8 handicap · Karachi Golf Club
Golf
Five years in and hooked. Golf rewards discipline, patience, and consistency — and honestly, some of my best ideas show up halfway down the back nine.
Offensive security · building products
Hamza.
Ahmad
Penetration Tester/Security Engineer/Builder
I build security products, AI systems, and software I actually want to use myself.
18 · Karachi ⇄ Dubai · EN / UR
Who I am
About
I’m Hamza — an 18-year-old penetration tester and builder, working between Karachi and Dubai.
I work in offensive security with Rewterz and SIRP, and spend the rest of my time building systems at the intersection of security, AI, automation, and everyday life.
It started with crypto in my early teens, turned into years of breaking web apps and learning how software fails — and somewhere along the way I realized I love building as much as hacking.
Almost everything I make started the same way: I wanted a better tool for myself, so I built it. Long term, I want to build products people genuinely rely on.
“I’d rather ship something imperfect, learn from real usage, and iterate fast than chase theoretical perfection for years.”
HA.
- Age
- 18
- Based
- Karachi ⇄ Dubai
- Focus
- Offensive security + AI
- Languages
- English · Urdu
Currently
- →Hunting bugs & pentesting web apps
- →Building OmniScan, HPA & Operon
- →Researching algorithmic trading
18
years old
8
golf handicap
15+
countries
4
products in flight
Selected work
The Builds
AI Security PlatformBuilding
OmniScan
An AI-powered web-application vulnerability scanner. Point it at a target you’re authorized to test, and an AI-driven engine crawls the app, plans attacks, runs dozens of checks through specialist agents, validates findings to kill false positives, and ships professional reports with compliance mapping.
PythonFastAPIReactPostgreSQLAI
Enterprise OSBuilding
Operon
A multi-tenant Enterprise Operating System — one platform for what companies usually juggle across a dozen tools: identity, HR, payroll, attendance, IT assets, tickets, documents, workflows, and analytics.
PythonFastAPIReactTypeScriptPostgreSQLRedis
Quant · Algorithmic TradingPrivate
Adaptive Futures Bot
A multi-agent trading system for crypto perpetual futures — an 8-stage pipeline reads market regime and sentiment, selects a strategy, and enforces strict risk management, backed by a vectorized backtester and a live dashboard.
PythonpandasccxtStreamlit
Offensive security
Security Research
Beyond building, I hunt. I test real-world targets for the flaws that only surface when you think adversarially — then bring that attacker’s mindset into everything I ship.
Offensive security with Rewterz & SIRP. Client work stays confidential.
Web app pentestingBroken authenticationAccess control / IDORBusiness logicBot-defense bypassAPI security
Beyond the screen
Off the Clock
01
Striker · weekends
Soccer
Soccer and futsal, recreationally, usually up top. Weekend games are how I get off the screens, compete, and reset.
Afro House · Melodic Techno
DJ
I spin for friends and family. It’s all about the storytelling — track selection, transitions, atmosphere.
MassanoArgyAnyma
15+ countries
Travel & Faith
Been across North America, Europe, the Middle East, and Asia. Off the clock: gaming, crypto markets, new music — and time in Madinah whenever I can. Faith keeps me grounded.
Off the record
Fun Facts
01
Got into crypto at 15 — that rabbit hole led to everything.
02
Built a personal AI operating system before I built this portfolio.
03
I think in agents, workflows, and validation pipelines.
04
Best ideas tend to happen walking a golf course.
05
Almost everything I build started as “why doesn’t this tool exist yet?”