An autonomous AI security research platform built in Iraq to discover, validate, and report real-world vulnerabilities.
IQ AI combines frontier AI models, offensive security reasoning, and bug bounty expertise to hunt vulnerabilities across modern web applications, APIs, and complex attack surfaces.
IQ AI has assisted in identifying vulnerabilities through authorized bug bounty and responsible disclosure programs involving major global technology and enterprise targets.
Logos are shown in monochrome for visual consistency; brands without an available vector mark appear as wordmarks.
Company names and logos are used only to reference public security research outcomes and do not imply partnership, sponsorship, or endorsement.
Confirmed findings escalated through coordinated, responsible disclosure — each with public references.
IQ AI identified an access-control weakness affecting Revive Adserver, where low-privileged users could create inconsistent ownership relationships when linking banners or campaigns to zones.
IQ AI identified an access-control weakness affecting Revive Adserver, where low-privileged users could link trackers to campaigns owned by other managers on the same instance.
A pipeline of specialized AI agents that map, reason, validate, and report — with human oversight at every step.
IQ AI maps targets, discovers assets, understands application behavior, and builds a security-focused model of the attack surface.
AI agents reason through business logic, access control, authentication flows, API behavior, and chained attack paths.
IQ AI focuses on reproducible proof, reducing noise and prioritizing findings that can be clearly demonstrated and responsibly reported.
Findings are transformed into structured reports with impact, reproduction steps, affected components, and remediation guidance.
IQ AI uses the strongest frontier models as part of its research workflow, combining model reasoning, security automation, and expert human review.
Model names are shown as part of the project’s AI stack and can be updated as the platform evolves.
From scope intake to structured disclosure.
Scope & target intake
Surface mapping
Attack-path logic
Reproducible proof
Structured disclosure
IQ AI is designed around verified findings, clear impact, and responsible disclosure. The goal is not to generate endless alerts, but to surface meaningful vulnerabilities with enough context for security teams to understand and fix them.
Every finding is anchored to a concrete, demonstrable security impact — not a theoretical possibility.
Reproduction steps are precise and self-contained, so security teams can confirm an issue in minutes.
Research follows authorized programs and coordinated disclosure, prioritizing safety for users and vendors.
A small team of Iraqi offensive-security researchers behind IQ AI’s agents, validation, and disclosure work.
Offensive security researcher leading IQ AI's agent design, vulnerability reasoning, and disclosure workflow.
Field notes, disclosures, and product updates from the IQ AI security team.
Get in touch
For research, collaboration, or media inquiries, contact the IQ AI team.
