Loading
Cybersecurity undergraduate and web developer based in Sri Lanka, passionate about penetration testing, VAPT, and ethical hacking.
Hey There!
Cybersecurity undergraduate & web developer based in Sri Lanka. Passionate about penetration testing, VAPT, CTF challenges, and ethical hacking.
Who Am I
Cybersecurity undergraduate with hands-on experience in VAPT, penetration testing, and web development. Active in the CTF community on HackTheBox and TryHackMe.
More About Me
My Services
Full-cycle web application and network penetration testing — from recon and exploitation through to detailed risk-rated remediation reports aligned with OWASP Top 10. Every engagement is fully manual, not just automated scans.
Full-stack PHP, MySQL, and JavaScript — with security baked in from the start. Clean, performant code with modern responsive design.
View Service DetailsComprehensive Vulnerability Assessment & Penetration Testing — CVSS-rated reports for both executive and technical audiences with clear remediation steps.
View Service DetailsActive on HackTheBox & TryHackMe — web exploitation, privilege escalation, reverse engineering, cryptography, and forensics.
View Service DetailsProfessional CVSS-rated reports for executives and technical teams — PoC evidence, clear remediation roadmaps, and re-test verification.
View Service DetailsSimulating real-world human-layer attacks — phishing campaigns, pretexting, and OSINT-driven reconnaissance to expose the weakest link in any organisation's security posture: its people.
Traffic analysis, firewall auditing, and network-layer attack simulation — identifying misconfigurations, open ports, and weak protocols before attackers do.
View Service DetailsWhether it's a pen test, a web build, or a full VAPT engagement — let's talk about securing your digital assets.
Projects
Full walkthroughs from foothold to root — enumeration, exploitation and post-exploitation documented in detail.
Capture The Flag solutions — web exploitation, cryptography, reversing and forensics.
Full-stack projects built security-first — responsive UIs and clean backends.
CVSS-rated vulnerability assessments — clear remediation reports for exec and technical teams.
Traffic analysis, firewall auditing and network-layer attack simulation.
Recon, phishing simulations and target profiling to expose the human layer.
Custom scripts and automation tools — from CTF solvers and recon pipelines to internal IT automation and security tooling.
Experience & Skills
Career Timeline
Timex Garments (PVT) Ltd. · Promoted from Staff Officer IT
Leading IT operations across the organisation — managing Active Directory, network infrastructure, servers, and security. Implemented new AD, File Server, Web Server, and Kaspersky Server environments. Developed an internal Inventory Management System.
MAS Intimates (PVT) Ltd. · via Eureka Technology Partners
On-site IT support for one of Sri Lanka's largest apparel manufacturers — troubleshooting hardware, software, and network issues across a large multi-department environment.
Commercial Bank (PVT) Ltd. · via Zeal (Pvt) Ltd
Technical support in a high-security banking environment — maintaining systems, resolving incidents, and ensuring uptime across branch operations with strict compliance standards.
Highlights
Academic Background
Esoft Metro Campus
Advanced program covering offensive and defensive cybersecurity, network security architecture, ethical hacking, digital forensics, and secure software development practices.
CICRA Campus
NVQ Level 5 qualification covering cybersecurity fundamentals, vulnerability assessment, network defence, and penetration testing methodologies.
CICRA Campus
NVQ Level 4 — Windows Server administration, Active Directory, network protocols, and enterprise infrastructure management.
CICRA Campus
Foundation certificate establishing core skills in ethical hacking, security testing, and vulnerability identification.
Certifications
Target Certs
Languages
Security Skills
Development & Infrastructure
Testimonials
Systems Engineer
The VAPT report was thorough, professional, and clearly written for both our technical and executive teams. Every finding was fixed within a week.
Senior Executive - IT
The VAPT report was thorough, professional, and clearly written for both our technical and executive teams. Every finding was fixed within a week.
Software Engineer
Nethra delivered an excellent web solution with strong attention to security. The site was clean, fast, and well-coded. Highly recommend!
Lead Software Engineer
The VAPT report was thorough, professional, and clearly written for both our technical and executive teams. Every finding was fixed within a week.
