Arshad Kazmi
Berlin · Built solo

Hi, I'm Arshad.
I ship, hunt & write code.

I run a tiny SaaS suite under i*.today, hunt bugs as @codermak, and write software at Smartly.io. I do all three because I haven't figured out which one I love more.

Indie hacker Bug bounty hunter SWE @ Smartly.io 📍 Berlin 🇩🇪
iChat.today
Browser agent · App

An autonomous AI agent for your browser — give it a goal and it works the web for you, on your own AI CLI.

iScan.today
Secret scanner · App

Catch leaked secrets across GitHub, GitLab, NPM, Docker Hub and more. Built for bug bounty hunters.

iSpy.today
Real-time monitor · App

Real-time GitHub leak monitor. Pings me the moment a token is published in public.

iSsl.today
Domain alerts · App

SSL expiry + subdomain takeover alerts on autopilot, straight into Slack and Discord.

iLink.today
Encrypted notes · App

E2E-encrypted self-destruct links. The Privnote replacement I actually trust to read my own code.

GhRev.com
AI PR copilot · App

Chrome extension that gives your AI CLI a seat in every GitHub PR — reviews, diagrams, chat.

iBlockBots.today
Bot blocker · App

Auto-detects and blocks AI reply-farming bots on X/Twitter, entirely in your browser.

iWatchr.iscan.today
Token verifier · App

Paste any GitHub access token and instantly see exactly what it unlocks.

iFound.today
Product discovery · App

A full-screen feed of indie products. No rankings, no algorithm — just swipe to find tools built by real makers.

iReel.today
Readme to video · App

Paste your Markdown or README and get an AI-generated, narrated explainer video in seconds. Built for developers.

currency-symbols
Python · Open source

Tiny PyPI lib — ISO currency codes to symbols.

first-issues
Python · Open source

Twitter bot tweeting good-first-issues for new OSS contributors.

ak-cli
Shell · Open source

Personal collection of CLI shortcuts I use every day.

strix-claude-code
Python · Open source

An AI pentest agent that lives inside Claude Code.

github-scanner-local
Shell · Open source

Local-only secret scanner for any GitHub org's repos.

squash
JavaScript · Open source

Save command chains under a single shortcut name.

deep-code
Python · Open source

Claude Code-style agent powered by the Deepseek API.

flip-remote
JavaScript · Open source

Toggle git remote between HTTPS and SSH instantly.

tokens-analyze
Shell · Open source

Analyze leaked API tokens; figure out what each one unlocks.

termi
HTML · Open source

Chat with Cursor Agent CLI running on your server, from anywhere.

ifindproduct
JavaScript · Open source

The open-source repo behind iFound.today's indie product feed.

iChat.today
Browser agent · App

An autonomous AI agent for your browser — give it a goal and it works the web for you, on your own AI CLI.

iScan.today
Secret scanner · App

Catch leaked secrets across GitHub, GitLab, NPM, Docker Hub and more. Built for bug bounty hunters.

iSpy.today
Real-time monitor · App

Real-time GitHub leak monitor. Pings me the moment a token is published in public.

iSsl.today
Domain alerts · App

SSL expiry + subdomain takeover alerts on autopilot, straight into Slack and Discord.

iLink.today
Encrypted notes · App

E2E-encrypted self-destruct links. The Privnote replacement I actually trust to read my own code.

GhRev.com
AI PR copilot · App

Chrome extension that gives your AI CLI a seat in every GitHub PR — reviews, diagrams, chat.

iBlockBots.today
Bot blocker · App

Auto-detects and blocks AI reply-farming bots on X/Twitter, entirely in your browser.

iWatchr.iscan.today
Token verifier · App

Paste any GitHub access token and instantly see exactly what it unlocks.

iFound.today
Product discovery · App

A full-screen feed of indie products. No rankings, no algorithm — just swipe to find tools built by real makers.

iReel.today
Readme to video · App

Paste your Markdown or README and get an AI-generated, narrated explainer video in seconds. Built for developers.

currency-symbols
Python · Open source

Tiny PyPI lib — ISO currency codes to symbols.

first-issues
Python · Open source

Twitter bot tweeting good-first-issues for new OSS contributors.

ak-cli
Shell · Open source

Personal collection of CLI shortcuts I use every day.

strix-claude-code
Python · Open source

An AI pentest agent that lives inside Claude Code.

github-scanner-local
Shell · Open source

Local-only secret scanner for any GitHub org's repos.

squash
JavaScript · Open source

Save command chains under a single shortcut name.

deep-code
Python · Open source

Claude Code-style agent powered by the Deepseek API.

flip-remote
JavaScript · Open source

Toggle git remote between HTTPS and SSH instantly.

tokens-analyze
Shell · Open source

Analyze leaked API tokens; figure out what each one unlocks.

termi
HTML · Open source

Chat with Cursor Agent CLI running on your server, from anywhere.

ifindproduct
JavaScript · Open source

The open-source repo behind iFound.today's indie product feed.

Three things, in parallel.

A snapshot of where my hours go.

🚀
Indie · evenings & weekends
Shipping the i*.today suite
10 apps live, more in the oven. Each one started as a tool I needed myself — a secret scanner, an SSL alarm, a self-destruct link. I keep shipping because I keep running into problems with no good answer.
🐛
Hunting · as @codermak
Bug bounty across all four platforms
Active on HackerOne, Bugcrowd, Intigriti, and YesWeHack. The hunting feeds the apps — iScan, iSpy and iSsl all exist because I needed them while hunting.
💼
Day job · since 2024
Software engineer at Smartly.io
Building the platform that powers paid social for the world's biggest brands. Berlin office, distributed team.

Things I've shipped.

All 15 — what's live in production and what's been retired.

01 iChat.today Browser agent An autonomous AI agent for your browser — give it a goal and it works the web for you, on your own AI CLI. LIVE
02 iScan.today Secret scanner Catch leaked secrets across GitHub, GitLab, NPM, Docker Hub and more. Built for bug bounty hunters. LIVE
03 iSpy.today Real-time monitor Real-time GitHub leak monitor. Pings me the moment a token is published in public. LIVE
04 iSsl.today Domain alerts SSL expiry + subdomain takeover alerts on autopilot, straight into Slack and Discord. LIVE
05 iLink.today Encrypted notes E2E-encrypted self-destruct links. The Privnote replacement I actually trust to read my own code. LIVE
06 GhRev.com AI PR copilot Chrome extension that gives your AI CLI a seat in every GitHub PR — reviews, diagrams, chat. LIVE
07 iBlockBots.today Bot blocker Auto-detects and blocks AI reply-farming bots on X/Twitter, entirely in your browser. LIVE
08 iWatchr.iscan.today Token verifier Paste any GitHub access token and instantly see exactly what it unlocks. LIVE
09 iFound.today OSS ↗ Product discovery A full-screen feed of indie products. No rankings, no algorithm — just swipe to find tools built by real makers. LIVE
10 iReel.today Readme to video Paste your Markdown or README and get an AI-generated, narrated explainer video in seconds. Built for developers. LIVE
11 iMrr.today MRR leaderboard Free MRR leaderboard for indie SaaS and small businesses. Ran for a year before retiring it. RETIRED
12 iWebhook.today Webhook mocker Mock and test payment webhooks in seconds — locally or against a public URL. RETIRED
13 iFindIdea.today Idea engine An idea engine that turned your X feed into indie-app ideas via your own AI key. RETIRED
14 iPing.today Order alerts Instant order notifications for small online stores. RETIRED
15 iBarter.today Indie community A community for indie hackers — collaboration over isolation. RETIRED

Hunting as @codermak

Same handle, every platform. Click any card for the live profile — that's where my latest reports, reputation and rankings live (no stale numbers here).

Open source.

A few of the 327 repos I've made public. Most are tiny on purpose.

01 currency-symbols Python Tiny PyPI lib — ISO currency codes to symbols. /mo
02 first-issues Python Twitter bot tweeting good-first-issues for new OSS contributors.
03 ak-cli Shell Personal collection of CLI shortcuts I use every day.
04 strix-claude-code Python An AI pentest agent that lives inside Claude Code.
05 github-scanner-local Shell Local-only secret scanner for any GitHub org's repos.
06 squash JavaScript Save command chains under a single shortcut name.
07 deep-code Python Claude Code-style agent powered by the Deepseek API.
08 flip-remote JavaScript Toggle git remote between HTTPS and SSH instantly.
09 tokens-analyze Shell Analyze leaked API tokens; figure out what each one unlocks.
10 termi HTML Chat with Cursor Agent CLI running on your server, from anywhere.
11 ifindproduct JavaScript The open-source repo behind iFound.today's indie product feed.
See all 327 repos on GitHub

Why I build.

I write code for a living, then go home and write more code for fun. It looks unhealthy on paper. It feels like the opposite from the inside.

The day job at Smartly.io is where I get to do serious engineering — big systems, real users, careful trade-offs. The nights and weekends go into the i*.today suite: small, opinionated tools, each born from a problem I had myself. A secret I almost missed. An SSL cert that expired silently. A Privnote link I didn't fully trust.

And then there's the bug bounty side. @codermak is the handle I hunt under, and it's the part of my life that closes the loop: tools I build for hunting end up shipped as products, and bugs I find in the wild surface ideas for tools that don't exist yet.

It all sort of feeds itself. The apps make me a better hunter. The hunting makes me a sharper engineer. The engineering teaches me how to ship faster.

If you're building something cool, hunting something tricky, or hiring for something interesting — DM me on X or drop an email. I read everything.

— Arshad