GLITCHICONS

◈ SUB-FACTION: GLITCHICONS ◈ DECEPTICONS SIEGE DIVISION ◈ v0.6.0

GLITCHICONS

// AI-POWERED SIEGE & EXPLOIT SYNTHESIS ENGINE //

Open-source offensive fuzzing toolkit engineered for security researchers, bug bounty hunters, and red team operators. Powered by LLM-driven mutation intelligence.

Where others probe, we siege. · Where others test, we break.

⬡ DEPLOY ON GITHUB › VIEW CAPABILITIES

0Vulnerabilities Found

AILLM Mutation Engine

0Web Modules

14CLI Commands

MITOpen License

SCROLL

PROTOCOL

FORGED FOR
SIEGE

Glitchicons is the Decepticons' siege weapon: engineered to assault, destabilize, and breach any system. Not recon. Not surveillance. Pure offensive strike.

SYS 01Intelligent Mutation. LLM-driven fuzzing generates semantically valid but malformed inputs — not random noise, but surgical precision.
SYS 02Adaptive Learning. Crash feedback loops teach the engine which paths yield vulnerabilities, compounding efficiency over time.
SYS 03Open Force. MIT-licensed, community-forged, designed for bug bounty hunters, pentesters, and security researchers worldwide.
SYS 04Deceptive Efficiency. What takes a human 40 hours of manual fuzzing, Glitchicons sieges in minutes — AI-powered breach prediction, wall by wall.

SIEGE MODULES

SIEGE
CAPABILITIES

9 siege modules across binary, web, and protocol attack surfaces. Each targets a different wall. None stops until the system falls.

RECON ENGINE

Full automated recon pipeline — subdomain enumeration, HTTP probing, URL crawling, DNS intelligence. Passive and active modes. Zero manual steps.

subfinderhttpxkatana

VULNERABILITY SCANNER

12,958 nuclei templates across 5 scan profiles. Detects CVEs, exposed panels, misconfigurations, and SSL/TLS weaknesses at scale.

nuclei v3.812,958 tmplCVE detect

AUTH ATTACK SUITE

JWT algorithm confusion, OAuth state bypass, redirect_uri hijack, session fixation and cookie entropy analysis. All automated.

JWTOAuthSession

INJECTION SUITE

XSS (reflected/stored/DOM), SQL injection (error + time-based blind), SSRF (cloud metadata), SSTI (Jinja2/Twig), XXE — all in one suite.

XSSSQLiSSRF/SSTI/XXE

BUSINESS LOGIC

IDOR fuzzing (sequential + mass assignment), price manipulation (negative/overflow/discount), race condition with concurrent thread analysis.

IDORPrice ManipRace Cond

LLM MUTATION ENGINE

LLMs analyze source code context and generate precision attack inputs — not random noise, but surgical adversarial payloads per target.

Claude APIQwen2.5RAG Pipeline

AFL++ FUZZING

AI-seeded binary fuzzer at 300,000 exec/sec. GDB + LLM crash triage delivers CVE-style reports in under 30 seconds per finding.

AFL++GDB + LLMASAN

BRUTE FORCE

CSRF-aware brute force with lockout and rate-limit detection. Zero-delay stress mode. Full Tor routing. Proven on 70K-user live platform.

CSRF-awareTorRate analysis

AUTO REPORT GEN

CVSS v3.1 scored reports. Executive summaries for non-technical stakeholders. HackerOne, Bugcrowd, and internal pentest formats.

CVSS v3.1MarkdownLLM Narration

ENGINEERING

TECH
STACK

Python 3

ORCHESTRATION LAYER

Core engine, LLM integration, CLI (14 commands), web modules, reporting

Go 1.22

WEB OFFENSIVE LAYER

subfinder v2.14 · httpx v1.9 · nuclei v3.8 (12,958 templates) · katana

C / C++

HARNESS LAYER

AFL++ harnesses, libFuzzer targets, sanitizer integration (ASAN/MSAN)

LLM API

INTELLIGENCE LAYER

Claude API · Qwen2.5-Coder (local) — mutation, analysis, payload gen

SIEGE ARCHITECTURE

SIEGE
ARCHITECTURE

SOURCE CODE

Static Analysis

→

BINARY TARGET

Dynamic Analysis

→

NETWORK PROTO

Protocol Spec

↓

GLITCHICONS SIEGE CORE

SIEGE ORCHESTRATION + RAG INTEL

↓

MUTATION ENGINE

AI-Seeded AFL++

→

CRASH COLLECTOR

ASAN + GDB

→

TRIAGE AI

Severity + Dedup

↓

CVE REPORT

Auto-Generated

→

COVERAGE MAP

D3 Visualization

→

BOUNTY READY

HackerOne / Bugcrowd

OPEN SOURCE

JOIN THE
SIEGE

Glitchicons is community-forged. Every contributor strengthens the collective intelligence.

Fork the repositoryStar + Fork on GitHub. Read CONTRIBUTING.md before submitting PRs.

Pick your moduleIssues labeled good-first-issue are a perfect entry point.

Submit a Pull RequestAll PRs reviewed within 72h. Passing CI + test coverage required.

Join our DiscordReal-time collaboration. Weekly research sessions and code reviews.

        # Clone the faction
        $ git clone https://github.com/ardanov96/glitchicons.git/glitchicons/glitchicons
        $ cd glitchicons
         
        # Install dependencies
        $ pip install -r requirements.txt
        $ cargo build --release
         
        # Configure LLM key
        $ cp .env.example .env && vim .env
         
        # Launch the engine
        $ glitchicons recon target.com --mode passive
        [⬡] 20+ subdomains — DMARC p=none detected
        $ glitchicons scan https://target.com --profile deep
        $ glitchicons fuzz --target ./binary --mode ai
        [⬡] GLITCHICONS v0.6.0 — 15 MODULES ONLINE — BREACH COMMENCING
      

CONTRIBUTOR RANKS

RECRUIT OPERATIVE COMMANDER WARLORD

SERVICES

DEPLOY
GLITCHICONS

Built to be used — not just starred. Available as an open-source toolkit and as a professional AI-powered penetration testing service.

◈ PROFESSIONAL SERVICE

AI-Powered Pentest
for Startups & Fintech

You need a security assessment that goes beyond a checklist. Glitchicons runs AI-driven fuzzing to surface vulnerabilities that conventional scanners miss — delivering reports your engineering team can act on immediately.

18Findings Found

15Web Modules

⬡ DISCUSS YOUR NEEDS › VIEW SAMPLE REPORT

SERVICE PACKAGES

BASIC ASSESSMENT POPULAR

1 web app / API · fuzzing + manual review · PDF report

$300–500/ ~5 working days

DEEP SIEGE RECOMMENDED

Full stack · API + backend + infra · AI fuzzing + exploit PoC

$750–1,200/ ~10 working days

MONTHLY RETAINER

Ongoing scans, patch review, on-call security advisory

$500–920/ month · min. 3 months

⬡ REQUEST A QUOTE

🎓

FOR SECURITY RESEARCHERS

WORKSHOP & TRAINING

Learn AI-powered fuzzing directly from the engineer who built it. Intensive workshop from setup to your first CVE — online & in-person.

$30–120 / attendee · Schedule: TBA

› GET NOTIFIED

⬡

FOR CONTRIBUTORS

OPEN SOURCE · MIT LICENSE

Free for individuals and research. Fork, extend, and contribute. Commercial license available for enterprise use and CI/CD pipeline integration.

Free for research · Enterprise: $120–300 / seat / yr

⬡ VIEW ON GITHUB

FORGED FORSIEGE

SIEGECAPABILITIES

TECHSTACK

SIEGEARCHITECTURE

JOIN THESIEGE

DEPLOYGLITCHICONS

AI-Powered Pentestfor Startups & Fintech