Ajin Abraham is a Staff Security Engineer with 13+ years of hands-on experience building, breaking, and scaling security programs across mobile, web, and cloud-native environments. He blends applied security research with product security and runtime instrumentation, having driven large AppSec initiatives at Chime and developed cloud-native defenses at Trend Micro. Creator of widely adopted open-source tools such as Mobile Security Framework (MobSF) and OWASP Xenotix—both repeatedly recognized among top security tools—he routinely turns research into practical, production-ready tooling. His work spans offensive techniques (fuzzing, exploit development, reverse engineering) and defensive engineering (RASP, eBPF, CI/CD SAST/DAST orchestration), and he’s published at Black Hat, HITB, OWASP AppSec and more. Notably, he built a context-aware LLM SAST that outperformed generic scanners for business-logic and AuthZ/AuthN issues, demonstrating a knack for combining ML with deep code-aware security. Based in Vancouver, he continues to bridge open-source impact, enterprise security at scale, and provocative research that influences industry practices.
13 years of coding experience
14 years of employment as a software developer
Master of Business Administration (MBA) Information Security Management, Master of Business Administration (MBA) Information Security Management at University of Madras
Bachelor of Technology (BTech) Computer Science, Bachelor of Technology (BTech) Computer Science at Kannur University
+2 Higher Secondary Education, +2 Higher Secondary Education at Marygiri Senior Secondary School
OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
Role in this project:
Security Engineer
Contributions:1 release, 32 commits, 7 pushes in 6 years 10 months
Contributions summary:Ajin appears to be focused on security-related development and analysis, as indicated by the initial commit of a reverse HTTP webshell and subsequent commits related to WAF detection, various exploitation techniques, and information gathering tools. Contributions suggest a deep dive into XSS exploitation, alongside tools for victim detection, information gathering and creating various attack vectors. Further commits focus on a range of exploitation techniques demonstrating a solid understanding of web application security.
Contributions:29 commits, 1 PR, 9 pushes in 5 years 9 months
Contributions summary:Ajin appears to be the primary developer of a Python-based keylogger for Windows. Their commits focus on the core functionality of the keylogger, including capturing keystrokes, storing logs locally, and transmitting them via Google Forms, email, and FTP. The user has made updates to the keylogger's features and added functionality for sending logs using multiple protocols.
pythonwindowskeyloggerpython3keylogger-python
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.