self): self.role = "AppSec Consultant & Researcher" self.years = 11 self.focus = ["Web", "API", "AI-Augmented Triage"] self.status = "Accepting engagements"   @property def current_projects(self): return { "building" : "NullAI Lab v2 — LoRA LLM + Burp", "finished" : "NullAI Scanner V2.1 — CVSS 3.1", "next" : "BSCP (PortSwigger) — Q2 2026", }   @property def tagline(self): return "From idea to scale →" "automated, secured, delivered"
11
Years AppSec
// Web · API · Backend · DevSecOps
~8K
LOC — Active Build
// Open research · NullAI Lab v3.0
10+
Vuln Classes
// OWASP Top 10 · CVSS 3.1 · OOB detection
LoRA
AI Triage Engine
// Fine-tuned LLM · AppSec-specific · Active
01 — ABOUT THE LAB

What NullAI Lab Does

An AI-augmented AppSec research platform — combining 11 years of adversarial expertise with a LoRA fine-tuned LLM to deliver faster, more precise security assessments for web applications, APIs, and cloud infrastructure.

THE APPROACH
Adversarial Thinking at Scale
Most breaches don't succeed because attackers are sophisticated — they succeed because developers and security teams operate in separate worlds. NullAI Lab bridges that gap: a LoRA fine-tuned LLM layered over a custom scanner that classifies findings, scores payloads, fingerprints WAF behavior, and delivers confirmed, high-impact vulnerabilities — not noise.
Python · ~8K LOCAsync HTTPBurp ExtensionNuclei Templates
ADVISORY SERVICES
Security Engagements
Web & API Penetration Testing
OWASP Top 10 · CVSS 3.1 · Full PoC reports
AI-Augmented Vulnerability Triage
LoRA fine-tuned LLM · False-positive reduction
Secure Architecture Review
DevSecOps · CI/CD security gates · IAM audits
Pre-Launch Security Assessment
Catch critical flaws before go-live — not after
Accepting security engagements
Technical ArsenalCLICK SKILLS TO MATCH →
// INDUSTRY EXPERIENCE
zsh — nullai@kali: ~ — 148×42
"Pre-launch testing costs 4× less than post-breach remediation"
Founder — LinkedIn ↗nullai.lab
02 — EXPLOIT LAB

Interactive Simulator

Fire real-crafted HTTP requests. Watch the NullAI hologram agent scan the target for 10 seconds. Receive a confirmed vulnerability with full impact analysis.

NullAI Lab — Exploit Simulator v2.1
AGENT READY
Attack Vectors
Raw Request
Response
Vuln Info
IDLESTATUS
MODULE
0PACKETS
LATENCY
VULN CLASS
CVSS
CHECKINGWAF
ACTIVENULLAI
NULLAI AGENT — INITIALIZING
0%
03 — ROADMAP

Lab Evolution

Every version of NullAI Lab is a deliberate step — from raw scanner to an intelligent, AI-augmented security research platform.

04 — RESEARCH

Insights & Findings

Original research at the intersection of application security, adversarial thinking, and AI-augmented analysis.